chore(release): Add a new release: metrics-server

A new release is added to the cluster: Name: metrics-server Namespace: kube-system Version: 3.11.0 Chart: metrics-server/metrics-server
2024-09-09 09:41:17 +02:00
parent 7936b2f5d2
commit 012aaadacc
174 changed files with 29571 additions and 0 deletions
--- a/charts/metrics-server-metrics-server/templates/NOTES.txt
+++ b/charts/metrics-server-metrics-server/templates/NOTES.txt
@ -0,0 +1,7 @@
+***********************************************************************
+* Metrics Server                                                      *
+***********************************************************************
+  Chart version: {{ .Chart.Version }}
+  App version:   {{ .Chart.AppVersion }}
+  Image tag:     {{ include "metrics-server.image" . }}
+***********************************************************************
--- a/charts/metrics-server-metrics-server/templates/_helpers.tpl
+++ b/charts/metrics-server-metrics-server/templates/_helpers.tpl
@ -0,0 +1,102 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "metrics-server.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "metrics-server.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "metrics-server.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "metrics-server.labels" -}}
+helm.sh/chart: {{ include "metrics-server.chart" . }}
+{{ include "metrics-server.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- if .Values.commonLabels }}
+{{ toYaml .Values.commonLabels }}
+{{- end }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "metrics-server.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "metrics-server.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "metrics-server.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "metrics-server.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+The image to use
+*/}}
+{{- define "metrics-server.image" -}}
+{{- printf "%s:%s" .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
+{{- end }}
+
+{{/*
+The image to use for the addon resizer
+*/}}
+{{- define "metrics-server.addonResizer.image" -}}
+{{- printf "%s:%s" .Values.addonResizer.image.repository .Values.addonResizer.image.tag }}
+{{- end }}
+
+{{/*
+ConfigMap name of addon resizer
+*/}}
+{{- define "metrics-server.addonResizer.configMap" -}}
+{{- printf "%s-%s" (include "metrics-server.fullname" .) "nanny-config" }}
+{{- end }}
+
+{{/*
+Role name of addon resizer
+*/}}
+{{- define "metrics-server.addonResizer.role" -}}
+{{ printf "system:%s-nanny" (include "metrics-server.fullname" .) }}
+{{- end }}
+
+{{/* Get PodDisruptionBudget API Version */}}
+{{- define "metrics-server.pdb.apiVersion" -}}
+  {{- if and (.Capabilities.APIVersions.Has "policy/v1") (semverCompare ">= 1.21-0" .Capabilities.KubeVersion.Version) -}}
+      {{- print "policy/v1" -}}
+  {{- else -}}
+    {{- print "policy/v1beta1" -}}
+  {{- end -}}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/apiservice.yaml
+++ b/charts/metrics-server-metrics-server/templates/apiservice.yaml
@ -0,0 +1,25 @@
+{{- if .Values.apiService.create -}}
+apiVersion: apiregistration.k8s.io/v1
+kind: APIService
+metadata:
+  name: v1beta1.metrics.k8s.io
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+  {{- with .Values.apiService.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- with .Values.apiService.caBundle }}
+  caBundle: {{ b64enc . }}
+  {{- end }}
+  group: metrics.k8s.io
+  groupPriorityMinimum: 100
+  insecureSkipTLSVerify: {{ .Values.apiService.insecureSkipTLSVerify }}
+  service:
+    name: {{ include "metrics-server.fullname" . }}
+    namespace: {{ .Release.Namespace }}
+    port: {{ .Values.service.port }}
+  version: v1beta1
+  versionPriority: 100
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrole-aggregated-reader.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrole-aggregated-reader.yaml
@ -0,0 +1,21 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ printf "system:%s-aggregated-reader" (include "metrics-server.name" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+    rbac.authorization.k8s.io/aggregate-to-admin: "true"
+    rbac.authorization.k8s.io/aggregate-to-edit: "true"
+    rbac.authorization.k8s.io/aggregate-to-view: "true"
+rules:
+  - apiGroups:
+      - metrics.k8s.io
+    resources:
+      - pods
+      - nodes
+    verbs:
+      - get
+      - list
+      - watch
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrole-nanny.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrole-nanny.yaml
@ -0,0 +1,13 @@
+{{- if and .Values.rbac.create .Values.addonResizer.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ printf "system:%s-nanny" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+rules:
+  - nonResourceURLs:
+      - /metrics
+    verbs:
+      - get
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrole.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrole.yaml
@ -0,0 +1,37 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ printf "system:%s" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+rules:
+  - apiGroups:
+    - ""
+    resources:
+    - nodes/metrics
+    verbs:
+    - get
+  - apiGroups:
+    - ""
+    resources:
+      - pods
+      - nodes
+      - namespaces
+      - configmaps
+    verbs:
+      - get
+      - list
+      - watch
+  {{- if .Values.rbac.pspEnabled }}
+  - apiGroups:
+      - extensions
+      - policy
+    resources:
+      - podsecuritypolicies
+    resourceNames:
+      - {{ printf "privileged-%s" (include "metrics-server.fullname" .) }}
+    verbs:
+      - use
+  {{- end -}}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrolebinding-auth-delegator.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrolebinding-auth-delegator.yaml
@ -0,0 +1,16 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ printf "%s:system:auth-delegator" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "metrics-server.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrolebinding-nanny.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrolebinding-nanny.yaml
@ -0,0 +1,18 @@
+{{- if .Values.rbac.create -}}
+{{- if .Values.addonResizer.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ printf "system:%s-nanny" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:{{ template "metrics-server.fullname" . }}-nanny
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "metrics-server.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/clusterrolebinding.yaml
+++ b/charts/metrics-server-metrics-server/templates/clusterrolebinding.yaml
@ -0,0 +1,16 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ printf "system:%s" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:{{ template "metrics-server.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "metrics-server.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/configmaps-nanny.yaml
+++ b/charts/metrics-server-metrics-server/templates/configmaps-nanny.yaml
@ -0,0 +1,17 @@
+{{- if .Values.addonResizer.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "metrics-server.addonResizer.configMap" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+data:
+  NannyConfiguration: |-
+    apiVersion: nannyconfig/v1alpha1
+    kind: NannyConfiguration
+    baseCPU: {{ .Values.addonResizer.nanny.cpu }}
+    cpuPerNode: {{ .Values.addonResizer.nanny.extraCpu }}
+    baseMemory: {{ .Values.addonResizer.nanny.memory }}
+    memoryPerNode: {{ .Values.addonResizer.nanny.extraMemory }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/deployment.yaml
+++ b/charts/metrics-server-metrics-server/templates/deployment.yaml
@ -0,0 +1,157 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "metrics-server.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+  {{- with .Values.deploymentAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.replicas }}
+  {{- if or (kindIs "float64" .Values.revisionHistoryLimit) (kindIs "int64" .Values.revisionHistoryLimit) }}
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit | int64 }}
+  {{- end }}
+  {{- with .Values.updateStrategy }}
+  strategy:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "metrics-server.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "metrics-server.selectorLabels" . | nindent 8 }}
+      {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    spec:
+      schedulerName: {{ .Values.schedulerName }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "metrics-server.serviceAccountName" . }}
+      {{- with .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.priorityClassName }}
+      priorityClassName: {{ . | quote }}
+      {{- end }}
+      {{- if .Values.hostNetwork.enabled }}
+      hostNetwork: true
+      {{- end }}
+      {{- with .Values.dnsConfig }}
+      dnsConfig:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: metrics-server
+          {{- with .Values.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          image: {{ include "metrics-server.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - {{ printf "--secure-port=%d" (int .Values.containerPort) }}
+          {{- range .Values.defaultArgs }}
+            - {{ . }}
+          {{- end }}
+          {{- if .Values.metrics.enabled }}
+            - --authorization-always-allow-paths=/metrics
+          {{- end }}
+          {{- range .Values.args }}
+            - {{ . }}
+          {{- end }}
+          ports:
+          - name: https
+            protocol: TCP
+            containerPort: {{ .Values.containerPort }}
+          {{- with .Values.livenessProbe }}
+          livenessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.readinessProbe }}
+          readinessProbe:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: tmp
+              mountPath: /tmp
+          {{- with .Values.extraVolumeMounts }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+        {{- if .Values.addonResizer.enabled }}
+        - name: metrics-server-nanny
+          {{- with .Values.addonResizer.securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          image: {{ include "metrics-server.addonResizer.image" . }}
+          env:
+            - name: MY_POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: MY_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          command:
+            - /pod_nanny
+            - --config-dir=/etc/config
+            - --deployment={{ include "metrics-server.fullname" . }}
+            - --container=metrics-server
+            - --threshold={{ .Values.addonResizer.nanny.threshold }}
+            - --poll-period={{ .Values.addonResizer.nanny.pollPeriod }}
+            - --estimator=exponential
+            - --minClusterSize={{ .Values.addonResizer.nanny.minClusterSize }}
+            - --use-metrics=true
+          volumeMounts:
+            - name: nanny-config-volume
+              mountPath: /etc/config
+          {{- with .Values.addonResizer.resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+        {{- end }}
+      volumes:
+        - name: tmp
+          {{- toYaml .Values.tmpVolume | nindent 10 }}
+      {{- if .Values.addonResizer.enabled }}
+        - name: nanny-config-volume
+          configMap:
+            name: {{ include "metrics-server.addonResizer.configMap" . }}
+      {{- end }}
+      {{- with .Values.extraVolumes }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.topologySpreadConstraints }}
+      topologySpreadConstraints:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/metrics-server-metrics-server/templates/pdb.yaml
+++ b/charts/metrics-server-metrics-server/templates/pdb.yaml
@ -0,0 +1,19 @@
+{{- if .Values.podDisruptionBudget.enabled -}}
+apiVersion: {{ include "metrics-server.pdb.apiVersion" . }}
+kind: PodDisruptionBudget
+metadata:
+  name: {{ include "metrics-server.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+spec:
+  {{- if .Values.podDisruptionBudget.minAvailable }}
+  minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
+  {{- end  }}
+  {{- if .Values.podDisruptionBudget.maxUnavailable }}
+  maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
+  {{- end  }}
+  selector:
+    matchLabels:
+      {{- include "metrics-server.selectorLabels" . | nindent 6 }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/psp.yaml
+++ b/charts/metrics-server-metrics-server/templates/psp.yaml
@ -0,0 +1,28 @@
+{{- if .Values.rbac.pspEnabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: {{ printf "privileged-%s" (include "metrics-server.fullname" .) }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+spec:
+  allowedCapabilities:
+    - '*'
+  fsGroup:
+    rule: RunAsAny
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+    - '*'
+  hostPID: true
+  hostIPC: true
+  hostNetwork: true
+  hostPorts:
+    - min: 1
+      max: 65536
+{{- end }}
--- a/charts/metrics-server-metrics-server/templates/role-nanny.yaml
+++ b/charts/metrics-server-metrics-server/templates/role-nanny.yaml
@ -0,0 +1,27 @@
+{{- if .Values.rbac.create -}}
+{{- if .Values.addonResizer.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ include "metrics-server.addonResizer.role" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - get
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  resourceNames:
+  - {{ include "metrics-server.fullname" . }}
+  verbs:
+  - get
+  - patch
+{{- end -}}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/rolebinding-nanny.yaml
+++ b/charts/metrics-server-metrics-server/templates/rolebinding-nanny.yaml
@ -0,0 +1,19 @@
+{{- if .Values.rbac.create -}}
+{{- if .Values.addonResizer.enabled -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ printf "%s-nanny" (include "metrics-server.fullname" .)  }}
+  namespace: kube-system
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ include "metrics-server.addonResizer.role" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "metrics-server.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/rolebinding.yaml
+++ b/charts/metrics-server-metrics-server/templates/rolebinding.yaml
@ -0,0 +1,17 @@
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ printf "%s-auth-reader" (include "metrics-server.fullname" .)  }}
+  namespace: kube-system
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: extension-apiserver-authentication-reader
+subjects:
+  - kind: ServiceAccount
+    name: {{ include "metrics-server.serviceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/service.yaml
+++ b/charts/metrics-server-metrics-server/templates/service.yaml
@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "metrics-server.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+  {{- with .Values.service.labels -}}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - name: https
+      port: {{ .Values.service.port }}
+      protocol: TCP
+      targetPort: https
+  selector:
+    {{- include "metrics-server.selectorLabels" . | nindent 4 }}
--- a/charts/metrics-server-metrics-server/templates/serviceaccount.yaml
+++ b/charts/metrics-server-metrics-server/templates/serviceaccount.yaml
@ -0,0 +1,17 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "metrics-server.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- with .Values.serviceAccount.secrets }}
+secrets:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end -}}
--- a/charts/metrics-server-metrics-server/templates/servicemonitor.yaml
+++ b/charts/metrics-server-metrics-server/templates/servicemonitor.yaml
@ -0,0 +1,40 @@
+{{- if and .Values.serviceMonitor.enabled .Values.metrics.enabled -}}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "metrics-server.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "metrics-server.labels" . | nindent 4 }}
+    {{- with .Values.serviceMonitor.additionalLabels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  jobLabel: {{ .Release.Name }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "metrics-server.selectorLabels" . | nindent 6 }}
+  endpoints:
+    - port: https
+      path: /metrics
+      scheme: https
+      tlsConfig:
+        insecureSkipVerify: true
+      {{- with .Values.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.scrapeTimeout  }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.serviceMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+{{- end -}}