Skip to content

Add helm chart #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add helm chart #65

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d4787c5
add helm chart
Jul 21, 2025
ff478a5
update image, readme
Jul 21, 2025
687fc74
update ns and sa
Jul 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
247 changes: 247 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Since this is a quick start, we can ignore the manual creation of the cloud reso
Their name hints at their purpose. Resource monitors sync on an interval with your cloud service and create new resources on the cluster for you. This makes the tagging process a bit more streamlined — You can tag instances in a way that they are visible to the operator and expect to see the corresponding new resources being created on the cluster in 2 minutes.

The only field that monitors require as of now is a type:

```yaml
apiVersion: manager.kotaico.de/v1
kind: ResourceMonitor
Expand Down Expand Up @@ -115,3 +116,249 @@ Kubebuilder is a hard development dependency of the project, so one of the best

## Roadmap
- Recurring bookings

---

# Helm Chart

A Helm chart for deploying the Resource Booking Operator to Kubernetes clusters.

## Overview

The Resource Booking Operator is a Kubernetes operator that manages resource bookings and reservations. It provides custom resources for managing bookings, resources, and resource monitors.

## Prerequisites

- Kubernetes 1.19+
- Helm 3.0+

## Installation

### Add the Helm repository

```bash
helm repo add resource-booking-operator https://kotaicode.github.io/resource-booking-operator
helm repo update
```

### Install the chart

```bash
# Install with default values
helm install resource-booking-operator resource-booking-operator/resource-booking-operator

# Install with custom values
helm install resource-booking-operator resource-booking-operator/resource-booking-operator \
--values custom-values.yaml
```

### Install from local chart

```bash
# Clone the repository
git clone https://github.com/kotaicode/resource-booking-operator.git
cd resource-booking-operator

# Install from local chart
helm install resource-booking-operator charts/resource-booking-operator/
```

## Configuration

The following table lists the configurable parameters of the resource-booking-operator chart and their default values.

| Parameter | Description | Default |
|-----------|-------------|---------|
| `global.imageRegistry` | Global Docker image registry | `""` |
| `global.imagePullPolicy` | Global image pull policy | `IfNotPresent` |
| `global.imagePullSecrets` | Global image pull secrets | `[]` |
| `operator.image.repository` | Operator image repository | `controller` |
| `operator.image.tag` | Operator image tag | `latest` |
| `operator.image.pullPolicy` | Operator image pull policy | `IfNotPresent` |
| `operator.deployment.replicas` | Number of operator replicas | `1` |
| `operator.deployment.resources.limits.cpu` | CPU resource limits | `500m` |
| `operator.deployment.resources.limits.memory` | Memory resource limits | `128Mi` |
| `operator.deployment.resources.requests.cpu` | CPU resource requests | `10m` |
| `operator.deployment.resources.requests.memory` | Memory resource requests | `64Mi` |
| `rbac.create` | Create RBAC resources | `true` |
| `rbac.createClusterRoleBinding` | Create cluster role binding | `true` |
| `rbac.serviceAccount.create` | Create service account | `true` |
| `rbac.serviceAccount.name` | Service account name | `controller-manager` |
| `crd.install` | Install CRDs | `true` |
| `crd.validation` | Enable CRD validation | `true` |
| `metrics.enabled` | Enable metrics | `true` |
| `metrics.serviceMonitor.enabled` | Create service monitor | `false` |
| `authProxy.enabled` | Enable auth proxy | `true` |
| `authProxy.image.repository` | Auth proxy image repository | `gcr.io/kubebuilder/kube-rbac-proxy` |
| `authProxy.image.tag` | Auth proxy image tag | `v0.13.0` |
| `namespace.create` | Create namespace | `true` |
| `namespace.name` | Namespace name | `system` |

### Example custom values

```yaml
# custom-values.yaml
operator:
image:
repository: my-registry/controller
tag: v1.0.0
deployment:
replicas: 2
resources:
limits:
cpu: 1000m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi

rbac:
create: true
serviceAccount:
create: true
name: resource-booking-operator

metrics:
enabled: true
serviceMonitor:
enabled: true

authProxy:
enabled: true
resources:
limits:
cpu: 200m
memory: 64Mi
requests:
cpu: 10m
memory: 32Mi
```

## Custom Resources

The operator creates the following custom resources:

### Resource

```yaml
apiVersion: manager.kotaico.de/v1
kind: Resource
metadata:
name: example-resource
spec:
type: "ec2"
tag: "production"
booked_by: "user@example.com"
booked_until: "2024-12-31T23:59:59Z"
```

### Booking

```yaml
apiVersion: manager.kotaico.de/v1
kind: Booking
metadata:
name: example-booking
spec:
resource_name: "example-resource"
user_id: "user@example.com"
start_at: "2024-01-01T09:00:00Z"
end_at: "2024-01-01T17:00:00Z"
notifications:
- type: "email"
recipient: "user@example.com"
```

### ResourceMonitor

```yaml
apiVersion: manager.kotaico.de/v1
kind: ResourceMonitor
metadata:
name: example-monitor
spec:
type: "ec2"
```

## Additional RBAC Roles

The chart includes additional RBAC roles for fine-grained access control:

- `booking-editor`: Full access to bookings
- `booking-viewer`: Read-only access to bookings
- `resource-editor`: Full access to resources
- `resource-viewer`: Read-only access to resources
- `resourcemonitor-editor`: Full access to resource monitors
- `resourcemonitor-viewer`: Read-only access to resource monitors

These roles can be enabled/disabled via the `additionalRoles` section in values.yaml.

## Monitoring

The operator exposes metrics on port 8080 (or 8443 when auth proxy is enabled). You can configure Prometheus ServiceMonitor for monitoring:

```yaml
metrics:
enabled: true
serviceMonitor:
enabled: true
interval: 30s
scrapeTimeout: 10s
```

## Security

The operator runs with the following security features:

- Non-root user execution
- Dropped capabilities
- No privilege escalation
- RBAC authorization via auth proxy (when enabled)

## Troubleshooting

### Check operator status

```bash
kubectl get pods -n system -l control-plane=controller-manager
```

### View operator logs

```bash
kubectl logs -n system -l control-plane=controller-manager -c manager
```

### Check CRD installation

```bash
kubectl get crd | grep manager.kotaico.de
```

### Test operator functionality

```bash
helm test resource-booking-operator
```

## Uninstallation

```bash
helm uninstall resource-booking-operator
```

**Note**: CRDs are not automatically removed. To remove them:

```bash
kubectl delete crd resources.manager.kotaico.de
kubectl delete crd bookings.manager.kotaico.de
kubectl delete crd resourcemonitors.manager.kotaico.de
```

## Contributing

Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests.

## License

This project is licensed under the Apache License 2.0 - see the [LICENSE](LICENSE) file for details.
61 changes: 61 additions & 0 deletions charts/resource-booking-operator/.helmignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# OS generated files
Thumbs.db
ehthumbs.db
# Kubernetes generated files
*.generated.go
# Go generated files
*.pb.go
# Documentation
docs/
# Test files
*_test.go
# Build artifacts
bin/
dist/
# Docker files
Dockerfile*
.dockerignore
# Makefile
Makefile
# Config files
config/
# Source code
api/
controllers/
clients/
notify/
# Assets
assets/
# Web files
index.html
# License and project files
LICENSE
PROJECT
# Go module files
go.mod
go.sum
# Hack files
hack/
21 changes: 21 additions & 0 deletions charts/resource-booking-operator/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
apiVersion: v2
name: resource-booking-operator
description: A Helm chart for the Resource Booking Operator
type: application
version: 0.1.0
appVersion: "1.0.0"
keywords:
- kubernetes
- operator
- resource-booking
- booking
- resource-management
home: https://github.com/kotaicode/resource-booking-operator
sources:
- https://github.com/kotaicode/resource-booking-operator
maintainers:
- name: Kotaicode Team
email: team@kotaico.de
annotations:
category: Infrastructure
licenses: Apache-2.0
Loading
Loading