[Helm] Refactor kuberay-operator chart

helm-chart/kuberay-operator/README.md

@@ -172,18 +172,14 @@ spec:
 | metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
 | metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace |
 | operatorCommand | string | `"/manager"` | Path to the operator binary |
+| useKubernetesProxy | bool | `false` |  |
 | leaderElectionEnabled | bool | `true` | If leaderElectionEnabled is set to true, the KubeRay operator will use leader election for high availability. |
 | rbacEnable | bool | `true` | If rbacEnable is set to false, no RBAC resources will be created, including the Role for leader election, the Role for Pods and Services, and so on. |
 | crNamespacedRbacEnable | bool | `true` | When crNamespacedRbacEnable is set to true, the KubeRay operator will create a Role for RayCluster preparation (e.g., Pods, Services) and a corresponding RoleBinding for each namespace listed in the "watchNamespace" parameter. Please note that even if crNamespacedRbacEnable is set to false, the Role and RoleBinding for leader election will still be created.  Note: (1) This variable is only effective when rbacEnable and singleNamespaceInstall are both set to true. (2) In most cases, it should be set to true, unless you are using a Kubernetes cluster managed by GitOps tools such as ArgoCD. |
 | singleNamespaceInstall | bool | `false` | When singleNamespaceInstall is true: - Install namespaced RBAC resources such as Role and RoleBinding instead of cluster-scoped ones like ClusterRole and ClusterRoleBinding so that   the chart can be installed by users with permissions restricted to a single namespace.   (Please note that this excludes the CRDs, which can only be installed at the cluster scope.) - If "watchNamespace" is not set, the KubeRay operator will, by default, only listen   to resource events within its own namespace. |
+| watchNamespace | list | `[]` | The KubeRay operator will watch the custom resources in the namespaces listed in the "watchNamespace" parameter. |
 | env | string | `nil` | Environment variables. |
 | resources | object | `{"limits":{"cpu":"100m","memory":"512Mi"}}` | Resource requests and limits for containers. |
-| livenessProbe.initialDelaySeconds | int | `10` |  |
-| livenessProbe.periodSeconds | int | `5` |  |
-| livenessProbe.failureThreshold | int | `5` |  |
-| readinessProbe.initialDelaySeconds | int | `10` |  |
-| readinessProbe.periodSeconds | int | `5` |  |
-| readinessProbe.failureThreshold | int | `5` |  |
 | podSecurityContext | object | `{}` | Set up `securityContext` to improve Pod security. |
 | service.type | string | `"ClusterIP"` | Service type. |
 | service.port | int | `8080` | Service port. |

helm-chart/kuberay-operator/templates/_helpers.tpl

@@ -38,37 +38,37 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
-{{/*
-Common labels
-*/}}
+{{- /* Common labels */ -}}
 {{- define "kuberay-operator.labels" -}}
-app.kubernetes.io/name: {{ include "kuberay-operator.name" . }}
 helm.sh/chart: {{ include "kuberay-operator.chart" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{ include "kuberay-operator.selectorLabels" . }}
+app.kubernetes.io/component: {{ include "kuberay-operator.component" . }}
+{{- with .Chart.AppVersion }}
+app.kubernetes.io/version: {{ . | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- with .Values.labels }}
+{{ . | toYaml }}
+{{- end }}
+{{- end -}}
+
+{{- /* Selector labels */ -}}
+{{- define "kuberay-operator.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "kuberay-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 
 {{- /* Create the name of the deployment to use. */ -}}
 {{- define "kuberay-operator.deployment.name" -}}
 {{- include "kuberay-operator.fullname" . }}
 {{- end -}}
 
-{{/*
-FeatureGates
-*/}}
-{{- define "kuberay.featureGates" -}}
-{{- $features := "" }}
-{{- range .Values.featureGates }}
-  {{- $str := printf "%s=%t," .name .enabled }}
-  {{- $features = print $features $str }}
-{{- end }}
-{{- with .Values.featureGates }}
---feature-gates={{ $features | trimSuffix "," }}
-{{- end }}
-{{- end }}
+{{- /* Create the name of the image to use. */ -}}
+{{- define "kuberay-operator.image" -}}
+{{- $imageRepository := .Values.image.repository | default "kuberay/operator" }}
+{{- $imageTag := .Values.image.tag | default "latest" }}
+{{- printf "%s:%s" $imageRepository $imageTag }}
+{{- end -}}
 
 {{- /* Create the name of the service to use. */ -}}
 {{- define "kuberay-operator.service.name" -}}

helm-chart/kuberay-operator/templates/deployment.yaml

@@ -5,137 +5,114 @@ metadata:
   namespace: {{ .Release.Namespace }}
   labels:
     {{- include "kuberay-operator.labels" . | nindent 4 }}
-    {{- with .Values.labels }}
-    {{- toYaml . | nindent 4 }}
-    {{- end }}
 spec:
   replicas: 1
   strategy:
     type: Recreate
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ include "kuberay-operator.name" . }}
-      app.kubernetes.io/instance: {{ .Release.Name }}
+      {{- include "kuberay-operator.selectorLabels" . | nindent 6 }}
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: {{ include "kuberay-operator.name" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-        app.kubernetes.io/component: {{ include "kuberay-operator.component" . }}
-        {{- with .Values.labels }}
-        {{- toYaml . | nindent 8 }}
-        {{- end }}
+        {{- include "kuberay-operator.labels" . | nindent 8 }}
       {{- with .Values.annotations }}
       annotations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
     spec:
-    {{- with .Values.imagePullSecrets }}
-      imagePullSecrets:
+      containers:
+      - name: {{ .Chart.Name }}
+        image: {{ include "kuberay-operator.image" . }}
+        {{- with .Values.image.pullPolicy }}
+        imagePullPolicy: {{ . }}
+        {{- end }}
+        command:
+        - {{ .Values.operatorCommand }}
+        args:
+        {{- $featureGates := list }}
+        {{- range $featureGate := .Values.featureGates }}
+        {{- $featureGates = append $featureGates (printf "%s=%t" $featureGate.name $featureGate.enabled) }}
+        {{- end }}
+        {{- with $featureGates }}
+        - --feature-gates={{ . | join "," }}
+        {{- end }}
+        {{- if .Values.batchScheduler.enabled }}
+        - --enable-batch-scheduler
+        {{- end }}
+        {{- with .Values.batchScheduler.name }}
+        - --batch-scheduler={{ . }}
+        {{- end }}
+        {{- $namespaces := list }}
+        {{- if and .Values.singleNamespaceInstall (not .Values.watchNamespace) }}
+        {{- $namespaces = append $namespaces .Release.Namespace }}
+        {{- else if .Values.watchNamespace }}
+        {{- $namespaces = concat $namespaces .Values.watchNamespace }}
+        {{- end }}
+        {{- with $namespaces }}
+        - --watch-namespace={{ . | join "," }}
+        {{- end }}
+        {{- if and .Values.logging.baseDir .Values.logging.fileName }}
+        - --log-file-path={{ printf "%s/%s" .Values.logging.baseDir .Values.logging.fileName }}
+        {{- end }}
+        {{- with .Values.logging.stdoutEncoder }}
+        - --log-stdout-encoder={{ . }}
+        {{- end }}
+        {{- with .Values.logging.fileEncoder }}
+        - --log-file-encoder={{ . }}
+        {{- end }}
+        - --use-kubernetes-proxy={{ .Values.useKubernetesProxy }}
+        - --enable-leader-election={{ .Values.leaderElectionEnabled }}
+        - --enable-metrics={{ .Values.metrics.enabled }}
+        {{- with .Values.env }}
+        env:
         {{- toYaml . | nindent 8 }}
-    {{- end }}
-      serviceAccountName: {{ include "kuberay-operator.serviceAccount.name" . }}
-      {{- if and (.Values.logging.baseDir) (.Values.logging.fileName) }}
-      volumes:
+        {{- end }}
+        {{- if and (.Values.logging.baseDir) (.Values.logging.fileName) }}
+        volumeMounts:
         - name: kuberay-logs
-          {{- if .Values.logging.sizeLimit }}
-          emptyDir:
-            sizeLimit: {{ .Values.logging.sizeLimit }}
-          {{- else }}
-          emptyDir: {}
-          {{- end }}
+          mountPath: "{{ .Values.logging.baseDir }}"
+        {{- end }}
+        ports:
+        - name: http
+          containerPort: 8080
+          protocol: TCP
+        {{- with .Values.resources }}
+        resources:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        livenessProbe:
+          httpGet:
+            path: /metrics
+            port: http
+          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+          failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+        readinessProbe:
+          httpGet:
+            path: /metrics
+            port: http
+          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+        {{- with .Values.securityContext }}
+        securityContext:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+      {{- toYaml . | nindent 6 }}
       {{- end }}
-      {{- with .Values.podSecurityContext }}
-      securityContext:
-        {{- toYaml . | nindent 8 }}
+      {{- if and (.Values.logging.baseDir) (.Values.logging.fileName) }}
+      volumes:
+      - name: kuberay-logs
+        {{- if .Values.logging.sizeLimit }}
+        emptyDir:
+          sizeLimit: {{ .Values.logging.sizeLimit }}
+        {{- else }}
+        emptyDir: {}
+        {{- end }}
       {{- end }}
-      containers:
-        - name: {{ .Chart.Name }}
-          {{- with .Values.securityContext }}
-          securityContext:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          {{- with .Values.image.pullPolicy }}
-          imagePullPolicy: {{ . }}
-          {{- end }}
-          {{- if and (.Values.logging.baseDir) (.Values.logging.fileName) }}
-          volumeMounts:
-            - name: kuberay-logs
-              mountPath: "{{ .Values.logging.baseDir }}"
-          {{- end }}
-          command:
-            - {{ .Values.operatorCommand }}
-          args:
-            {{- $argList := list -}}
-            {{- $argList = append $argList (include "kuberay.featureGates" . | trim) -}}
-            {{- if .Values.batchScheduler -}}
-            {{- if .Values.batchScheduler.enabled -}}
-            {{- $argList = append $argList "--enable-batch-scheduler" -}}
-            {{- end -}}
-            {{- if .Values.batchScheduler.name -}}
-            {{- $argList = append $argList (printf "--batch-scheduler=%s" .Values.batchScheduler.name) -}}
-            {{- end -}}
-            {{- end -}}
-            {{- $watchNamespace := "" -}}
-            {{- if and .Values.singleNamespaceInstall (not .Values.watchNamespace) -}}
-            {{- $watchNamespace = .Release.Namespace -}}
-            {{- else if .Values.watchNamespace -}}
-            {{- $watchNamespace = join "," .Values.watchNamespace -}}
-            {{- end -}}
-            {{- if $watchNamespace -}}
-            {{- $argList = append $argList "--watch-namespace" -}}
-            {{- $argList = append $argList $watchNamespace -}}
-            {{- end -}}
-            {{- if and (.Values.logging.baseDir) (.Values.logging.fileName) -}}
-            {{- $argList = append $argList "--log-file-path" -}}
-            {{- $argList = append $argList (printf "%s/%s" .Values.logging.baseDir .Values.logging.fileName) -}}
-            {{- end -}}
-            {{- if .Values.logging.stdoutEncoder -}}
-            {{- $argList = append $argList "--log-stdout-encoder" -}}
-            {{- $argList = append $argList .Values.logging.stdoutEncoder -}}
-            {{- end -}}
-            {{- if .Values.logging.fileEncoder -}}
-            {{- $argList = append $argList "--log-file-encoder" -}}
-            {{- $argList = append $argList .Values.logging.fileEncoder -}}
-            {{- end -}}
-            {{- if hasKey .Values "useKubernetesProxy" -}}
-            {{- $argList = append $argList (printf "--use-kubernetes-proxy=%t" .Values.useKubernetesProxy) -}}
-            {{- end -}}
-            {{- if hasKey .Values "leaderElectionEnabled" -}}
-            {{- $argList = append $argList (printf "--enable-leader-election=%t" .Values.leaderElectionEnabled) -}}
-            {{- end -}}
-            {{- if and (hasKey .Values "metrics") (hasKey .Values.metrics "enabled") }}
-            {{- $argList = append $argList (printf "--enable-metrics=%t" .Values.metrics.enabled) -}}
-            {{- end -}}
-            {{- (printf "\n") -}}
-            {{- $argList | toYaml | indent 12 }}
-          ports:
-            - name: http
-              containerPort: 8080
-              protocol: TCP
-          {{- with .Values.env }}
-          env:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
-          livenessProbe:
-            httpGet:
-              path: /metrics
-              port: http
-            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
-            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
-          readinessProbe:
-            httpGet:
-              path: /metrics
-              port: http
-            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
-            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
-          {{- with .Values.resources }}
-          resources:
-            {{- toYaml . | nindent 12 }}
-          {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -146,5 +123,10 @@ spec:
       {{- end }}
       {{- with .Values.tolerations }}
       tolerations:
+      {{- toYaml . | nindent 6 }}
+      {{- end }}
+      serviceAccountName: {{ include "kuberay-operator.serviceAccount.name" . }}
+      {{- with .Values.podSecurityContext }}
+      securityContext:
         {{- toYaml . | nindent 8 }}
       {{- end }}

helm-chart/kuberay-operator/templates/rolebinding.yaml

@@ -5,12 +5,12 @@ metadata:
   name: {{ include "kuberay-operator.clusterRoleBinding.name" . }}
   labels:
     {{- include "kuberay-operator.labels" . | nindent 4 }}
-subjects:
-- kind: ServiceAccount
-  name: {{ include "kuberay-operator.serviceAccount.name" . }}
-  namespace: {{ .Release.Namespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ include "kuberay-operator.clusterRole.name" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ include "kuberay-operator.serviceAccount.name" . }}
+  namespace: {{ .Release.Namespace }}
 {{- end }}

helm-chart/kuberay-operator/templates/service.yaml

@@ -8,10 +8,9 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
+  - port: {{ .Values.service.port }}
+    targetPort: http
+    protocol: TCP
+    name: http
   selector:
-    app.kubernetes.io/name: {{ include "kuberay-operator.name" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
+    {{- include "kuberay-operator.selectorLabels" . | nindent 4 }}