diff --git a/charts/jumpserver/README.md b/charts/jumpserver/README.md index 30ccd63..59a5dd6 100644 --- a/charts/jumpserver/README.md +++ b/charts/jumpserver/README.md @@ -25,11 +25,14 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts ### 总览 +`global.imageRegistry` 和 `global.imageOwner` 用于指定镜像仓库地址和用户名,如果使用私有仓库,还需要需要设置 `global.imagePullSecrets` 参数,用于指定私有仓库认证凭据。 + | 参数 | 描述 | 默认值 | | ------------------------- | ------------------ | ----------- | | `nameOveride` | name override | `nil` | | `fullNameOveride` | full name override | `nil` | | `global.imageRegistry` | 仓库地址 | `docker.io` | +| `global.imageOwner` | 仓库用户名 | `jumpserver` | | `global.imagePullSecrets` | 私有仓库认证凭据 | `nil` | | `global.storageClass` | 存储 sc | `nil` | | `ingress.enabled` | 开启 ingress | `true` | @@ -44,6 +47,8 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts ### 必填 +如果 `global` 中的参数和其他组件中的参数同时存在,将优先使用 `global` 中的参数。 + | 参数 | 描述 | 默认值 | | ------------------------------ | ---------------------------------------------| ---------------------- | | `global.storageClass` | 持久化存储 | `nil` | @@ -59,13 +64,25 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts | `externalRedis.port` | redis 端口 | `6379` | | `externalRedis.password` | redis 密码 | `nil` | +### Redis Sentinel + +配置 `externalSentinel` 参数后,将优先使用 `Sentinel`,`Redis` 即使配置也不会使用。 +注意:`Sentinel` 密码和 `Redis` 密码需要分别设置。 + +| 参数 | 描述 | 默认值 | +| -------------------------------- | ---------------------------------------------| --------------------- | +| `externalSentinel.hosts` | Sentinel 地址池 | `nil` | +| `externalSentinel.password` | Sentinel 认证密码 | `6379` | +| `externalRedis.password` | redis 密码 | `nil` | +| `externalSentinel.socketTimeout` | Sentinel 超时时间,单位 秒(s) | `5` | + ### 其他 | 参数 | 描述 | 默认值 | | --------------------- | --------------------------------------------------------- | ------- | | `log.level` | 日志等级 | `INFO` | | `replicaCount` | 副本数量 | `1` | -| `persistence` | 持久化存储相关设置 | `nil` | +| `persistence` | 持久化存储相关设置 | `nil` | 在 `helm install` 时通过 `--set key=value[,key=value]` 指定参数. 举例: diff --git a/charts/jumpserver/templates/_helpers.tpl b/charts/jumpserver/templates/_helpers.tpl index 248e0d8..2b31e80 100644 --- a/charts/jumpserver/templates/_helpers.tpl +++ b/charts/jumpserver/templates/_helpers.tpl @@ -88,6 +88,28 @@ Define JumpServer database. {{- .Values.externalDatabase.database -}} {{- end -}} +{{/* +Define JumpServer sentinel. +*/}} + +{{- define "jumpserver.sentinel.hosts" -}} +{{- if .Values.externalSentinel.hosts -}} +{{- .Values.externalSentinel.hosts -}} +{{- end -}} +{{- end -}} + +{{- define "jumpserver.sentinel.password" -}} +{{- if .Values.externalSentinel.password -}} +{{- .Values.externalSentinel.password -}} +{{- end -}} +{{- end -}} + +{{- define "jumpserver.sentinel.socketTimeout" -}} +{{- if .Values.externalSentinel.socketTimeout -}} +{{- .Values.externalSentinel.socketTimeout -}} +{{- end -}} +{{- end -}} + {{/* Define JumpServer redis. */}} @@ -98,16 +120,22 @@ Define JumpServer redis. {{- end -}} {{- define "jumpserver.redis.host" -}} +{{- if .Values.externalRedis.host -}} {{- .Values.externalRedis.host -}} {{- end -}} +{{- end -}} {{- define "jumpserver.redis.port" -}} +{{- if .Values.externalRedis.port -}} {{- .Values.externalRedis.port -}} {{- end -}} +{{- end -}} {{- define "jumpserver.redis.password" -}} +{{- if .Values.externalRedis.password -}} {{- .Values.externalRedis.password -}} {{- end -}} +{{- end -}} {{/* Define JumpServer StorageClass. diff --git a/charts/jumpserver/templates/celery/deployment-celery.yaml b/charts/jumpserver/templates/celery/deployment-celery.yaml index ff48334..c577a98 100644 --- a/charts/jumpserver/templates/celery/deployment-celery.yaml +++ b/charts/jumpserver/templates/celery/deployment-celery.yaml @@ -3,14 +3,15 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-celery" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} {{- $mysqlPort := printf "%s" (include "jumpserver.magnus.mysql.port" $) }} {{- $mariadbPort := printf "%s" (include "jumpserver.magnus.mariadb.port" $) }} {{- $redisPort := printf "%s" (include "jumpserver.magnus.redis.port" $) }} {{- $postgresqlPort := printf "%s" (include "jumpserver.magnus.postgresql.port" $) }} {{- $oraclePorts := printf "%s" (include "jumpserver.magnus.oracle.ports" $) }} -{{- $imageName := $.Values.xpack.enabled | ternary "jumpserver/core-ee" "jumpserver/core-ce" }} +{{- $imageName := $.Values.xpack.enabled | ternary "core-ee" "core-ce" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -69,12 +70,30 @@ spec: value: {{ include "jumpserver.database.password" $ | quote }} - name: DB_NAME value: {{ include "jumpserver.database.database" $ | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} - name: MAGNUS_MYSQL_PORT value: {{ $mysqlPort | quote }} - name: MAGNUS_MARIADB_PORT diff --git a/charts/jumpserver/templates/chen/deployment-chen.yaml b/charts/jumpserver/templates/chen/deployment-chen.yaml index 28dcd58..a1fcda5 100644 --- a/charts/jumpserver/templates/chen/deployment-chen.yaml +++ b/charts/jumpserver/templates/chen/deployment-chen.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-chen" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/chen" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "chen" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -50,6 +51,30 @@ spec: value: {{ .config.log.level | quote }} - name: listening_port value: {{ .service.web.port | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} + - name: REDIS_HOST + value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} + - name: REDIS_PORT + value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} + - name: REDIS_PASSWORD + value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/core/deployment-core.yaml b/charts/jumpserver/templates/core/deployment-core.yaml index 63909f7..fce9c4f 100644 --- a/charts/jumpserver/templates/core/deployment-core.yaml +++ b/charts/jumpserver/templates/core/deployment-core.yaml @@ -3,14 +3,15 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-core" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} {{- $mysqlPort := printf "%s" (include "jumpserver.magnus.mysql.port" $) }} {{- $mariadbPort := printf "%s" (include "jumpserver.magnus.mariadb.port" $) }} {{- $redisPort := printf "%s" (include "jumpserver.magnus.redis.port" $) }} {{- $postgresqlPort := printf "%s" (include "jumpserver.magnus.postgresql.port" $) }} {{- $oraclePorts := printf "%s" (include "jumpserver.magnus.oracle.ports" $) }} -{{- $imageName := $.Values.xpack.enabled | ternary "jumpserver/core-ee" "jumpserver/core-ce" }} +{{- $imageName := $.Values.xpack.enabled | ternary "core-ee" "core-ce" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -72,12 +73,30 @@ spec: value: {{ include "jumpserver.database.password" $ | quote }} - name: DB_NAME value: {{ include "jumpserver.database.database" $ | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} - name: MAGNUS_MYSQL_PORT value: {{ $mysqlPort | quote }} - name: MAGNUS_MARIADB_PORT diff --git a/charts/jumpserver/templates/kael/deployment-kael.yaml b/charts/jumpserver/templates/kael/deployment-kael.yaml index 23e09b6..f922108 100644 --- a/charts/jumpserver/templates/kael/deployment-kael.yaml +++ b/charts/jumpserver/templates/kael/deployment-kael.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-kael" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/kael" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "kael" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -59,12 +60,30 @@ spec: value: {{ .service.web.port | quote }} - name: SHARE_ROOM_TYPE value: "redis" + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/koko/deployment-koko.yaml b/charts/jumpserver/templates/koko/deployment-koko.yaml index a061083..a8b990b 100644 --- a/charts/jumpserver/templates/koko/deployment-koko.yaml +++ b/charts/jumpserver/templates/koko/deployment-koko.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-koko" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/koko" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "koko" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -63,12 +64,30 @@ spec: value: "false" - name: SHARE_ROOM_TYPE value: "redis" + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/lion/deployment-lion.yaml b/charts/jumpserver/templates/lion/deployment-lion.yaml index 493b53d..247fc14 100644 --- a/charts/jumpserver/templates/lion/deployment-lion.yaml +++ b/charts/jumpserver/templates/lion/deployment-lion.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-lion" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/lion" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "lion" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -56,12 +57,30 @@ spec: value: {{ .service.web.port | quote }} - name: SHARE_ROOM_TYPE value: "redis" + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/magnus/deployment-magnus.yaml b/charts/jumpserver/templates/magnus/deployment-magnus.yaml index 180c11c..0d8fd13 100644 --- a/charts/jumpserver/templates/magnus/deployment-magnus.yaml +++ b/charts/jumpserver/templates/magnus/deployment-magnus.yaml @@ -3,6 +3,7 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-magnus" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} {{- $mysqlPort := printf "%s" (include "jumpserver.magnus.mysql.port" $) }} {{- $mariadbPort := printf "%s" (include "jumpserver.magnus.mariadb.port" $) }} {{- $redisPort := printf "%s" (include "jumpserver.magnus.redis.port" $) }} @@ -10,9 +11,9 @@ {{- $oraclePorts := printf "%s" (include "jumpserver.magnus.oracle.ports" $) }} {{- $oraclePortStart := printf "%s" (include "jumpserver.magnus.oracle.port.start" $) | int }} {{- $oraclePortEnd := printf "%s" (include "jumpserver.magnus.oracle.port.end" $) | int }} -{{- $imageName := "jumpserver/magnus" }} +{{- $imageName := "magnus" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -55,6 +56,32 @@ spec: value: {{ $.Values.core.config.bootstrapToken | quote }} - name: LOG_LEVEL value: {{ .config.log.level | quote }} + - name: SHARE_ROOM_TYPE + value: "redis" + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} + - name: REDIS_HOST + value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} + - name: REDIS_PORT + value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} + - name: REDIS_PASSWORD + value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} - name: MAGNUS_MYSQL_PORT value: {{ $mysqlPort | quote }} - name: MAGNUS_MARIADB_PORT diff --git a/charts/jumpserver/templates/pre-install-initdb.yaml b/charts/jumpserver/templates/pre-install-initdb.yaml index e481556..018cc83 100644 --- a/charts/jumpserver/templates/pre-install-initdb.yaml +++ b/charts/jumpserver/templates/pre-install-initdb.yaml @@ -2,9 +2,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-init-db" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := $.Values.xpack.enabled | ternary "jumpserver/core-ee" "jumpserver/core-ce" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := $.Values.xpack.enabled | ternary "core-ee" "core-ce" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: batch/v1 kind: Job @@ -57,15 +58,37 @@ spec: value: {{ include "jumpserver.database.password" $ | quote }} - name: DB_NAME value: {{ include "jumpserver.database.database" $ | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} - name: REDIS_HOST value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} - name: REDIS_PORT value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} {{- end }} restartPolicy: Never + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} diff --git a/charts/jumpserver/templates/razor/deployment-razor.yaml b/charts/jumpserver/templates/razor/deployment-razor.yaml index bc66667..1de9bcd 100644 --- a/charts/jumpserver/templates/razor/deployment-razor.yaml +++ b/charts/jumpserver/templates/razor/deployment-razor.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-razor" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/razor" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "razor" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -48,6 +49,30 @@ spec: value: {{ $.Values.core.config.bootstrapToken | quote }} - name: LOG_LEVEL value: {{ .config.log.level | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} + - name: REDIS_HOST + value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} + - name: REDIS_PORT + value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} + - name: REDIS_PASSWORD + value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/video/deployment-video.yaml b/charts/jumpserver/templates/video/deployment-video.yaml index 686ec3d..f1b4d04 100644 --- a/charts/jumpserver/templates/video/deployment-video.yaml +++ b/charts/jumpserver/templates/video/deployment-video.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-video" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/video" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "video" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -50,6 +51,32 @@ spec: value: {{ .config.log.level | quote }} - name: HTTPD_PORT value: {{ .service.web.port | quote }} + - name: SHARE_ROOM_TYPE + value: "redis" + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} + - name: REDIS_HOST + value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} + - name: REDIS_PORT + value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} + - name: REDIS_PASSWORD + value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/templates/web/deployment-nginx.yaml b/charts/jumpserver/templates/web/deployment-nginx.yaml index e2864e3..7d8a773 100644 --- a/charts/jumpserver/templates/web/deployment-nginx.yaml +++ b/charts/jumpserver/templates/web/deployment-nginx.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-web" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/web" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "web" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment diff --git a/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml b/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml index f610357..d6325c7 100644 --- a/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml +++ b/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml @@ -3,9 +3,10 @@ {{- $fullName := include "jumpserver.fullname" $ }} {{- $containerName := "jms-xrdp" }} {{- $registryName := $.Values.global.imageRegistry | default .image.registry }} -{{- $imageName := "jumpserver/xrdp" }} +{{- $imageOwner := $.Values.global.imageOwner | default "jumpserver" }} +{{- $imageName := "xrdp" }} {{- $imageTag := "v3.10.0" }} -{{- $imageWithTag := printf "%s/%s:%s" $registryName $imageName $imageTag | quote }} +{{- $imageWithTag := printf "%s/%s/%s:%s" $registryName $imageOwner $imageName $imageTag | quote }} apiVersion: apps/v1 kind: Deployment @@ -48,6 +49,30 @@ spec: value: {{ $.Values.core.config.bootstrapToken | quote }} - name: LOG_LEVEL value: {{ .config.log.level | quote }} + {{- if include "jumpserver.sentinel.hosts" $ }} + - name: REDIS_SENTINEL_HOSTS + value: {{ include "jumpserver.sentinel.hosts" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.password" $ }} + - name: REDIS_SENTINEL_PASSWORD + value: {{ include "jumpserver.sentinel.password" $ | quote }} + {{- end }} + {{- if include "jumpserver.sentinel.socketTimeout" $ }} + - name: REDIS_SENTINEL_SOCKET_TIMEOUT + value: {{ include "jumpserver.sentinel.socketTimeout" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.host" $ }} + - name: REDIS_HOST + value: {{ include "jumpserver.redis.host" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.port" $ }} + - name: REDIS_PORT + value: {{ include "jumpserver.redis.port" $ | quote }} + {{- end }} + {{- if include "jumpserver.redis.password" $ }} + - name: REDIS_PASSWORD + value: {{ include "jumpserver.redis.password" $ | quote }} + {{- end }} {{- range $key, $val := .env }} - name: {{ $key }} value: {{ $val | quote }} diff --git a/charts/jumpserver/values.yaml b/charts/jumpserver/values.yaml index a4e4634..30cb777 100644 --- a/charts/jumpserver/values.yaml +++ b/charts/jumpserver/values.yaml @@ -11,7 +11,8 @@ fullnameOverride: "" ## @param global.redis.password Global Redis™ password (overrides `auth.password`) ## global: - imageRegistry: "ghcr.io" + imageRegistry: ghcr.io + imageOwner: jumpserver ## E.g. # imagePullSecrets: # - myRegistryKeySecretName @@ -33,6 +34,13 @@ externalDatabase: ## Please configure your Redis server first ## Jumpserver will not start the external Redis server. ## +externalSentinel: {} + # hosts: mymaster/localhost:26379,localhost:26380,localhost:26381 + # password: "" + # socketTimeout: 5 + +## Sentinel or Redis one of them must be configured. + externalRedis: host: localhost port: 6379