blob: f44f05fa665c922af2627be8f51aacd56fab5b00 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
# Gitolite Helm Chart
Gitolite to be used in a kubernetes cluster
Hosting git repositories -- Gitolite allows you to setup git hosting on
a central server, with very fine-grained access control and many (many!) more
powerful features.
* http://gitolite.com
Using the docker image created by jgiannuzzi
* https://hub.docker.com/r/jgiannuzzi/gitolite/
## Chart Details
This chart will do the following:
* Installs gitolite with port 22 exposed
* Installs your public key as administrator
## Installing the Chart
To install the chart:
```bash
$ helm install --set SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" --set SSH_KEY_NAME="$(whoami)" gitolite
```
## Configuration
The following tables lists the configurable parameters of the chart and their default values.
| Parameter | Description | Default |
| -------------------------- | ------------------------------------ | ---------------------------------------------------------------------------- |
| `SSH_KEY` | Public key of admin | `` |
| `SSH_KEY_NAME` | Admin user name | `admin` |
| `Name` | Name | `gitolite` |
| `Image` | Image name | `jgiannuzzi/gitolite` |
| `ImageTag` | Image tag | `latest` |
| `ImagePullPolicy` | Image pull policy | `IfNotPresent` |
| `Component` | k8s selector key | `gitolite` |
| `Cpu` | Requested cpu | `200m` |
| `Memory` | Requested memory | `256Mi` |
| `ServiceType` | k8s service type | `LoadBalancer` |
| `ServicePort` | k8s service port | `22` |
| `NodePort` | k8s node port | Not set |
| `ContainerPort` | Listening port | `22` |
| `LoadBalancerSourceRanges` | Allowed inbound IP addresses | `0.0.0.0/0` |
| `LoadBalancerIP` | Optional fixed external IP | Not set |
| `Ingress.Annotations` | Ingress annotations | `{}` |
| `Ingress.TLS` | Ingress TLS configuration | `[]` |
| `NodeSelector` | Node labels for pod assignment | `{}` |
| `Tolerations` | Toleration labels for pod assignment | `{}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --set SSH_KEY="$(cat ~/.ssh/id_rsa.pub)" --set SSH_KEY_NAME="$(whoami)" -f values.yaml gitolite
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## NetworkPolicy
To make use of the NetworkPolicy resources created by default,
install [a networking plugin that implements the Kubernetes
NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin).
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting
the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
## Persistence
The Gitolite image stores persistence under `/var/lib/git` path of the container. A dynamically managed Persistent Volume
Claim is used to keep the data across deployments, by default. This is known to work in GCE, AWS, and minikube. Alternatively,
a previously configured Persistent Volume Claim can be used.
It is possible to mount several volumes using `Persistence.volumes` and `Persistence.mounts` parameters.
### Persistence Values for ssh-keys of openssh server
| Parameter | Description | Default |
| ----------------------------------- | ------------------------- | --------------- |
| `Persistence.SshKeys.Enabled` | Enable the use of a PVC | `true` |
| `Persistence.SshKeys.ExistingClaim` | Provide the name of a PVC | `nil` |
| `Persistence.SshKeys.AccessMode` | The PVC access mode | `ReadWriteOnce` |
| `Persistence.SshKeys.Size` | The size of the PVC | `1Gi` |
### Persistence Values for git repository
| Parameter | Description | Default |
| ------------------------------- | ------------------------- | --------------- |
| `Persistence.Git.Enabled` | Enable the use of a PVC | `true` |
| `Persistence.Git.ExistingClaim` | Provide the name of a PVC | `nil` |
| `Persistence.Git.AccessMode` | The PVC access mode | `ReadWriteOnce` |
| `Persistence.Git.Size` | The size of the PVC | `8Gi` |
### Additional volumes/mounts
| Parameter | Description | Default |
| ----------------------------| ------------------------- | --------------- |
| `Persistence.volumes` | Additional volumes | `nil` |
| `Persistence.mounts` | Additional mounts | `nil` |
#### Existing PersistentVolumeClaim
1. Create the PersistentVolume
1. Create the PersistentVolumeClaim
1. Install the chart
```bash
$ helm install --name my-release --set Persistence.ExistingClaim=PVC_NAME gitolite
```
|
