diff --git a/charts/cloudflare-tunnel-remote/templates/deployment.yaml b/charts/cloudflare-tunnel-remote/templates/deployment.yaml index 16e35ec..864944b 100644 --- a/charts/cloudflare-tunnel-remote/templates/deployment.yaml +++ b/charts/cloudflare-tunnel-remote/templates/deployment.yaml @@ -51,6 +51,6 @@ spec: # it has an active connection to the edge. path: /ready port: 2000 - failureThreshold: 1 + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} initialDelaySeconds: 10 periodSeconds: 10 diff --git a/charts/cloudflare-tunnel-remote/values.yaml b/charts/cloudflare-tunnel-remote/values.yaml index 8935696..8b7d28d 100644 --- a/charts/cloudflare-tunnel-remote/values.yaml +++ b/charts/cloudflare-tunnel-remote/values.yaml @@ -60,3 +60,6 @@ tolerations: [] # Default affinity is to spread out over nodes; use this to override. affinity: {} + +livenessProbe: + failureThreshold: 1 diff --git a/charts/cloudflare-tunnel/templates/configmap.yaml b/charts/cloudflare-tunnel/templates/configmap.yaml index 07d5219..d998a13 100644 --- a/charts/cloudflare-tunnel/templates/configmap.yaml +++ b/charts/cloudflare-tunnel/templates/configmap.yaml @@ -14,6 +14,8 @@ data: enabled: {{ .Values.cloudflare.enableWarp }} # Serves the metrics server under /metrics and the readiness server under /ready metrics: 0.0.0.0:2000 + # Specifies the protocol used to establish a connection between cloudflared and the Cloudflare global network + protocol: {{ default "auto" .Values.cloudflare.protocol }} # Autoupdates applied in a k8s pod will be lost when the pod is removed or restarted, so # autoupdate doesn't make sense in Kubernetes. However, outside of Kubernetes, we strongly # recommend using autoupdate. @@ -25,5 +27,3 @@ data: {{- with .Values.cloudflare.ingress }} {{- toYaml . | nindent 6 }} {{- end }} - # This rule matches any traffic which didn't match a previous rule, and responds with HTTP 404. - - service: http_status:404 diff --git a/charts/cloudflare-tunnel/templates/deployment.yaml b/charts/cloudflare-tunnel/templates/deployment.yaml index 7b50786..6529b48 100644 --- a/charts/cloudflare-tunnel/templates/deployment.yaml +++ b/charts/cloudflare-tunnel/templates/deployment.yaml @@ -52,7 +52,7 @@ spec: # it has an active connection to the edge. path: /ready port: 2000 - failureThreshold: 1 + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} initialDelaySeconds: 10 periodSeconds: 10 volumeMounts: @@ -103,3 +103,7 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/cloudflare-tunnel/templates/service.yaml b/charts/cloudflare-tunnel/templates/service.yaml new file mode 100644 index 0000000..0316761 --- /dev/null +++ b/charts/cloudflare-tunnel/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "cloudflare-tunnel.fullname" . }} + labels: + {{- include "cloudflare-tunnel.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: 2000 + targetPort: 2000 + protocol: TCP + name: metrics + selector: + {{- include "cloudflare-tunnel.selectorLabels" . | nindent 4 }} diff --git a/charts/cloudflare-tunnel/templates/servicemonitor.yaml b/charts/cloudflare-tunnel/templates/servicemonitor.yaml new file mode 100644 index 0000000..762636c --- /dev/null +++ b/charts/cloudflare-tunnel/templates/servicemonitor.yaml @@ -0,0 +1,38 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "cloudflare-tunnel.fullname" . }} + labels: + {{- include "cloudflare-tunnel.labels" . | nindent 4 }} + {{- with .Values.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ template "cloudflare-tunnel.fullname" . }} + endpoints: + - port: metrics + {{- if .Values.serviceMonitor.interval }} + interval: {{ .Values.serviceMonitor.interval }} + {{- end }} + {{- if .Values.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{ toYaml .Values.serviceMonitor.metricRelabelings | indent 4 }} + {{- end }} + {{- if .Values.serviceMonitor.relabelings }} + relabelings: + {{ toYaml .Values.serviceMonitor.relabelings | indent 4 }} + {{- end }} + {{- if .Values.serviceMonitor.honorLabels }} + honorLabels: true + {{- end }} + selector: + matchLabels: + {{- include "cloudflare-tunnel.selectorLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/charts/cloudflare-tunnel/values.yaml b/charts/cloudflare-tunnel/values.yaml index c6d0e02..abd2ed1 100644 --- a/charts/cloudflare-tunnel/values.yaml +++ b/charts/cloudflare-tunnel/values.yaml @@ -12,6 +12,9 @@ cloudflare: secret: "" # If defined, no secret is created for the credentials, and instead, the secret referenced is used secretName: null + # Specifies the protocol used to establish a connection between cloudflared and the Cloudflare global network. Available values are auto, http2, h2mux, and quic. (default: auto) + # https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/arguments/ + protocol: "" # If true, turn on WARP routing for TCP enableWarp: false # Define ingress rules for the tunnel. See @@ -78,5 +81,25 @@ nodeSelector: {} tolerations: [] +topologySpreadConstraints: [] + # Default affinity is to spread out over nodes; use this to override. affinity: {} + +livenessProbe: + failureThreshold: 1 + +serviceMonitor: + # -- Enable this if you're using https://github.com/coreos/prometheus-operator + enabled: false + # -- Interval at which endpoints should be scraped. + interval: 30s + # -- Add custom labels to the ServiceMonitor resource + additionalLabels: {} + # prometheus: kube-prometheus + # -- Chooses the metric’s labels on collisions with target labels. + honorLabels: false + # -- Path to scrape metrics + path: /metrics + # -- Timeout for scrape metrics request + scrapeTimeout: 10s