diff --git a/charts/headlamp/README.md b/charts/headlamp/README.md index 87e5b1336c..f412ad04aa 100644 --- a/charts/headlamp/README.md +++ b/charts/headlamp/README.md @@ -1,83 +1,127 @@ -# headlamp +# Headlamp Helm Chart -Headlamp is an easy-to-use and extensible Kubernetes web UI. +Headlamp is an easy-to-use and extensible Kubernetes web UI that provides: +- 🚀 Modern, fast, and responsive interface +- 🔒 OIDC authentication support +- 🔌 Plugin system for extensibility +- 📱 Mobile-friendly design +- 🎯 Real-time cluster state updates -**Homepage:** +## Prerequisites -## TL;DR +- Kubernetes 1.16+ +- Helm 3.x +- Cluster admin access for initial setup + +## Quick Start + +Add the Headlamp repository and install the chart: ```console $ helm repo add headlamp https://headlamp-k8s.github.io/headlamp/ +$ helm repo update $ helm install my-headlamp headlamp/headlamp --namespace kube-system ``` +Access Headlamp: +```console +$ kubectl port-forward -n kube-system svc/my-headlamp 8080:80 +``` +Then open http://localhost:8080 in your browser. -## Maintainers +## Installation -See [MAINTAINERS.md](https://github.com/headlamp-k8s/headlamp/blob/main/MAINTAINERS.md) in the headlamp github repo. +### Basic Installation +```console +$ helm install my-headlamp headlamp/headlamp --namespace kube-system +``` + +### Installation with OIDC +```console +$ helm install my-headlamp headlamp/headlamp \ + --namespace kube-system \ + --set config.oidc.clientID=your-client-id \ + --set config.oidc.clientSecret=your-client-secret \ + --set config.oidc.issuerURL=https://your-issuer-url +``` -## Source Code +### Installation with Ingress +```console +$ helm install my-headlamp headlamp/headlamp \ + --namespace kube-system \ + --set ingress.enabled=true \ + --set ingress.hosts[0].host=headlamp.example.com \ + --set ingress.hosts[0].paths[0].path=/ +``` -* -* +## Configuration -### Headlamp parameters +### Core Parameters | Key | Type | Default | Description | |-----|------|---------|-------------| -| affinity | object | `{}` | Affinity settings for pod assignment | -| clusterRoleBinding.annotations | object | `{}` | Annotations to add to the cluster role binding | -| clusterRoleBinding.create | bool | `true` | Specified whether a cluster role binding should be created | -| clusterRoleBinding.clusterRoleName| string | `cluster-admin` | Kubernetes ClusterRole name | -| env | list | `[]` | An optional list of environment variables | -| fullnameOverride | string | `""` | Overrides the full name of the chart | -| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent | +| replicaCount | int | `1` | Number of desired pods | | image.registry | string | `"ghcr.io"` | Container image registry | | image.repository | string | `"headlamp-k8s/headlamp"` | Container image name | -| image.tag | string | `""` | Container image tag, If "" uses appVersion in Chart.yaml | -| imagePullSecrets | list | `[]` | An optional list of references to secrets in the same namespace to use for pulling any of the images used | -| ingress.annotations | object | `{}` | Annotations for Ingress resource | -| ingress.enabled | bool | `false` | Enable ingress controller resource | -| ingress.ingressClassName | string | `""` | The ingress class name. Replacement for the deprecated "kubernetes.io/ingress.class" annotation | -| ingress.hosts | list | `[]` | Hostname(s) for the Ingress resource | +| image.tag | string | `""` | Container image tag (defaults to Chart appVersion) | +| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy | + +### Security Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| serviceAccount.create | bool | `true` | Create service account | +| serviceAccount.name | string | `""` | Service account name | +| clusterRoleBinding.create | bool | `true` | Create cluster role binding | +| clusterRoleBinding.clusterRoleName | string | `cluster-admin` | Kubernetes ClusterRole name | +| podSecurityContext | object | `{}` | Pod security context | +| securityContext | object | `{}` | Container security context | + +### OIDC Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| config.oidc.clientID | string | `""` | OIDC client ID | +| config.oidc.clientSecret | string | `""` | OIDC client secret | +| config.oidc.issuerURL | string | `""` | OIDC issuer URL | +| config.oidc.scopes | string | `""` | OIDC scopes | +| config.oidc.secret.create | bool | `true` | Create OIDC secret | +| config.oidc.secret.name | string | `"oidc"` | OIDC secret name | + +### Ingress Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| ingress.enabled | bool | `false` | Enable ingress | +| ingress.className | string | `""` | Ingress class name | +| ingress.annotations | object | `{}` | Ingress annotations | +| ingress.hosts | list | `[]` | Ingress hosts | | ingress.tls | list | `[]` | Ingress TLS configuration | -| initContainers | list | `[]` | An optional list of init containers to be run before the main containers. | -| nameOverride | string | `""` | Overrides the name of the chart | -| nodeSelector | object | `{}` | Node labels for pod assignment | -| persistentVolumeClaim.accessModes | list | `[]` | accessModes for the persistent volume claim, eg: ReadWriteOnce, ReadOnlyMany, ReadWriteMany etc. | -| persistentVolumeClaim.annotations | object | `{}` | Annotations to add to the persistent volume claim (if enabled) | -| persistentVolumeClaim.enabled | bool | `false` | Enable Persistent Volume Claim | -| persistentVolumeClaim.selector | object | `{}` | selector for the persistent volume claim. | -| persistentVolumeClaim.size | string | `""` | size of the persistent volume claim, eg: 10Gi. Required if enabled is true. | -| persistentVolumeClaim.storageClassName | string | `""` | storageClassName for the persistent volume claim. | -| persistentVolumeClaim.volumeMode | string | `""` | volumeMode for the persistent volume claim, eg: Filesystem, Block. | -| podAnnotations | object | `{}` | Annotations to add to the pod | -| podSecurityContext | object | `{}` | Headlamp pod's Security Context | -| replicaCount | int | `1` | Number of desired pods | -| resources | object | `{}` | CPU/Memory resource requests/limits | -| securityContext | object | `{}` | Headlamp containers Security Context | -| service.port | int | `80` | Kubernetes Service port | -| service.type | string | `"ClusterIP"` | Kubernetes Service type | -| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| serviceAccount.name | string | `""` | The name of the service account to use.(If not set and create is true, a name is generated using the fullname template) | -| tolerations | list | `[]` | Toleration labels for pod assignment | -| volumeMounts | list | `[]` | Headlamp containers volume mounts | -| volumes | list | `[]` | Headlamp pod's volumes | - - -### Headlamp Configuration - -| Key | Type | Default | Description | -|------------------------------------|--------|-----------------------|-------------------------------------------------------------------------------------------------------| -| config.baseURL | string | `""` | base url path at which headlamp should run | -| config.oidc.clientID | string | `""` | OIDC client ID | -| config.oidc.clientSecret | string | `""` | OIDC client secret | -| config.oidc.issuerURL | string | `""` | OIDC issuer URL | -| config.oidc.scopes | string | `""` | OIDC scopes to be used | -| config.oidc.secret.create | bool | `true` | Enable this option to have the chart automatically create the OIDC secret using the specified values. | -| config.oidc.secret.name | string | `oidc` | Name of the OIDC secret used by headlamp | -| config.oidc.externalSecret.enabled | bool | `false` | Enable this option if you want to use an external secret for OIDC configuration. | -| config.oidc.externalSecret.name | string | `""` | Name of the external OIDC secret to be used by headlamp. | -| config.pluginsDir | string | `"/headlamp/plugins"` | directory to look for plugins | -| config.extraArgs | array | `[]` | Extra arguments that can be given to the container | + +### Storage Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| persistentVolumeClaim.enabled | bool | `false` | Enable PVC | +| persistentVolumeClaim.size | string | `""` | PVC size | +| persistentVolumeClaim.storageClassName | string | `""` | Storage class name | +| persistentVolumeClaim.accessModes | list | `[]` | PVC access modes | + +### Advanced Configuration + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Pod affinity settings | +| nodeSelector | object | `{}` | Node selector settings | +| tolerations | list | `[]` | Pod tolerations | +| resources | object | `{}` | Resource requests/limits | +| env | list | `[]` | Additional environment variables | +| config.baseURL | string | `""` | Base URL path | +| config.pluginsDir | string | `"/headlamp/plugins"` | Plugins directory | +| config.extraArgs | array | `[]` | Extra container arguments | + +## Links + +- [GitHub Repository](https://github.com/headlamp-k8s/headlamp) +- [Documentation](https://headlamp.dev/) +- [Maintainers](https://github.com/headlamp-k8s/headlamp/blob/main/MAINTAINERS.md)