summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWitek Bedyk <witold.bedyk@suse.com>2019-02-13 12:20:42 +0100
committerWitek Bedyk <witold.bedyk@suse.com>2019-02-13 21:57:18 +0100
commitd632474b4d655d44b3c87171983b359fa6ad608a (patch)
tree4a6b2f89f2631982539ee062168faba37b9c2161
parent5fa68b90dfafbde1a011929cbb1f7df78ae93978 (diff)
Copy Monasca charts from monasca-helm repository
As discussed in the team meeting [1] this commit copies the Monasca charts from monasca/monasca-helm repository. The goal is to adapt these charts to OSH standards and patterns, and then move them to openstack-helm and openstack-helm-infra repositories accordingly. [1] http://eavesdrop.openstack.org/meetings/openstack_helm/2019/openstack_helm.2019-02-12-15.01.html Change-Id: I261187de943046b7314ae6ab6b0f997624952d5e
Notes
Notes (review): Code-Review+2: Steve Wilkerson <wilkers.steve@gmail.com> Code-Review+1: Jean-Philippe Evrard <jean-philippe@evrard.me> Code-Review+2: Chris Wedgwood <cw@f00f.org> Workflow+1: Chris Wedgwood <cw@f00f.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 16 Feb 2019 17:46:36 +0000 Reviewed-on: https://review.openstack.org/636597 Project: openstack/openstack-helm-addons Branch: refs/heads/master
-rw-r--r--Makefile4
-rw-r--r--influxdb/.helmignore21
-rw-r--r--influxdb/Chart.yaml14
-rw-r--r--influxdb/README.md99
-rw-r--r--influxdb/templates/NOTES.txt15
-rw-r--r--influxdb/templates/_helpers.tpl16
-rw-r--r--influxdb/templates/config.yaml149
-rw-r--r--influxdb/templates/deployment.yaml127
-rw-r--r--influxdb/templates/post-install-set-auth.yaml43
-rw-r--r--influxdb/templates/pvc.yaml24
-rw-r--r--influxdb/templates/secret.yaml18
-rw-r--r--influxdb/templates/service.yaml48
-rw-r--r--influxdb/values.yaml231
-rw-r--r--kafka/.helmignore21
-rw-r--r--kafka/Chart.yaml4
-rw-r--r--kafka/README.md36
-rw-r--r--kafka/templates/_helpers.tpl25
-rw-r--r--kafka/templates/cleanup-hook.yaml47
-rw-r--r--kafka/templates/cleanup-role.yaml25
-rw-r--r--kafka/templates/cleanup-rolebinding.yaml26
-rw-r--r--kafka/templates/cleanup-serviceaccount.yaml12
-rw-r--r--kafka/templates/deployment.yaml124
-rw-r--r--kafka/templates/exporter-configmap.yaml50
-rw-r--r--kafka/templates/init-job.yaml49
-rw-r--r--kafka/templates/pvc.yaml18
-rw-r--r--kafka/templates/static-svc.yaml19
-rw-r--r--kafka/templates/svc.yaml17
-rw-r--r--kafka/values.yaml93
-rw-r--r--keystone-init/.helmignore21
-rw-r--r--keystone-init/Chart.yaml4
-rw-r--r--keystone-init/templates/NOTES.txt0
-rw-r--r--keystone-init/templates/_helpers.tpl24
-rw-r--r--keystone-init/templates/_keystone_env.tpl150
-rw-r--r--keystone-init/templates/cleanup-hook.yaml47
-rw-r--r--keystone-init/templates/cleanup-role.yaml25
-rw-r--r--keystone-init/templates/cleanup-rolebinding.yaml26
-rw-r--r--keystone-init/templates/cleanup-serviceaccount.yaml12
-rw-r--r--keystone-init/templates/keystone-init-job.yaml51
-rw-r--r--keystone-init/templates/keystone-preload-configmap.yaml12
-rw-r--r--keystone-init/templates/keystone-role.yaml25
-rw-r--r--keystone-init/templates/keystone-rolebinding.yaml26
-rw-r--r--keystone-init/templates/keystone-serviceaccount.yaml12
-rw-r--r--keystone-init/values.yaml109
-rw-r--r--monasca-agent/.helmignore21
-rw-r--r--monasca-agent/Chart.yaml9
-rw-r--r--monasca-agent/templates/_helpers.tpl16
-rw-r--r--monasca-agent/templates/configmap.yaml14
-rw-r--r--monasca-agent/templates/daemonset.yaml124
-rw-r--r--monasca-agent/templates/deployment.yaml143
-rw-r--r--monasca-agent/templates/role.yaml32
-rw-r--r--monasca-agent/values.yaml56
-rw-r--r--monasca-alarms/Chart.yaml9
-rw-r--r--monasca-alarms/README.md112
-rw-r--r--monasca-alarms/templates/_helpers.tpl16
-rw-r--r--monasca-alarms/templates/alarms.yaml68
-rw-r--r--monasca-alarms/values.yaml9
-rw-r--r--monasca/.helmignore21
-rw-r--r--monasca/Chart.yaml9
-rw-r--r--monasca/README.md574
-rw-r--r--monasca/requirements.yaml21
-rw-r--r--monasca/templates/_helpers.tpl160
-rw-r--r--monasca/templates/_secret_env.tpl155
-rw-r--r--monasca/templates/agent-clusterrole.yaml30
-rw-r--r--monasca/templates/agent-clusterrolebinding.yaml20
-rw-r--r--monasca/templates/agent-configmap.yaml14
-rw-r--r--monasca/templates/agent-daemonset.yaml159
-rw-r--r--monasca/templates/agent-deployment.yaml157
-rw-r--r--monasca/templates/agent-serviceaccount.yaml12
-rw-r--r--monasca/templates/aggregator-configmap.yaml14
-rw-r--r--monasca/templates/aggregator-deployment.yaml52
-rw-r--r--monasca/templates/alarm-definition-controller-deployment.yaml59
-rw-r--r--monasca/templates/alarm-definition-resource.yaml9
-rw-r--r--monasca/templates/alarms-configmap.yaml14
-rw-r--r--monasca/templates/alarms-init-job.yaml82
-rw-r--r--monasca/templates/api-deployment.yaml167
-rw-r--r--monasca/templates/api-svc.yaml21
-rw-r--r--monasca/templates/cleanup-hook.yaml47
-rw-r--r--monasca/templates/cleanup-role.yaml25
-rw-r--r--monasca/templates/cleanup-rolebinding.yaml26
-rw-r--r--monasca/templates/cleanup-serviceaccount.yaml12
-rw-r--r--monasca/templates/client-deployment.yaml48
-rw-r--r--monasca/templates/forwarder-configmap.yaml14
-rw-r--r--monasca/templates/forwarder-deployment.yaml68
-rw-r--r--monasca/templates/grafana-configmap.yaml37
-rw-r--r--monasca/templates/grafana-deployment.yaml76
-rw-r--r--monasca/templates/grafana-init-job.yaml41
-rw-r--r--monasca/templates/grafana-svc.yaml24
-rw-r--r--monasca/templates/influx-init-job.yaml31
-rw-r--r--monasca/templates/keystone-configmap.yaml63
-rw-r--r--monasca/templates/keystone-deployment.yaml85
-rw-r--r--monasca/templates/keystone-svc.yaml30
-rw-r--r--monasca/templates/memcached-deployment.yaml29
-rw-r--r--monasca/templates/memcached-svc.yaml24
-rw-r--r--monasca/templates/mysql-api-secret.yaml13
-rw-r--r--monasca/templates/mysql-grafana-secret.yaml17
-rw-r--r--monasca/templates/mysql-init-job.yaml128
-rw-r--r--monasca/templates/mysql-keystone-secret.yaml13
-rw-r--r--monasca/templates/mysql-notification-secret.yaml13
-rw-r--r--monasca/templates/mysql-thresh-secret.yaml13
-rw-r--r--monasca/templates/notification-deployment.yaml141
-rw-r--r--monasca/templates/notification-hipchat-configmap.yaml17
-rw-r--r--monasca/templates/persister-deployment.yaml59
-rw-r--r--monasca/templates/smoke-test-pod.yaml44
-rw-r--r--monasca/templates/static-api-svc.yaml23
-rw-r--r--monasca/templates/static-keystone-svc.yaml32
-rw-r--r--monasca/templates/tempest-tests-pod.yaml61
-rw-r--r--monasca/templates/thresh-deployment.yaml135
-rw-r--r--monasca/templates/thresh-init-job.yaml119
-rw-r--r--monasca/values.yaml1650
-rw-r--r--mysql-users-init/.helmignore21
-rw-r--r--mysql-users-init/Chart.yaml4
-rw-r--r--mysql-users-init/templates/NOTES.txt0
-rw-r--r--mysql-users-init/templates/_helpers.tpl46
-rw-r--r--mysql-users-init/templates/cleanup-hook.yaml47
-rw-r--r--mysql-users-init/templates/cleanup-role.yaml25
-rw-r--r--mysql-users-init/templates/cleanup-rolebinding.yaml26
-rw-r--r--mysql-users-init/templates/cleanup-serviceaccount.yaml12
-rw-r--r--mysql-users-init/templates/mysql-users-init-job.yaml52
-rw-r--r--mysql-users-init/templates/mysql-users-init-role.yaml25
-rw-r--r--mysql-users-init/templates/mysql-users-init-rolebinding.yaml26
-rw-r--r--mysql-users-init/templates/mysql-users-init-serviceaccount.yaml12
-rw-r--r--mysql-users-init/templates/mysql-users-preload-configmap.yaml12
-rw-r--r--mysql-users-init/values.yaml72
-rw-r--r--storm/.helmignore21
-rw-r--r--storm/Chart.yaml4
-rw-r--r--storm/README.md41
-rw-r--r--storm/templates/NOTES.txt0
-rw-r--r--storm/templates/_helpers.tpl24
-rw-r--r--storm/templates/nimbus-deployment.yaml50
-rw-r--r--storm/templates/nimbus-pvc.yaml21
-rw-r--r--storm/templates/nimbus-svc.yaml20
-rw-r--r--storm/templates/supervisor-deployment.yaml60
-rw-r--r--storm/values.yaml35
-rw-r--r--zookeeper/.helmignore21
-rw-r--r--zookeeper/Chart.yaml4
-rw-r--r--zookeeper/README.md28
-rw-r--r--zookeeper/templates/_helpers.tpl16
-rw-r--r--zookeeper/templates/zookeeper-configmap.yaml29
-rw-r--r--zookeeper/templates/zookeeper-deployment.yaml88
-rw-r--r--zookeeper/templates/zookeeper-pvc.yaml18
-rw-r--r--zookeeper/templates/zookeeper-static-svc.yaml22
-rw-r--r--zookeeper/templates/zookeeper-svc.yaml20
-rw-r--r--zookeeper/values.yaml45
143 files changed, 8402 insertions, 1 deletions
diff --git a/Makefile b/Makefile
index 69eba46..fc5ec82 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,9 @@ SHELL := /bin/bash
18HELM := helm 18HELM := helm
19TASK := build 19TASK := build
20 20
21EXCLUDES := helm-toolkit doc tests tools logs tmp 21EXCLUDES := helm-toolkit doc tests tools logs tmp influxdb kafka \
22 keystone-init monasca-agent monasca-alarms monasca mysql-users-init storm \
23 zookeeper
22CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) 24CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
23 25
24.PHONY: $(EXCLUDES) $(CHARTS) 26.PHONY: $(EXCLUDES) $(CHARTS)
diff --git a/influxdb/.helmignore b/influxdb/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/influxdb/.helmignore
@@ -0,0 +1,21 @@
1# Patterns to ignore when building packages.
2# This supports shell glob matching, relative path matching, and
3# negation (prefixed with !). Only one pattern per line.
4.DS_Store
5# Common VCS dirs
6.git/
7.gitignore
8.bzr/
9.bzrignore
10.hg/
11.hgignore
12.svn/
13# Common backup files
14*.swp
15*.bak
16*.tmp
17*~
18# Various IDEs
19.project
20.idea/
21*.tmproj
diff --git a/influxdb/Chart.yaml b/influxdb/Chart.yaml
new file mode 100644
index 0000000..2f8e498
--- /dev/null
+++ b/influxdb/Chart.yaml
@@ -0,0 +1,14 @@
1name: influxdb
2version: 0.6.2-0.0.2
3description: Scalable datastore for metrics, events, and real-time analytics.
4keywords:
5- influxdb
6- database
7- timeseries
8home: https://www.influxdata.com/time-series-platform/influxdb/
9sources:
10- https://github.com/influxdata/influxdb
11maintainers:
12- name: Jack Zampolin
13 email: jack@influxdb.com
14engine: gotpl
diff --git a/influxdb/README.md b/influxdb/README.md
new file mode 100644
index 0000000..6b21c39
--- /dev/null
+++ b/influxdb/README.md
@@ -0,0 +1,99 @@
1# InfluxDB
2
3## An Open-Source Time Series Database
4
5[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series database built by the folks over at [InfluxData](https://influxdata.com) with no external dependencies. It's useful for recording metrics, events, and performing analytics.
6
7## QuickStart
8
9```bash
10$ helm install stable/influxdb --name foo --namespace bar
11```
12
13## Introduction
14
15This chart bootstraps an InfluxDB deployment and service on a Kubernetes cluster using the Helm Package manager.
16
17## Prerequisites
18
19- Kubernetes 1.4+
20- PV provisioner support in the underlying infrastructure (optional)
21
22## Installing the Chart
23
24To install the chart with the release name `my-release`:
25
26```bash
27$ helm install --name my-release stable/influxdb
28```
29
30The command deploys InfluxDB on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
31
32> **Tip**: List all releases using `helm list`
33
34## Uninstalling the Chart
35
36To uninstall/delete the `my-release` deployment:
37
38```bash
39$ helm delete my-release --purge
40```
41
42The command removes all the Kubernetes components associated with the chart and deletes the release.
43
44## Configuration
45
46The default configuration values for this chart are listed in `values.yaml`.
47
48The [full image documentation](https://hub.docker.com/_/influxdb/) contains more information about running InfluxDB in docker.
49
50Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
51
52```bash
53$ helm install --name my-release \
54 --set persistence.enabled=true,persistence.size=200Gi \
55 stable/influxdb
56```
57
58The above command enables persistence and changes the size of the requested data volume to 200GB.
59
60Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
61
62```bash
63$ helm install --name my-release -f values.yaml stable/influxdb
64```
65
66> **Tip**: You can use the default [values.yaml](values.yaml)
67
68### InfluxDB Watcher Configuration
69
70Parameter | Description | Default
71--------- | ----------- | -------
72`watcher.enabled` | InfluxDB watcher enabled flag | `false`
73`watcher.image.repository` | InfluxDB watcher container image repository | `monasca/influxdb-watcher`
74`watcher.image.tag` | InfluxDB watcher container image tag | `latest`
75`watcher.image.pullPolicy` | InfluxDB watcher container image pull policy | `IfNotPresent`
76`watcher.address` | InfluxDB service address | `http://localhost:8086`
77`watcher.username` | InfluxDB username with read/write privileges | `influxdb_watcher`
78`watcher.password` | InfluxDB password | `password`
79`watcher.database` | InfluxDB database | `mon`
80`watcher.watcher_period` | InfluxDB watcher period | `600`
81`watcher.watcher_timeout` | InfluxDB watcher read/write timeout | `60`
82`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
83`watcher.port` | InfluxDB watcher port to expose Promethues metrics on | `8080`
84
85## Persistence
86
87The [InfluxDB](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb` directory in the container.
88
89The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning.
90
91## Starting with authentication
92
93In `values.yaml` change `.Values.config.http.auth_enabled` to `true`.
94
95Influxdb requires also a user to be set in order for authentication to be enforced. See more details [here](https://docs.influxdata.com/influxdb/v1.2/query_language/authentication_and_authorization/#set-up-authentication).
96
97To handle this setup on startup, a job can be enabled in `values.yaml` by setting `.Values.setDefaultUser.enabled` to `true`.
98
99Make sure to uncomment or configure the job settings after enabling it. If a password is not set, a random password will be generated.
diff --git a/influxdb/templates/NOTES.txt b/influxdb/templates/NOTES.txt
new file mode 100644
index 0000000..1e759c3
--- /dev/null
+++ b/influxdb/templates/NOTES.txt
@@ -0,0 +1,15 @@
1InfluxDB can be accessed via port {{ .Values.config.http.bind_address }} on the following DNS name from within your cluster:
2
3- http://{{ template "influxdb.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.config.http.bind_address }}
4
5You can easily connect to the remote instance with your local influx cli. To forward the API port to localhost:8086 run the following:
6
7- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }') 8086:{{ .Values.config.http.bind_address }}
8
9You can also connect to the influx cli from inside the container. To open a shell session in the InfluxDB pod run the following:
10
11- kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
12
13To tail the logs for the InfluxDB pod run the following:
14
15- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }')
diff --git a/influxdb/templates/_helpers.tpl b/influxdb/templates/_helpers.tpl
new file mode 100644
index 0000000..7643a6f
--- /dev/null
+++ b/influxdb/templates/_helpers.tpl
@@ -0,0 +1,16 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "influxdb.name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "influxdb.fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}}
diff --git a/influxdb/templates/config.yaml b/influxdb/templates/config.yaml
new file mode 100644
index 0000000..64f2c0c
--- /dev/null
+++ b/influxdb/templates/config.yaml
@@ -0,0 +1,149 @@
1
2apiVersion: v1
3kind: ConfigMap
4metadata:
5 name: {{ template "influxdb.fullname" . }}
6 labels:
7 app: {{ template "influxdb.fullname" . }}
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 release: "{{ .Release.Name }}"
10 heritage: "{{ .Release.Service }}"
11data:
12 influxdb.conf: |+
13 reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
14 bind-address = ":{{ .Values.config.bind_address }}"
15
16 [meta]
17 dir = "{{ .Values.config.storage_directory }}/meta"
18 retention-autocreate = {{ .Values.config.meta.retention_autocreate }}
19 logging-enabled = {{ .Values.config.meta.logging_enabled }}
20
21 [data]
22 dir = "{{ .Values.config.storage_directory }}/data"
23 wal-dir = "{{ .Values.config.storage_directory }}/wal"
24 index-version = "{{ .Values.config.data.index_version }}"
25 query-log-enabled = {{ .Values.config.data.query_log_enabled }}
26 cache-max-memory-size = {{ .Values.config.data.cache_max_memory_size | int64 }}
27 cache-snapshot-memory-size = {{ .Values.config.data.cache_snapshot_memory_size | int64 }}
28 cache-snapshot-write-cold-duration = "{{ .Values.config.data.cache_snapshot_write_cold_duration }}"
29 compact-full-write-cold-duration = "{{ .Values.config.data.compact_full_write_cold_duration }}"
30 max-series-per-database = {{ .Values.config.data.max_series_per_database | int64 }}
31 max-values-per-tag = {{ .Values.config.data.max_values_per_tag | int64 }}
32 trace-logging-enabled = {{ .Values.config.data.trace_logging_enabled }}
33
34 [coordinator]
35 write-timeout = "{{ .Values.config.coordinator.write_timeout }}"
36 max-concurrent-queries = {{ .Values.config.coordinator.max_concurrent_queries | int64 }}
37 query-timeout = "{{ .Values.config.coordinator.query_timeout }}"
38 log-queries-after = "{{ .Values.config.coordinator.log_queries_after }}"
39 max-select-point = {{ .Values.config.coordinator.max_select_point | int64 }}
40 max-select-series = {{ .Values.config.coordinator.max_select_series | int64 }}
41 max-select-buckets = {{ .Values.config.coordinator.max_select_buckets | int64 }}
42
43 [retention]
44 enabled = {{ .Values.config.retention.enabled }}
45 check-interval = "{{ .Values.config.retention.check_interval }}"
46
47 [shard-precreation]
48 enabled = {{ .Values.config.shard_precreation.enabled }}
49 check-interval = "{{ .Values.config.shard_precreation.check_interval }}"
50 advance-period = "{{ .Values.config.shard_precreation.advance_period }}"
51
52 [admin]
53 enabled = {{ .Values.config.admin.enabled }}
54 bind-address = ":{{ .Values.config.admin.bind_address }}"
55 https-enabled = {{ .Values.config.admin.https_enabled }}
56 https-certificate = "{{ .Values.config.admin.https_certificate }}"
57
58 [monitor]
59 store-enabled = {{ .Values.config.monitor.store_enabled }}
60 store-database = "{{ .Values.config.monitor.store_database }}"
61 store-interval = "{{ .Values.config.monitor.store_interval }}"
62
63 [subscriber]
64 enabled = {{ .Values.config.subscriber.enabled }}
65 http-timeout = "{{ .Values.config.subscriber.http_timeout }}"
66 insecure-skip-verify = {{ .Values.config.subscriber.insecure_skip_verify }}
67 ca-certs = "{{ .Values.config.subscriber.ca_certs }}"
68 write-concurrency = {{ .Values.config.subscriber.write_concurrency | int64 }}
69 write-buffer-size = {{ .Values.config.subscriber.write_buffer_size | int64 }}
70
71 [http]
72 enabled = {{ .Values.config.http.enabled }}
73 bind-address = ":{{ .Values.config.http.bind_address }}"
74 auth-enabled = {{ .Values.config.http.auth_enabled }}
75 log-enabled = {{ .Values.config.http.log_enabled }}
76 write-tracing = {{ .Values.config.http.write_tracing }}
77 pprof-enabled = {{ .Values.config.http.pprof_enabled }}
78 https-enabled = {{ .Values.config.http.https_enabled }}
79 https-certificate = "{{ .Values.config.http.https_certificate }}"
80 https-private-key = "{{ .Values.config.http.https_private_key }}"
81 max-row-limit = {{ .Values.config.http.max_row_limit | int64 }}
82 max-connection-limit = {{ .Values.config.http.max_connection_limit | int64 }}
83 shared-secret = "{{ .Values.config.http.shared_secret }}"
84 realm = "{{ .Values.config.http.realm }}"
85 unix-socket-enabled = {{ .Values.config.http.unix_socket_enabled }}
86 bind-socket = "{{ .Values.config.http.bind_socket }}"
87
88 # TODO: allow multiple graphite listeners with templates
89
90 [[graphite]]
91 enabled = {{ .Values.config.graphite.enabled }}
92 bind-address = ":{{ .Values.config.graphite.bind_address }}"
93 database = "{{ .Values.config.graphite.database }}"
94 retention-policy = "{{ .Values.config.graphite.retention_policy }}"
95 protocol = "{{ .Values.config.graphite.protocol }}"
96 batch-size = {{ .Values.config.graphite.batch_size | int64 }}
97 batch-pending = {{ .Values.config.graphite.batch_pending | int64 }}
98 batch-timeout = "{{ .Values.config.graphite.batch_timeout }}"
99 consistency-level = "{{ .Values.config.graphite.consistency_level }}"
100 separator = "{{ .Values.config.graphite.separator }}"
101 udp-read-buffer = {{ .Values.config.graphite.udp_read_buffer | int64 }}
102
103 # TODO: allow multiple collectd listeners with templates
104
105 [[collectd]]
106 enabled = {{ .Values.config.collectd.enabled }}
107 bind-address = ":{{ .Values.config.collectd.bind_address }}"
108 database = "{{ .Values.config.collectd.database }}"
109 retention-policy = "{{ .Values.config.collectd.retention_policy }}"
110 batch-size = {{ .Values.config.collectd.batch_size | int64 }}
111 batch-pending = {{ .Values.config.collectd.batch_pending | int64 }}
112 batch-timeout = "{{ .Values.config.collectd.batch_timeout }}"
113 read-buffer = {{ .Values.config.collectd.read_buffer | int64 }}
114 typesdb = "{{ .Values.config.collectd.typesdb }}"
115 security-level = "{{ .Values.config.collectd.security_level }}"
116 auth-file = "{{ .Values.config.collectd.auth_file }}"
117
118 # TODO: allow multiple opentsdb listeners with templates
119
120 [[opentsdb]]
121 enabled = {{ .Values.config.opentsdb.enabled }}
122 bind-address = ":{{ .Values.config.opentsdb.bind_address }}"
123 database = "{{ .Values.config.opentsdb.database }}"
124 retention-policy = "{{ .Values.config.opentsdb.retention_policy }}"
125 consistency-level = "{{ .Values.config.opentsdb.consistency_level }}"
126 tls-enabled = {{ .Values.config.opentsdb.tls_enabled }}
127 certificate = "{{ .Values.config.opentsdb.certificate }}"
128 batch-size = {{ .Values.config.opentsdb.batch_size | int64 }}
129 batch-pending = {{ .Values.config.opentsdb.batch_pending | int64 }}
130 batch-timeout = "{{ .Values.config.opentsdb.batch_timeout }}"
131 log-point-errors = {{ .Values.config.opentsdb.log_point_errors }}
132
133 # TODO: allow multiple udp listeners with templates
134
135 [[udp]]
136 enabled = {{ .Values.config.udp.enabled }}
137 bind-address = ":{{ .Values.config.udp.bind_address }}"
138 database = "{{ .Values.config.udp.database }}"
139 retention-policy = "{{ .Values.config.udp.retention_policy }}"
140 batch-size = {{ .Values.config.udp.batch_size | int64 }}
141 batch-pending = {{ .Values.config.udp.batch_pending | int64 }}
142 read-buffer = {{ .Values.config.udp.read_buffer | int64 }}
143 batch-timeout = "{{ .Values.config.udp.batch_timeout }}"
144 precision = "{{ .Values.config.udp.precision }}"
145
146 [continuous_queries]
147 log-enabled = {{ .Values.config.continuous_queries.log_enabled }}
148 enabled = {{ .Values.config.continuous_queries.enabled }}
149 run-interval = "{{ .Values.config.continuous_queries.run_interval }}"
diff --git a/influxdb/templates/deployment.yaml b/influxdb/templates/deployment.yaml
new file mode 100644
index 0000000..069a5a2
--- /dev/null
+++ b/influxdb/templates/deployment.yaml
@@ -0,0 +1,127 @@
1apiVersion: extensions/v1beta1
2kind: Deployment
3metadata:
4 name: {{ template "influxdb.fullname" . }}
5 labels:
6 app: {{ template "influxdb.fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10spec:
11 replicas: 1
12 template:
13 metadata:
14 labels:
15 app: {{ template "influxdb.fullname" . }}
16 {{- if .Values.watcher.enabled }}
17 annotations:
18 prometheus.io/scrape: "true"
19 prometheus.io/port: "{{ .Values.watcher.port }}"
20 monasca.io/usek8slabels: "false"
21 monasca.io/whitelist: |
22 - influxdb_average_round_trip_time
23 - influxdb_dropped_message_count
24 - influxdb_max_round_trip_time
25 - influxdb_min_round_trip_time
26 - influxdb_read_failure_count
27 - influxdb_running_average_round_trip_time
28 - influxdb_watcher_status
29 - influxdb_write_failure_count
30 - go_memstats_heap_objects
31 - go_memstats_heap_inuse_bytes
32 {{- end }}
33 spec:
34 containers:
35 - name: {{ template "influxdb.fullname" . }}
36 image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
37 imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
38 resources:
39{{ toYaml .Values.resources | indent 10 }}
40 ports:
41 - name: api
42 containerPort: {{ .Values.config.http.bind_address }}
43 {{ if .Values.config.admin.enabled -}}
44 - name: admin
45 containerPort: {{ .Values.config.admin.bind_address }}
46 {{- end }}
47 {{ if .Values.config.graphite.enabled -}}
48 - name: graphite
49 containerPort: {{ .Values.config.graphite.bind_address }}
50 {{- end }}
51 {{ if .Values.config.collectd.enabled -}}
52 - name: collectd
53 containerPort: {{ .Values.config.collectd.bind_address }}
54 {{- end }}
55 {{ if .Values.config.udp.enabled -}}
56 - name: udp
57 containerPort: {{ .Values.config.udp.bind_address }}
58 {{- end }}
59 {{ if .Values.config.opentsdb.enabled -}}
60 - name: opentsdb
61 containerPort: {{ .Values.config.opentsdb.bind_address }}
62 {{- end }}
63 {{- if .Values.watcher.enabled }}
64 - name: metrics
65 containerPort: {{ .Values.watcher.port }}
66 {{- end }}
67 livenessProbe:
68 httpGet:
69 path: /ping
70 port: api
71 initialDelaySeconds: {{ .Values.liveness.initial_delay_seconds }}
72 timeoutSeconds: {{ .Values.liveness.timeout_seconds }}
73 readinessProbe:
74 httpGet:
75 path: /ping
76 port: api
77 initialDelaySeconds: {{ .Values.readiness.initial_delay_seconds }}
78 timeoutSeconds: {{ .Values.readiness.timeout_seconds }}
79 volumeMounts:
80 - name: data
81 mountPath: {{ .Values.config.storage_directory }}
82 - name: config
83 mountPath: /etc/influxdb
84 {{- if .Values.watcher.enabled }}
85 - name: watcher
86 image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
87 imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
88 resources:
89{{ toYaml .Values.watcher.resources | indent 12 }}
90 env:
91 - name: INFLUXDB_ADDRESS
92 value: {{ .Values.watcher.address | quote }}
93 - name: INFLUXDB_USERNAME
94 value: {{ .Values.watcher.username | quote }}
95 - name: INFLUXDB_PASSWORD
96 value: {{ .Values.watcher.password | quote }}
97 - name: INFLUXDB_DATABASE
98 value: {{ .Values.watcher.database | quote }}
99 - name: PROMETHEUS_ENDPOINT
100 value: "0.0.0.0:{{ .Values.watcher.port }}"
101 - name: WATCHER_PERIOD
102 value: {{ .Values.watcher.watcher_period | quote }}
103 - name: WATCHER_TIMEOUT
104 value: {{ .Values.watcher.watcher_timeout | quote }}
105 - name: STAY_ALIVE_ON_FAILURE
106 value: {{ .Values.watcher.stay_alive_on_failure | quote }}
107 {{- end }}
108 volumes:
109 - name: data
110 {{- if .Values.persistence.enabled }}
111 {{- if not (empty .Values.persistence.name) }}
112 persistentVolumeClaim:
113 claimName: {{ .Values.persistence.name }}
114 {{- else }}
115 persistentVolumeClaim:
116 claimName: {{ template "influxdb.fullname" . }}
117 {{- end }}
118 {{- else }}
119 emptyDir: {}
120 {{- end }}
121 - name: config
122 configMap:
123 name: {{ template "influxdb.fullname" . }}
124 {{- if .Values.nodeSelector }}
125 nodeSelector:
126{{ toYaml .Values.nodeSelector | indent 8 }}
127 {{- end -}}
diff --git a/influxdb/templates/post-install-set-auth.yaml b/influxdb/templates/post-install-set-auth.yaml
new file mode 100644
index 0000000..27abcbe
--- /dev/null
+++ b/influxdb/templates/post-install-set-auth.yaml
@@ -0,0 +1,43 @@
1{{- if .Values.setDefaultUser.enabled -}}
2apiVersion: batch/v1
3kind: Job
4metadata:
5 labels:
6 app: {{ template "influxdb.fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10 name: {{ template "influxdb.fullname" . }}-set-auth
11 annotations:
12 "helm.sh/hook": post-install
13spec:
14 activeDeadlineSeconds: {{ .Values.setDefaultUser.activeDeadlineSeconds }}
15 template:
16 metadata:
17 labels:
18 app: {{ template "influxdb.fullname" . }}
19 release: "{{ .Release.Name }}"
20 spec:
21 containers:
22 - name: {{ template "influxdb.fullname" . }}-set-auth
23 image: "{{ .Values.setDefaultUser.image }}"
24 env:
25 - name: INFLUXDB_USER
26 valueFrom:
27 secretKeyRef:
28 name: {{ template "influxdb.fullname" . }}-auth
29 key: influxdb-user
30 - name: INFLUXDB_PASSWORD
31 valueFrom:
32 secretKeyRef:
33 name: {{ template "influxdb.fullname" . }}-auth
34 key: influxdb-password
35 args:
36 - "/bin/sh"
37 - "-c"
38 - |
39 curl -X POST http://{{ template "influxdb.fullname" . }}:{{ .Values.config.http.bind_address }}/query \
40 --data-urlencode \
41 "q=CREATE USER \"${INFLUXDB_USER}\" WITH PASSWORD '${INFLUXDB_PASSWORD}' {{ .Values.setDefaultUser.user.privileges }}"
42 restartPolicy: {{ .Values.setDefaultUser.restartPolicy }}
43{{- end -}}
diff --git a/influxdb/templates/pvc.yaml b/influxdb/templates/pvc.yaml
new file mode 100644
index 0000000..94a8d7a
--- /dev/null
+++ b/influxdb/templates/pvc.yaml
@@ -0,0 +1,24 @@
1{{- if and (.Values.persistence.enabled) (not .Values.persistence.useExisting) }}
2kind: PersistentVolumeClaim
3apiVersion: v1
4metadata:
5 name: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
6 labels:
7 app: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 release: "{{ .Release.Name }}"
10 heritage: "{{ .Release.Service }}"
11spec:
12 accessModes:
13 - {{ .Values.persistence.accessMode | quote }}
14 resources:
15 requests:
16 storage: {{ .Values.persistence.size | quote }}
17{{- if .Values.persistence.storageClass }}
18{{- if (eq "-" .Values.persistence.storageClass) }}
19 storageClassName: ""
20{{- else }}
21 storageClassName: "{{ .Values.persistence.storageClass }}"
22{{- end }}
23{{- end }}
24{{- end }}
diff --git a/influxdb/templates/secret.yaml b/influxdb/templates/secret.yaml
new file mode 100644
index 0000000..3de724a
--- /dev/null
+++ b/influxdb/templates/secret.yaml
@@ -0,0 +1,18 @@
1{{- if .Values.setDefaultUser.enabled -}}
2apiVersion: v1
3kind: Secret
4metadata:
5 labels:
6 app: {{ template "influxdb.fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 heritage: "{{ .Release.Service }}"
9 release: "{{ .Release.Name }}"
10 name: {{ template "influxdb.fullname" . }}-auth
11data:
12 {{- if .Values.setDefaultUser.user.password }}
13 influxdb-password: {{ .Values.setDefaultUser.user.password | b64enc | quote }}
14 {{- else }}
15 influxdb-password: {{ randAscii 10 | b64enc | quote }}
16 {{- end }}
17 influxdb-user: {{ .Values.setDefaultUser.user.username | b64enc | quote }}
18{{- end -}}
diff --git a/influxdb/templates/service.yaml b/influxdb/templates/service.yaml
new file mode 100644
index 0000000..61a9035
--- /dev/null
+++ b/influxdb/templates/service.yaml
@@ -0,0 +1,48 @@
1apiVersion: v1
2kind: Service
3metadata:
4{{- if .Values.service.annotations }}
5 annotations:
6{{ toYaml .Values.service.annotations | indent 4 }}
7{{- end }}
8 name: {{ template "influxdb.fullname" . }}
9 labels:
10 app: {{ template "influxdb.fullname" . }}
11 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
12 release: "{{ .Release.Name }}"
13 heritage: "{{ .Release.Service }}"
14spec:
15 type: {{ .Values.service.type }}
16 ports:
17 {{- if .Values.config.http.enabled }}
18 - name: api
19 port: {{ .Values.config.http.bind_address }}
20 targetPort: {{ .Values.config.http.bind_address }}
21 {{- end }}
22 {{- if .Values.config.admin.enabled }}
23 - name: admin
24 port: {{ .Values.config.admin.bind_address }}
25 targetPort: {{ .Values.config.admin.bind_address }}
26 {{- end }}
27 {{- if .Values.config.graphite.enabled }}
28 - name: graphite
29 port: {{ .Values.config.graphite.bind_address }}
30 targetPort: {{ .Values.config.graphite.bind_address }}
31 {{- end }}
32 {{- if .Values.config.collectd.enabled }}
33 - name: collectd
34 port: {{ .Values.config.collectd.bind_address }}
35 targetPort: {{ .Values.config.collectd.bind_address }}
36 {{- end }}
37 {{- if .Values.config.udp.enabled }}
38 - name: udp
39 port: {{ .Values.config.udp.bind_address }}
40 targetPort: {{ .Values.config.udp.bind_address }}
41 {{- end }}
42 {{- if .Values.config.opentsdb.enabled }}
43 - name: opentsdb
44 port: {{ .Values.config.opentsdb.bind_address }}
45 targetPort: {{ .Values.config.opentsdb.bind_address }}
46 {{- end }}
47 selector:
48 app: {{ template "influxdb.fullname" . }}
diff --git a/influxdb/values.yaml b/influxdb/values.yaml
new file mode 100644
index 0000000..5c09825
--- /dev/null
+++ b/influxdb/values.yaml
@@ -0,0 +1,231 @@
1## influxdb image version
2## ref: https://hub.docker.com/r/library/influxdb/tags/
3image:
4 repo: "influxdb"
5 tag: "1.3-alpine"
6 pullPolicy: IfNotPresent
7
8## Specify a service type
9## NodePort is default
10## ref: http://kubernetes.io/docs/user-guide/services/
11##
12service:
13 ## Add annotations to service
14 # annotations: {}
15 type: ClusterIP
16
17## Persist data to a persistent volume
18##
19persistence:
20 enabled: false
21 ## If true will use an existing PVC instead of creating one
22 # useExisting: false
23 ## Name of existing PVC to be used in the influx deployment
24 # name:
25 ## influxdb data Persistent Volume Storage Class
26 ## If defined, storageClassName: <storageClass>
27 ## If set to "-", storageClassName: "", which disables dynamic provisioning
28 ## If undefined (the default) or set to null, no storageClassName spec is
29 ## set, choosing the default provisioner. (gp2 on AWS, standard on
30 ## GKE, AWS & OpenStack)
31 ##
32 # storageClass: "-"
33 accessMode: ReadWriteOnce
34 size: 8Gi
35
36## Create default user through Kubernetes job
37## Defaults indicated below
38##
39setDefaultUser:
40 enabled: false
41
42 ## Image of the container used for job
43 ## Default: appropriate/curl:latest
44 ##
45 image: appropriate/curl:latest
46
47 ## Deadline for job so it does not retry forever.
48 ## Default: activeDeadline: 300
49 ##
50 activeDeadline: 300
51
52 ## Restart policy for job
53 ## Default: OnFailure
54 restartPolicy: OnFailure
55
56 user:
57
58 ## The user name
59 ## Default: "admin"
60 username: "admin"
61
62 ## User password
63 ## Default: (Randomly generated 10 characters of Ascii)
64 # password:
65
66 ## User privileges
67 ## Default: "WITH ALL PRIVILEGES"
68 privileges: "WITH ALL PRIVILEGES"
69
70## Configure resource requests and limits
71## ref: http://kubernetes.io/docs/user-guide/compute-resources/
72resources:
73 requests:
74 memory: 256Mi
75 cpu: 0.1
76 limits:
77 memory: 16Gi
78 cpu: 8
79
80## Node labels for pod assignment
81## Ref: https://kubernetes.io/docs/user-guide/node-selection/
82##
83nodeSelector: {}
84
85## Liveness and Readiness check settings
86liveness:
87 initial_delay_seconds: 30
88 timeout_seconds: 5
89readiness:
90 initial_delay_seconds: 30
91 timeout_seconds: 1
92
93## Change InfluxDB configuration paramaters below:
94## Defaults are indicated
95## ref: https://docs.influxdata.com/influxdb/v1.1/administration/config/
96config:
97 reporting_disabled: false
98 bind_address: 8088
99 storage_directory: /var/lib/influxdb
100 meta:
101 retention_autocreate: true
102 logging_enabled: true
103 data:
104 query_log_enabled: true
105 index_version: inmem
106 cache_max_memory_size: 1073741824
107 cache_snapshot_memory_size: 26214400
108 cache_snapshot_write_cold_duration: 10m0s
109 compact_full_write_cold_duration: 4h0m0s
110 max_series_per_database: 1000000
111 max_values_per_tag: 100000
112 trace_logging_enabled: false
113 coordinator:
114 write_timeout: 10s
115 max_concurrent_queries: 0
116 query_timeout: 0s
117 log_queries_after: 0s
118 max_select_point: 0
119 max_select_series: 0
120 max_select_buckets: 0
121 retention:
122 enabled: true
123 check_interval: 30m0s
124 shard_precreation:
125 enabled: true
126 check_interval: 10m0s
127 advance_period: 30m0s
128 admin:
129 enabled: false
130 bind_address: 8083
131 https_enabled: false
132 https_certificate: /etc/ssl/influxdb.pem
133 monitor:
134 store_enabled: true
135 store_database: _internal
136 store_interval: 10s
137 subscriber:
138 enabled: true
139 http_timeout: 30s
140 insecure_skip_verify: false
141 ca_certs: ""
142 write_concurrency: 40
143 write_buffer_size: 1000
144 http:
145 enabled: true
146 bind_address: 8086
147 auth_enabled: false
148 log_enabled: true
149 write_tracing: false
150 pprof_enabled: true
151 https_enabled: false
152 https_certificate: /etc/ssl/influxdb.pem
153 https_private_key: ""
154 max_row_limit: 10000
155 max_connection_limit: 0
156 shared_secret: "beetlejuicebeetlejuicebeetlejuice"
157 realm: InfluxDB
158 unix_socket_enabled: false
159 bind_socket: /var/run/influxdb.sock
160 graphite:
161 enabled: false
162 bind_address: 2003
163 database: graphite
164 retention_policy: autogen
165 protocol: tcp
166 batch_size: 5000
167 batch_pending: 10
168 batch_timeout: 1s
169 consistency_level: one
170 separator: .
171 udp_read_buffer: 0
172 collectd:
173 enabled: false
174 bind_address: 25826
175 database: collectd
176 retention_policy: autogen
177 batch_size: 5000
178 batch_pending: 10
179 batch_timeout: 10s
180 read_buffer: 0
181 typesdb: /usr/share/collectd/types.db
182 security_level: none
183 auth_file: /etc/collectd/auth_file
184 opentsdb:
185 enabled: false
186 bind_address: 4242
187 database: opentsdb
188 retention_policy: autogen
189 consistency_level: one
190 tls_enabled: false
191 certificate: /etc/ssl/influxdb.pem
192 batch_size: 1000
193 batch_pending: 5
194 batch_timeout: 1s
195 log_point_errors: true
196 udp:
197 enabled: false
198 bind_address: 8089
199 database: udp
200 retention_policy: autogen
201 batch_size: 5000
202 batch_pending: 10
203 read_buffer: 0
204 batch_timeout: 1s
205 precision: "ns"
206 continuous_queries:
207 log_enabled: true
208 enabled: true
209 run_interval: 1s
210
211watcher:
212 enabled: false
213 image:
214 repository: monasca/influxdb-watcher
215 tag: 0.0.2
216 pullPolicy: IfNotPresent
217 resources:
218 requests:
219 memory: 32Mi
220 cpu: 25m
221 limits:
222 memory: 64Mi
223 cpu: 50m
224 port: 8080
225 address: http://localhost:8086
226 username: influxdb_watcher
227 password: password
228 database: mon
229 watcher_period: 600
230 watcher_timeout: 60
231 stay_alive_on_failure: false
diff --git a/kafka/.helmignore b/kafka/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kafka/.helmignore
@@ -0,0 +1,21 @@
1# Patterns to ignore when building packages.
2# This supports shell glob matching, relative path matching, and
3# negation (prefixed with !). Only one pattern per line.
4.DS_Store
5# Common VCS dirs
6.git/
7.gitignore
8.bzr/
9.bzrignore
10.hg/
11.hgignore
12.svn/
13# Common backup files
14*.swp
15*.bak
16*.tmp
17*~
18# Various IDEs
19.project
20.idea/
21*.tmproj
diff --git a/kafka/Chart.yaml b/kafka/Chart.yaml
new file mode 100644
index 0000000..581f1f5
--- /dev/null
+++ b/kafka/Chart.yaml
@@ -0,0 +1,4 @@
1apiVersion: v1
2description: A Helm chart for Kafka
3name: kafka
4version: 0.4.3
diff --git a/kafka/README.md b/kafka/README.md
new file mode 100644
index 0000000..313884c
--- /dev/null
+++ b/kafka/README.md
@@ -0,0 +1,36 @@
1### Kafka Configuration parameters
2
3Parameter | Description | Default
4--------- | ----------- | -------
5`image.repository` | Kafka container image repository | `monasca/kafka`
6`image.tag` | Kafka container image tag | `0.9.0.1-2.11-1.1.4`
7`image.pullPolicy` | Kafka container image pull policy | `IfNotPresent`
8`resources.requests.memory` | Memory request per kafka pod | `1Gi`
9`resources.requests.cpu` | CPU request per kafka pod | `250m`
10`resources.limits.memory` | Memory limit per kafka pod | `2Gi`
11`resources.limits.cpu` | Memory limit per kafka pod | `2000m`
12`persistence.storageClass` | Kafka storage class | `default`
13`persistence.enabled` | Kafka persistent storage enabled flag | `false`
14`persistence.accessMode` | Kafka persistent storage accessMode | `ReadWriteOnce`
15`persistence.size` | Kafka persistent storage size | `10Gi`
16`topic_config` | Default config args for created topics | `segment.ms=900000`
17`service.port` | Kafka service port | `9092`
18`service.type` | Kafka service type | `ClusterIP`
19`exporter.enabled` | Kafka exporter enabled flag | `false`
20`exporter.image.repository` | Kafka exporter container image repository | `rbrndt/kafka-prometheus`
21`exporter.image.tag` | Kafka exporter container image tag | `latest`
22`exporter.image.pullPolicy` | Kafka exporter container image pull policy | `IfNotPresent`
23`exporter.port` | Kafka exporter port to expose Promethues metrics on | `7204`
24`stack_size` | JVM stack size | `1024k`
25`memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
26`stay_alive_on_failure` | If `true`, container stays alive for 2 hours after kafka exits | `false`
27`watcher.enabled` | Kafka watcher enabled flag | `false`
28`watcher.image.repository` | Kafka watcher container image repository | `monasca/kafka-watcher`
29`watcher.image.tag` | Kafka watcher container image tag | `latest`
30`watcher.image.pullPolicy` | Kafka watcher container image pull policy | `IfNotPresent`
31`watcher.health_check_topic` | Kafka watcher health check topic | `kafka-health-check`
32`watcher.group_id` | Kafka watcher consumer group id | `kafka_watcher`
33`watcher.watcher_period` | Kafka watcher period | `600`
34`watcher.watcher_timeout` | Kafka watcher read/write timeout | `60`
35`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
36`watcher.port` | Kafka watcher port to expose Promethues metrics on | `8080`
diff --git a/kafka/templates/_helpers.tpl b/kafka/templates/_helpers.tpl
new file mode 100644
index 0000000..a2ef248
--- /dev/null
+++ b/kafka/templates/_helpers.tpl
@@ -0,0 +1,25 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}}
17
18{{/*
19Create a fully qualified cleanup name.
20We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
21*/}}
22{{- define "kafka.cleanup.fullname" -}}
23{{- $name := default .Chart.Name .Values.nameOverride -}}
24{{- printf "%s-%s-%s" .Release.Name $name "cleanup" | trunc 63 | trimSuffix "-" -}}
25{{- end -}}
diff --git a/kafka/templates/cleanup-hook.yaml b/kafka/templates/cleanup-hook.yaml
new file mode 100644
index 0000000..ae6a699
--- /dev/null
+++ b/kafka/templates/cleanup-hook.yaml
@@ -0,0 +1,47 @@
1apiVersion: batch/v1
2kind: Job
3metadata:
4 # while not recommended, we add a random sequence to the end of the job name
5 # this job will attempt to delete itself when finished, but should it fail for
6 # some reason we don't want future upgrades to fail because of a name conflict
7 # (plus the future runs of this job will delete any previous iterations that
8 # failed to clean themselves up)
9 name: "{{ template "kafka.cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
10 labels:
11 app: {{ template "fullname" . }}
12 component: "{{ .Values.cleanup.name }}"
13 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
14 release: "{{ .Release.Name }}"
15 heritage: "{{ .Release.Service }}"
16 annotations:
17 "helm.sh/hook": pre-upgrade,post-delete
18 "helm.sh/hook-weight": "-5"
19spec:
20 template:
21 metadata:
22 labels:
23 app: {{ template "fullname" . }}
24 component: "{{ .Values.cleanup.name }}"
25 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
26 release: "{{ .Release.Name }}"
27 heritage: "{{ .Release.Service }}"
28 spec:
29 restartPolicy: OnFailure
30 containers:
31 - name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
32 image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
33 imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
34 resources:
35{{ toYaml .Values.cleanup.resources | indent 12 }}
36 env:
37 - name: "WAIT_RETRIES"
38 value: "{{ .Values.cleanup.wait.retries }}"
39 - name: "WAIT_DELAY"
40 value: "{{ .Values.cleanup.wait.delay }}"
41 - name: "WAIT_TIMEOUT"
42 value: "{{ .Values.cleanup.wait.timeout }}"
43 {{- if .Values.cleanup.serviceAccount }}
44 serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
45 {{- else if .Values.rbac.create }}
46 serviceAccountName: "{{ template "kafka.cleanup.fullname" . }}"
47 {{- end }}
diff --git a/kafka/templates/cleanup-role.yaml b/kafka/templates/cleanup-role.yaml
new file mode 100644
index 0000000..5f13c63
--- /dev/null
+++ b/kafka/templates/cleanup-role.yaml
@@ -0,0 +1,25 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: Role
10metadata:
11 name: {{ template "kafka.cleanup.fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.cleanup.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18rules:
19 - apiGroups: [""]
20 resources: ["pods"]
21 verbs: ["get", "list", "delete", "patch"]
22 - apiGroups: ["batch"]
23 resources: ["jobs"]
24 verbs: ["get", "list", "delete"]
25{{- end }}
diff --git a/kafka/templates/cleanup-rolebinding.yaml b/kafka/templates/cleanup-rolebinding.yaml
new file mode 100644
index 0000000..227db9b
--- /dev/null
+++ b/kafka/templates/cleanup-rolebinding.yaml
@@ -0,0 +1,26 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: RoleBinding
10metadata:
11 name: {{ template "kafka.cleanup.fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.cleanup.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18subjects:
19 - kind: ServiceAccount
20 name: {{ template "kafka.cleanup.fullname" . }}
21 namespace: "{{ .Release.Namespace }}"
22roleRef:
23 kind: Role
24 name: {{ template "kafka.cleanup.fullname" . }}
25 apiGroup: rbac.authorization.k8s.io
26{{- end }}
diff --git a/kafka/templates/cleanup-serviceaccount.yaml b/kafka/templates/cleanup-serviceaccount.yaml
new file mode 100644
index 0000000..d988a55
--- /dev/null
+++ b/kafka/templates/cleanup-serviceaccount.yaml
@@ -0,0 +1,12 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2apiVersion: v1
3kind: ServiceAccount
4metadata:
5 name: {{ template "kafka.cleanup.fullname" . }}
6 labels:
7 app: {{ template "fullname" . }}
8 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9 component: "{{ .Values.cleanup.name }}"
10 heritage: {{ .Release.Service }}
11 release: {{ .Release.Name }}
12{{- end }}
diff --git a/kafka/templates/deployment.yaml b/kafka/templates/deployment.yaml
new file mode 100644
index 0000000..dab8248
--- /dev/null
+++ b/kafka/templates/deployment.yaml
@@ -0,0 +1,124 @@
1apiVersion: extensions/v1beta1
2kind: Deployment
3metadata:
4 name: {{ template "fullname" . }}
5 labels:
6 app: {{ template "fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10 component: kafka
11spec:
12 replicas: 1
13 template:
14 metadata:
15 labels:
16 app: {{ template "fullname" . }}
17 {{- if .Values.watcher.enabled }}
18 annotations:
19 prometheus.io/scrape: "true"
20 prometheus.io/port: "{{ .Values.watcher.port }}"
21 monasca.io/usek8slabels: "false"
22 monasca.io/whitelist: |
23 - kafka_dropped_message_count
24 - kafka_max_round_trip_time
25 - kafka_min_round_trip_time
26 - kafka_read_failure_count
27 - kafka_watcher_status
28 - kafka_write_failure_count
29 - go_memstats_heap_objects
30 - go_memstats_heap_inuse_bytes
31 {{- end }}
32 spec:
33 containers:
34 - name: {{ .Chart.Name }}
35 image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
36 imagePullPolicy: {{ .Values.image.pullPolicy }}
37 resources:
38{{ toYaml .Values.resources | indent 12 }}
39 ports:
40 - name: kafka
41 containerPort: 9092
42 volumeMounts:
43 - name: kafka
44 mountPath: /data
45 env:
46 - name: KAFKA_DELETE_TOPIC_ENABLE
47 value: "true"
48 - name: KAFKA_AUTO_CREATE_TOPICS
49 value: "false"
50 - name: KAFKA_JMX
51 value: "true"
52 - name: JVM_MAX_RATIO
53 value: {{ .Values.memory_ratio | quote }}
54 - name: KAFKA_STACK_SIZE
55 value: {{ .Values.stack_size | quote }}
56 - name: ZOOKEEPER_CONNECTION_STRING
57 {{- if .Values.zookeeper.overrideUri }}
58 value: "{{ .Values.zookeeper.overrideUri }}"
59 {{- else }}
60 value: {{ .Release.Name }}-zookeeper:2181
61 {{- end }}
62 - name: STAY_ALIVE_ON_FAILURE
63 value: {{ .Values.stay_alive_on_failure | quote }}
64 {{- if .Values.exporter.enabled }}
65 - name: {{ .Chart.Name }}-exporter
66 image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
67 imagePullPolicy: {{ .Values.exporter.image.pullPolicy }}
68 ports:
69 - name: exporter
70 containerPort: {{ .Values.exporter.port }}
71 volumeMounts:
72 - name: kafka-exporter
73 mountPath: /prometheus-config
74 {{- end }}
75 {{- if .Values.watcher.enabled }}
76 - name: watcher
77 image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
78 imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
79 resources:
80{{ toYaml .Values.watcher.resources | indent 12 }}
81 env:
82 - name: HEALTH_CHECK_TOPIC
83 value: {{ .Values.watcher.health_check_topic | quote }}
84 - name: BOOT_STRAP_SERVERS
85 value: "localhost:9092"
86 - name: GROUP_ID
87 value: {{ .Values.watcher.group_id | quote }}
88 - name: PROMETHEUS_ENDPOINT
89 value: "0.0.0.0:{{ .Values.watcher.port }}"
90 - name: WATCHER_PERIOD
91 value: {{ .Values.watcher.watcher_period | quote }}
92 - name: WATCHER_TIMEOUT
93 value: {{ .Values.watcher.watcher_timeout | quote }}
94 - name: STAY_ALIVE_ON_FAILURE
95 value: {{ .Values.watcher.stay_alive_on_failure | quote }}
96 ports:
97 - name: metrics
98 containerPort: {{ .Values.watcher.port }}
99 {{- end }}
100 volumes:
101 - name: kafka
102 {{- if .Values.persistence.enabled }}
103 persistentVolumeClaim:
104 claimName: {{ template "fullname" . }}
105 {{- else }}
106 emptyDir: {}
107 {{- end -}}
108 {{- if .Values.exporter.enabled }}
109 - name: kafka-exporter
110 configMap:
111 name: {{ template "fullname" . }}-exporter
112 {{- end }}
113 affinity:
114 podAntiAffinity:
115 preferredDuringSchedulingIgnoredDuringExecution:
116 - weight: 1
117 podAffinityTerm:
118 labelSelector:
119 matchExpressions:
120 - key: app
121 operator: In
122 values:
123 - "{{ .Release.Name }}-influxdb"
124 topologyKey: "kubernetes.io/hostname"
diff --git a/kafka/templates/exporter-configmap.yaml b/kafka/templates/exporter-configmap.yaml
new file mode 100644
index 0000000..b01f219
--- /dev/null
+++ b/kafka/templates/exporter-configmap.yaml
@@ -0,0 +1,50 @@
1{{- if .Values.exporter.enabled }}
2apiVersion: v1
3kind: ConfigMap
4metadata:
5 name: {{ template "fullname" . }}-exporter
6 labels:
7 app: {{ template "fullname" . }}
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 release: "{{ .Release.Name }}"
10 heritage: "{{ .Release.Service }}"
11data:
12 kafka-config.yml: |
13 ---
14 jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:7203/jmxrmi
15
16 lowercaseOutputName: true
17 rules:
18 - pattern: '"kafka.controller"<type="(KafkaController)", name="(OfflinePartitionsCount|ActiveControllerCount)"><>(Value)'
19 name: kafka_controller_$1_$2
20 - pattern: '"kafka.server"<type="(ReplicaManager)", name="(UnderReplicatedPartitions)"><>(Value)'
21 name: kafka_server_$1_$2
22 # This metric doesn't appear to be available in 0.8.1.1
23 #- pattern: '"kafka.server"<type="(KafkaServer)", name="(BrokerState)"><>(Value)'
24 # name: kafka_server_$2
25 - pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="AllTopics(Bytes|Messages)(In|Out)PerSec"><>(Count)'
26 name: kafka_server_$1_$2_$3_total
27 labels:
28 topic: all_topics
29 - pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="(.+)-(Bytes|Messages)(In|Out)PerSec"><>(Count)'
30 name: kafka_server_$1_$3_$4_total
31 labels:
32 topic: $2
33 - pattern: '"kafka.network"<type="(RequestMetrics)", name="Fetch-(Consumer|Follower)-TotalTimeMs"><>(Count)'
34 name: kafka_network_$1_fetch_$2_total_ms
35 - pattern: '"kafka.network"<type="(RequestMetrics)", name="Produce-(Local|Remote|Total|ResponseQueue)TimeMs"><>(Count)'
36 name: kafka_network_$1_produce_$2_ms
37 # These metric doesn't appear to be available in 0.8.1.1
38 #- pattern: '"kafka.server"<type="(KafkaRequestHandlerPool)", name="(RequestHandlerAvgIdlePercent)"><>(Count)'
39 # name: kafka_server_$1_$2
40 #- pattern: "kafka.network"<type="(SocketServer)", name="(NetworkProcessorAvgIdlePercent)"><>(Value)'
41 # name: kafa_network_$1_$2
42 - pattern: '"kafka.controller"<type="(ControllerStats)", name="(UncleanLeaderElectionsPerSec|LeaderElectionRateAndTimeMs)"><>(Count)'
43 name: kafka_controller_$1_$2
44 - pattern: '"kafka.server"<type="(ReplicaFetcherManager)", name="(Replica)-(MaxLag)"><>(Value)'
45 name: kafka_server_$1_$3
46 labels:
47 topic: $2
48 - pattern: '"kafka.server"<type="(ReplicaManager)", name="Isr(Expands|Shrinks)PerSec"><>(Count)'
49 name: kafka_server_$1_isr_$2_per_sec
50{{- end }}
diff --git a/kafka/templates/init-job.yaml b/kafka/templates/init-job.yaml
new file mode 100644
index 0000000..65427e7
--- /dev/null
+++ b/kafka/templates/init-job.yaml
@@ -0,0 +1,49 @@
1{{- if .Values.init.enabled }}
2apiVersion: batch/v1
3kind: Job
4metadata:
5 name: {{ template "fullname" . }}-init-job
6 labels:
7 app: {{ template "fullname" . }}
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 component: "kafka-init-job"
10 release: "{{ .Release.Name }}"
11 heritage: "{{ .Release.Service }}"
12spec:
13 template:
14 metadata:
15 labels:
16 app: {{ template "fullname" . }}
17 component: kafka-init-job
18 spec:
19 restartPolicy: OnFailure
20 containers:
21 - name: kafka-init-job
22 image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
23 imagePullPolicy: {{ .Values.init.image.pullPolicy }}
24 resources:
25{{ toYaml .Values.init.resources | indent 12 }}
26 env:
27 - name: KAFKA_HOST
28 value: "{{ template "fullname" . }}:9092"
29 - name: ZOOKEEPER_CONNECTION_STRING
30 {{- if .Values.zookeeper.overrideUri }}
31 value: "{{ .Values.zookeeper.overrideUri }}"
32 {{- else }}
33 value: {{ .Release.Name }}-zookeeper:2181
34 {{- end }}
35 - name: KAFKA_DELETE_TOPIC_ENABLE
36 value: "true"
37 - name: KAFKA_AUTO_CREATE_TOPICS
38 value: "false"
39 - name: JVM_MAX_HEAP_RATIO
40 value: {{ .Values.heap_ratio | quote }}
41 - name: KAFKA_STACK_SIZE
42 value: {{ .Values.stack_size | quote }}
43 {{- if .Values.init.topicConfig }}
44 - name: KAFKA_TOPIC_CONFIG
45 value: {{ .Values.init.topicConfig | quote }}
46 {{- end }}
47 - name: KAFKA_CREATE_TOPICS
48 value: {{ .Values.init.topics | join "," | quote }}
49{{- end }}
diff --git a/kafka/templates/pvc.yaml b/kafka/templates/pvc.yaml
new file mode 100644
index 0000000..712819d
--- /dev/null
+++ b/kafka/templates/pvc.yaml
@@ -0,0 +1,18 @@
1{{- if .Values.persistence.enabled }}
2apiVersion: v1
3kind: PersistentVolumeClaim
4metadata:
5 labels:
6 app: {{ template "fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 heritage: "{{ .Release.Service }}"
9 release: "{{ .Release.Name }}"
10 name: {{ template "fullname" . }}
11spec:
12 accessModes:
13 - {{ .Values.persistence.accessMode | quote }}
14 storageClassName: {{ .Values.persistence.storageClass | quote }}
15 resources:
16 requests:
17 storage: {{ .Values.persistence.size | quote }}
18{{- end }}
diff --git a/kafka/templates/static-svc.yaml b/kafka/templates/static-svc.yaml
new file mode 100644
index 0000000..d622c9d
--- /dev/null
+++ b/kafka/templates/static-svc.yaml
@@ -0,0 +1,19 @@
1{{- if .Values.static_service.enabled }}
2apiVersion: v1
3kind: Service
4metadata:
5 labels:
6 app: {{ template "fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 heritage: "{{ .Release.Service }}"
9 release: "{{ .Release.Name }}"
10 name: {{ .Values.static_service.name }}
11spec:
12 type: {{ .Values.static_service.type }}
13 ports:
14 - name: kafka
15 port: {{ .Values.static_service.port }}
16 targetPort: kafka
17 selector:
18 app: {{ template "fullname" . }}
19{{- end }}
diff --git a/kafka/templates/svc.yaml b/kafka/templates/svc.yaml
new file mode 100644
index 0000000..dd34b8f
--- /dev/null
+++ b/kafka/templates/svc.yaml
@@ -0,0 +1,17 @@
1apiVersion: v1
2kind: Service
3metadata:
4 labels:
5 app: {{ template "fullname" . }}
6 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
7 heritage: "{{ .Release.Service }}"
8 release: "{{ .Release.Name }}"
9 name: {{ template "fullname" . }}
10spec:
11 type: {{ .Values.service.type }}
12 ports:
13 - name: kafka
14 port: {{ .Values.service.port }}
15 targetPort: kafka
16 selector:
17 app: {{ template "fullname" . }}
diff --git a/kafka/values.yaml b/kafka/values.yaml
new file mode 100644
index 0000000..e7fe216
--- /dev/null
+++ b/kafka/values.yaml
@@ -0,0 +1,93 @@
1exporter:
2 enabled: false
3 image:
4 repository: rbrndt/kafka-prometheus
5 tag: latest
6 pullPolicy: IfNotPresent
7 port: 7204
8watcher:
9 enabled: false
10 image:
11 repository: monasca/kafka-watcher
12 tag: 0.0.4
13 pullPolicy: IfNotPresent
14 resources:
15 requests:
16 memory: 32Mi
17 cpu: 25m
18 limits:
19 memory: 64Mi
20 cpu: 50m
21 port: 8080
22 health_check_topic: kafka-health-check
23 group_id: kafka_watcher
24 watcher_period: 600
25 watcher_timeout: 60
26 stay_alive_on_failure: false
27image:
28 repository: monasca/kafka
29 tag: 0.9.0.1-2.11-1.1.6
30 pullPolicy: IfNotPresent
31service:
32 type: ClusterIP
33 port: 9092
34resources:
35 requests:
36 memory: 1Gi
37 cpu: 250m
38 limits:
39 memory: 2Gi
40 cpu: 2000m
41persistence:
42 storageClass: default
43 enabled: false
44 accessMode: ReadWriteOnce
45 size: 10Gi
46memory_ratio: .85
47stack_size: 1024k
48stay_alive_on_failure: false
49init:
50 enabled: true
51 image:
52 repository: monasca/kafka-init
53 tag: 0.0.3
54 pullPolicy: IfNotPresent
55 resources:
56 requests:
57 memory: 128Mi
58 cpu: 200m
59 limits:
60 memory: 256Mi
61 cpu: 250m
62 topicConfig: ''
63 topics: []
64static_service:
65 enabled: false
66 type: ClusterIP
67 name: kafka
68 port: 9092
69
70zookeeper:
71 overrideUri: ''
72
73cleanup:
74 name: cleanup
75 serviceAccount: ''
76 image:
77 repository: monasca/job-cleanup
78 tag: 1.2.1
79 pullPolicy: IfNotPresent
80 resources:
81 requests:
82 memory: 64Mi
83 cpu: 50m
84 limits:
85 memory: 128Mi
86 cpu: 100m
87 wait:
88 retries: "24"
89 delay: "5.0"
90 timeout: "10"
91
92rbac:
93 create: false
diff --git a/keystone-init/.helmignore b/keystone-init/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/keystone-init/.helmignore
@@ -0,0 +1,21 @@
1# Patterns to ignore when building packages.
2# This supports shell glob matching, relative path matching, and
3# negation (prefixed with !). Only one pattern per line.
4.DS_Store
5# Common VCS dirs
6.git/
7.gitignore
8.bzr/
9.bzrignore
10.hg/
11.hgignore
12.svn/
13# Common backup files
14*.swp
15*.bak
16*.tmp
17*~
18# Various IDEs
19.project
20.idea/
21*.tmproj
diff --git a/keystone-init/Chart.yaml b/keystone-init/Chart.yaml
new file mode 100644
index 0000000..bd6274a
--- /dev/null
+++ b/keystone-init/Chart.yaml
@@ -0,0 +1,4 @@
1apiVersion: v1
2description: Chart to initialize users in Keystone
3name: keystone-init
4version: 0.4.0
diff --git a/keystone-init/templates/NOTES.txt b/keystone-init/templates/NOTES.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/keystone-init/templates/NOTES.txt
diff --git a/keystone-init/templates/_helpers.tpl b/keystone-init/templates/_helpers.tpl
new file mode 100644
index 0000000..41ac2a9
--- /dev/null
+++ b/keystone-init/templates/_helpers.tpl
@@ -0,0 +1,24 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}}
17
18{{/*
19Create a fully qualified cleanup name.
20We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
21*/}}
22{{- define "cleanup.fullname" -}}
23{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
24{{- end -}}
diff --git a/keystone-init/templates/_keystone_env.tpl b/keystone-init/templates/_keystone_env.tpl
new file mode 100644
index 0000000..1416da3
--- /dev/null
+++ b/keystone-init/templates/_keystone_env.tpl
@@ -0,0 +1,150 @@
1{{- /*
2Read a single optional secret or string from values into an `env` `value:` or
3`valueFrom:`, depending on the user-defined content of the value.
4
5Example:
6 - name: OS_AUTH_URL
7 {{ template "keystone_init_secret_env" .Values.auth.url }}
8
9Note that unlike keystone_init_keystone_env, secret_key can not have any default
10values.
11
12Make sure to change the name of this template when copying to keep it unique,
13e.g. chart_name_secret_env.
14*/}}
15{{- define "keystone_init_secret_env" -}}
16{{- if eq (kindOf .) "map" -}}
17 valueFrom:
18 secretKeyRef:
19 name: "{{ .secret_name }}"
20 key: "{{ .secret_key }}"
21{{- else -}}
22 value: "{{ . }}"
23{{- end -}}
24{{- end -}}
25
26{{- /*
27Generate a list of environment vars for Keystone Auth
28
29Example:
30 env:
31{{ include "keystone_init_keystone_env" .Values.my_pod.auth | indent 4 }}
32
33(indent level should be adjusted as necessary)
34
35Make sure to change the name of this template when copying to keep it unique,
36e.g. chart_name_keystone_env.
37
38Note that keystone_init_secret_env is not used here because we want to provide
39default key names.
40*/}}
41{{- define "keystone_init_keystone_env" -}}
42- name: OS_AUTH_URL
43{{- if eq (kindOf .url) "map" }}
44 valueFrom:
45 secretKeyRef:
46 name: "{{ .url.secret_name }}"
47 key: "{{ .url.secret_key | default "OS_AUTH_URL" }}"
48{{- else }}
49 value: "{{ .url }}"
50{{- end }}
51{{- if .admin_url }}
52- name: OS_ADMIN_URL
53{{- if eq (kindOf .admin_url) "map" }}
54 valueFrom:
55 secretKeyRef:
56 name: "{{ .admin_url.secret_name }}"
57 key: "{{ .admin_url.secret_key | default "OS_ADMIN_URL" }}"
58{{- else }}
59 value: "{{ .admin_url }}"
60{{- end }}
61{{- end }}
62{{- if .api_version }}
63- name: OS_IDENTITY_API_VERSION
64 value: "{{ .api_version }}"
65{{- end }}
66- name: OS_USERNAME
67{{- if eq (kindOf .username) "map" }}
68 valueFrom:
69 secretKeyRef:
70 name: "{{ .username.secret_name }}"
71 key: "{{ .username.secret_key | default "OS_USERNAME" }}"
72{{- else }}
73 value: "{{ .username }}"
74{{- end }}
75- name: OS_PASSWORD
76{{- if eq (kindOf .password) "map" }}
77 valueFrom:
78 secretKeyRef:
79 name: "{{ .password.secret_name }}"
80 key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
81{{- else }}
82 value: "{{ .password }}"
83{{- end }}
84{{- if .user_domain_name }}
85- name: OS_USER_DOMAIN_NAME
86{{- if eq (kindOf .user_domain_name) "map" }}
87 valueFrom:
88 secretKeyRef:
89 name: "{{ .user_domain_name.secret_name }}"
90 key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
91{{- else }}
92 value: "{{ .user_domain_name }}"
93{{- end }}
94{{- end }}
95{{- if .project_name }}
96- name: OS_PROJECT_NAME
97{{- if eq (kindOf .project_name) "map" }}
98 valueFrom:
99 secretKeyRef:
100 name: "{{ .project_name.secret_name }}"
101 key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
102{{- else }}
103 value: "{{ .project_name }}"
104{{- end }}
105{{- end }}
106{{- if .project_domain_name }}
107- name: OS_PROJECT_DOMAIN_NAME
108{{- if eq (kindOf .project_domain_name) "map" }}
109 valueFrom:
110 secretKeyRef:
111 name: "{{ .project_domain_name.secret_name }}"
112 key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
113{{- else }}
114 value: "{{ .project_domain_name }}"
115{{- end }}
116{{- end }}
117{{- if .tenant_name }}
118- name: OS_TENANT_NAME
119{{- if eq (kindOf .tenant_name) "map" }}
120 valueFrom:
121 secretKeyRef:
122 name: "{{ .tenant_name.secret_name }}"
123 key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
124{{- else }}
125 value: "{{ .tenant_name }}"
126{{- end }}
127{{- end }}
128{{- if .tenant_id }}
129- name: OS_TENANT_ID
130{{- if eq (kindOf .tenant_id) "map" }}
131 valueFrom:
132 secretKeyRef:
133 name: "{{ .tenant_id.secret_name }}"
134 key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
135{{- else }}
136 value: "{{ .tenant_id }}"
137{{- end }}
138{{- end }}
139{{- if .region_name }}
140- name: OS_REGION_NAME
141{{- if eq (kindOf .region_name) "map" }}
142 valueFrom:
143 secretKeyRef:
144 name: "{{ .region_name.secret_name }}"
145 key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
146{{- else }}
147 value: "{{ .region_name }}"
148{{- end }}
149{{- end }}
150{{- end -}}
diff --git a/keystone-init/templates/cleanup-hook.yaml b/keystone-init/templates/cleanup-hook.yaml
new file mode 100644
index 0000000..6cfc517
--- /dev/null
+++ b/keystone-init/templates/cleanup-hook.yaml
@@ -0,0 +1,47 @@
1apiVersion: batch/v1
2kind: Job
3metadata:
4 # while not recommended, we add a random sequence to the end of the job name
5 # this job will attempt to delete itself when finished, but should it fail for
6 # some reason we don't want future upgrades to fail because of a name conflict
7 # (plus the future runs of this job will delete any previous iterations that
8 # failed to clean themselves up)
9 name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
10 labels:
11 app: {{ template "fullname" . }}
12 component: "{{ .Values.cleanup.name }}"
13 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
14 release: "{{ .Release.Name }}"
15 heritage: "{{ .Release.Service }}"
16 annotations:
17 "helm.sh/hook": pre-upgrade,post-delete
18 "helm.sh/hook-weight": "-5"
19spec:
20 template:
21 metadata:
22 labels:
23 app: {{ template "fullname" . }}
24 component: "{{ .Values.cleanup.name }}"
25 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
26 release: "{{ .Release.Name }}"
27 heritage: "{{ .Release.Service }}"
28 spec:
29 restartPolicy: OnFailure
30 containers:
31 - name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
32 image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
33 imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
34 resources:
35{{ toYaml .Values.cleanup.resources | indent 12 }}
36 env:
37 - name: "WAIT_RETRIES"
38 value: "{{ .Values.cleanup.wait.retries }}"
39 - name: "WAIT_DELAY"
40 value: "{{ .Values.cleanup.wait.delay }}"
41 - name: "WAIT_TIMEOUT"
42 value: "{{ .Values.cleanup.wait.timeout }}"
43 {{- if .Values.cleanup.serviceAccount }}
44 serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
45 {{- else if .Values.rbac.create }}
46 serviceAccountName: "{{ template "cleanup.fullname" . }}"
47 {{- end }}
diff --git a/keystone-init/templates/cleanup-role.yaml b/keystone-init/templates/cleanup-role.yaml
new file mode 100644
index 0000000..6240a8f
--- /dev/null
+++ b/keystone-init/templates/cleanup-role.yaml
@@ -0,0 +1,25 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: Role
10metadata:
11 name: {{ template "cleanup.fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.cleanup.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18rules:
19 - apiGroups: [""]
20 resources: ["pods"]
21 verbs: ["get", "list", "delete", "patch"]
22 - apiGroups: ["batch"]
23 resources: ["jobs"]
24 verbs: ["get", "list", "delete"]
25{{- end }}
diff --git a/keystone-init/templates/cleanup-rolebinding.yaml b/keystone-init/templates/cleanup-rolebinding.yaml
new file mode 100644
index 0000000..92d88a0
--- /dev/null
+++ b/keystone-init/templates/cleanup-rolebinding.yaml
@@ -0,0 +1,26 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: RoleBinding
10metadata:
11 name: {{ template "cleanup.fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.cleanup.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18subjects:
19 - kind: ServiceAccount
20 name: {{ template "cleanup.fullname" . }}
21 namespace: "{{ .Release.Namespace }}"
22roleRef:
23 kind: Role
24 name: {{ template "cleanup.fullname" . }}
25 apiGroup: rbac.authorization.k8s.io
26{{- end }}
diff --git a/keystone-init/templates/cleanup-serviceaccount.yaml b/keystone-init/templates/cleanup-serviceaccount.yaml
new file mode 100644
index 0000000..c021a7f
--- /dev/null
+++ b/keystone-init/templates/cleanup-serviceaccount.yaml
@@ -0,0 +1,12 @@
1{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2apiVersion: v1
3kind: ServiceAccount
4metadata:
5 name: {{ template "cleanup.fullname" . }}
6 labels:
7 app: {{ template "fullname" . }}
8 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9 component: "{{ .Values.cleanup.name }}"
10 heritage: {{ .Release.Service }}
11 release: {{ .Release.Name }}
12{{- end }}
diff --git a/keystone-init/templates/keystone-init-job.yaml b/keystone-init/templates/keystone-init-job.yaml
new file mode 100644
index 0000000..3c461b2
--- /dev/null
+++ b/keystone-init/templates/keystone-init-job.yaml
@@ -0,0 +1,51 @@
1apiVersion: batch/v1
2kind: Job
3metadata:
4 name: {{ template "fullname" . }}-job
5 labels:
6 app: {{ template "fullname" . }}
7 component: "{{ .Values.keystone_init.name }}"
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 release: "{{ .Release.Name }}"
10 heritage: "{{ .Release.Service }}"
11spec:
12{{- if .Values.keystone_init.deadline }}
13 activeDeadlineSeconds: {{ .Values.keystone_init.deadline }}
14{{- end }}
15 template:
16 metadata:
17 labels:
18 app: {{ template "fullname" . }}
19 component: "{{ .Values.keystone_init.name }}"
20 spec:
21 restartPolicy: OnFailure
22 volumes:
23 - name: preload-config
24 configMap:
25 name: "{{ template "fullname" . }}-preload"
26 containers:
27 - name: {{ template "fullname" . }}-job
28 image: "{{ .Values.keystone_init.image.repository }}:{{ .Values.keystone_init.image.tag }}"
29 imagePullPolicy: {{ .Values.keystone_init.image.pullPolicy }}
30 resources:
31{{ toYaml .Values.keystone_init.resources | indent 12 }}
32 env:
33 - name: LOG_LEVEL
34 value: {{ .Values.keystone_init.log_level }}
35 - name: KEYSTONE_TIMEOUT
36 value: "{{ .Values.keystone_init.timeout }}"
37 - name: KEYSTONE_VERIFY
38 value: "{{ .Values.keystone_init.verify }}"
39 - name: KEYSTONE_CERT
40 value: "{{ .Values.keystone_init.cert }}"
41{{ include "keystone_init_keystone_env" .Values.keystone_init.auth | indent 12 }}
42 - name: PRELOAD_PATH
43 value: "/config/preload.yml"
44 volumeMounts:
45 - name: preload-config
46 mountPath: /config
47 {{- if .Values.keystone_init.serviceAccount }}
48 serviceAccountName: {{ .Values.keystone_init.serviceAccount | quote }}
49 {{- else if .Values.rbac.create }}
50 serviceAccountName: "{{ template "fullname" . }}"
51 {{- end }}
diff --git a/keystone-init/templates/keystone-preload-configmap.yaml b/keystone-init/templates/keystone-preload-configmap.yaml
new file mode 100644
index 0000000..29935ec
--- /dev/null
+++ b/keystone-init/templates/keystone-preload-configmap.yaml
@@ -0,0 +1,12 @@
1apiVersion: v1
2kind: ConfigMap
3metadata:
4 name: "{{ template "fullname" . }}-preload"
5 labels:
6 app: "{{ template "fullname" . }}"
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10data:
11 preload.yml: |
12{{ toYaml .Values.keystone_init.preload | indent 4 }}
diff --git a/keystone-init/templates/keystone-role.yaml b/keystone-init/templates/keystone-role.yaml
new file mode 100644
index 0000000..6ad35c8
--- /dev/null
+++ b/keystone-init/templates/keystone-role.yaml
@@ -0,0 +1,25 @@
1{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: Role
10metadata:
11 name: {{ template "fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.keystone_init.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18rules:
19 - apiGroups: [""]
20 resources: ["secrets"]
21 verbs: ["get", "create", "update"]
22 - apiGroups: [""]
23 resources: ["namespaces"]
24 verbs: ["get", "create"]
25{{- end }}
diff --git a/keystone-init/templates/keystone-rolebinding.yaml b/keystone-init/templates/keystone-rolebinding.yaml
new file mode 100644
index 0000000..595a8aa
--- /dev/null
+++ b/keystone-init/templates/keystone-rolebinding.yaml
@@ -0,0 +1,26 @@
1{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3apiVersion: rbac.authorization.k8s.io/v1
4{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5apiVersion: rbac.authorization.k8s.io/v1beta1
6{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7apiVersion: rbac.authorization.k8s.io/v1alpha1
8{{- end }}
9kind: RoleBinding
10metadata:
11 name: {{ template "fullname" . }}
12 labels:
13 app: {{ template "fullname" . }}
14 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15 component: "{{ .Values.keystone_init.name }}"
16 heritage: {{ .Release.Service }}
17 release: {{ .Release.Name }}
18subjects:
19 - kind: ServiceAccount
20 name: {{ template "fullname" . }}
21 namespace: "{{ .Release.Namespace }}"
22roleRef:
23 kind: Role
24 name: {{ template "fullname" . }}
25 apiGroup: rbac.authorization.k8s.io
26{{- end }}
diff --git a/keystone-init/templates/keystone-serviceaccount.yaml b/keystone-init/templates/keystone-serviceaccount.yaml
new file mode 100644
index 0000000..17577dc
--- /dev/null
+++ b/keystone-init/templates/keystone-serviceaccount.yaml
@@ -0,0 +1,12 @@
1{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2apiVersion: v1
3kind: ServiceAccount
4metadata:
5 name: {{ template "fullname" . }}
6 labels:
7 app: {{ template "fullname" . }}
8 chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9 component: "{{ .Values.keystone_init.name }}"
10 heritage: {{ .Release.Service }}
11 release: {{ .Release.Name }}
12{{- end }}
diff --git a/keystone-init/values.yaml b/keystone-init/values.yaml
new file mode 100644
index 0000000..1fce894
--- /dev/null
+++ b/keystone-init/values.yaml
@@ -0,0 +1,109 @@
1# Default values for keystone-init.
2# This is a YAML-formatted file.
3# Declare variables to be passed into your templates.
4keystone_init:
5 name: keystone-init
6
7 # an optional preexisting serviceAccount to use
8 # to create a service account with the deployment,
9 # deploy with rbac.create=true
10 serviceAccount: ''
11
12 image:
13 repository: monasca/keystone-init
14 tag: 1.3.0
15 pullPolicy: IfNotPresent
16
17 # general options for the init job
18 log_level: INFO # python logging level
19 timeout: "10" # timeout in seconds
20 verify: "true" # if "true", verify SSL
21 cert: '' # cert to override if desired (must be mounted as configmap)
22
23 # keystone authentication for this component
24 # note that these options allow the init container to connect to keystone and
25 # the referenced account must already exist
26 # each parameter may either be specified directly as a string OR reference a
27 # secret
28 # example:
29 # # plaintext (will be stored in Helm's ConfigMap)
30 # password: 'some-plaintext-password'
31 #
32 # # secret ref
33 # password:
34 # secret_name: some-secret-name
35 # # key is optional, will default to `OS_`-style variables
36 # secret_key: some-key
37 auth:
38 url: 'http://keystone:5000'
39 username: "admin"
40 password: "s3cr3t"
41 user_domain_name: Default
42 project_name: 'admin'
43 project_domain_name: Default
44
45 # specify domains, projects, roles, and users to create
46 preload:
47 # global roles
48 global_roles: []
49
50 # named domains, the key name will be used to look up keystone domain name
51 domains:
52 # note that `default` is special and refers directly to the ID `default`,
53 # not the name `Default`
54 default:
55 # a list of project names that must exist (will be created)
56 projects: []
57
58 # a list of domain-scoped role names that must exist (will be created)
59 roles: []
60
61 # a list of user objects that must exist
62 # example:
63 # users:
64 # - username: some-user
65 # project: some-project # will be created if it does not exist
66 # roles: # will also be created automatically
67 # - a
68 # - b
69 # - c
70 # # if desired, create a secret (optional):
71 # secret: some-secret-name
72 # # alternatively, specify a namespace and name
73 # secret: some-namespace/some-secret-name
74 # # or even:
75 # secret:
76 # namespace: some-namespace
77 # name: some-secret-name
78 users: []
79
80 # container resource limits and requests
81 resources:
82 limits:
83 cpu: 100m
84 memory: 128Mi
85 requests:
86 cpu: 100m
87 memory: 128Mi
88
89cleanup:
90 name: cleanup
91 serviceAccount: ''
92 image:
93 repository: monasca/job-cleanup
94 tag: 1.2.1
95 pullPolicy: IfNotPresent
96 resources:
97 requests:
98 memory: 128Mi
99 cpu: 200m
100 limits:
101 memory: 128Mi
102 cpu: 250m
103 wait:
104 retries: "10"
105 delay: "3.0"
106 timeout: "10"
107
108rbac:
109 create: false
diff --git a/monasca-agent/.helmignore b/monasca-agent/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/monasca-agent/.helmignore
@@ -0,0 +1,21 @@
1# Patterns to ignore when building packages.
2# This supports shell glob matching, relative path matching, and
3# negation (prefixed with !). Only one pattern per line.
4.DS_Store
5# Common VCS dirs
6.git/
7.gitignore
8.bzr/
9.bzrignore
10.hg/
11.hgignore
12.svn/
13# Common backup files
14*.swp
15*.bak
16*.tmp
17*~
18# Various IDEs
19.project
20.idea/
21*.tmproj
diff --git a/monasca-agent/Chart.yaml b/monasca-agent/Chart.yaml
new file mode 100644
index 0000000..7392e44
--- /dev/null
+++ b/monasca-agent/Chart.yaml
@@ -0,0 +1,9 @@
1apiVersion: v1
2description: A Helm chart for Monasca-agent
3name: monasca-agent
4version: 0.2.3
5sources:
6- https://github.com/openstack/monasca-agent
7maintainers:
8- name: Tim Buckley
9 email: timothy.jas.buckley@hpe.com
diff --git a/monasca-agent/templates/_helpers.tpl b/monasca-agent/templates/_helpers.tpl
new file mode 100644
index 0000000..308975b
--- /dev/null
+++ b/monasca-agent/templates/_helpers.tpl
@@ -0,0 +1,16 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}} \ No newline at end of file
diff --git a/monasca-agent/templates/configmap.yaml b/monasca-agent/templates/configmap.yaml
new file mode 100644
index 0000000..d8c1c4e
--- /dev/null
+++ b/monasca-agent/templates/configmap.yaml
@@ -0,0 +1,14 @@
1{{- if .Values.plugins.enabled }}
2apiVersion: v1
3kind: ConfigMap
4metadata:
5 name: {{ template "fullname" . }}
6 labels:
7 app: {{ template "fullname" . }}
8 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 component: "{{ template "fullname" . }}"
10 release: "{{ .Release.Name }}"
11 heritage: "{{ .Release.Service }}"
12data:
13{{ toYaml .Values.plugins.config_files | indent 2 }}
14{{- end}}
diff --git a/monasca-agent/templates/daemonset.yaml b/monasca-agent/templates/daemonset.yaml
new file mode 100644
index 0000000..a721a7d
--- /dev/null
+++ b/monasca-agent/templates/daemonset.yaml
@@ -0,0 +1,124 @@
1apiVersion: extensions/v1beta1
2kind: DaemonSet
3metadata:
4 name: {{ template "fullname" . }}
5 labels:
6 app: {{ template "fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10 component: "{{ template "fullname" . }}-daemonset"
11spec:
12 template:
13 metadata:
14 labels:
15 component: "{{ template "fullname" . }}-daemonset"
16 app: {{ template "fullname" . }}
17 spec:
18 containers:
19 - name: {{ template "name" . }}-collector-daemonset
20 image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
21 imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
22 resources:
23{{ toYaml .Values.resources | indent 12 }}
24 env:
25 - name: AGENT_POD_NAME
26 valueFrom:
27 fieldRef:
28 fieldPath: metadata.name
29 - name: AGENT_POD_NAMESPACE
30 valueFrom:
31 fieldRef:
32 fieldPath: metadata.namespace
33 - name: KUBERNETES
34 value: "true"
35 - name: KUBERNETES_TIMEOUT
36 value: {{ .Values.kubernetes.timeout | quote }}
37 - name: KUBERNETES_LABELS
38 value: {{ .Values.kubernetes.kubernetes_labels | quote }}
39 - name: PROMETHEUS
40 value: {{ .Values.prometheus.auto_detect_pod_endpoints | quote }}
41 - name: PROMETHEUS_TIMEOUT
42 value: {{ .Values.prometheus.timeout | quote }}
43 - name: PROMETHEUS_DETECT_METHOD
44 value: pod
45 - name: PROMETHEUS_KUBERNETES_LABELS
46 value: {{ .Values.prometheus.kubernetes_labels | quote }}
47 - name: CADVISOR
48 value: {{ .Values.cadvisor.enabled | quote }}
49 - name: CADVISOR_TIMEOUT
50 value: {{ .Values.cadvisor.timeout | quote }}
51 - name: OS_AUTH_URL
52 value: {{ .Values.keystone.url | quote }}
53 - name: OS_USERNAME
54 value: {{ .Values.keystone.os_username | quote }}
55 - name: OS_USER_DOMAIN_NAME
56 value: {{ .Values.keystone.os_user_domain_name | quote }}
57 - name: OS_PASSWORD
58 value: {{ .Values.keystone.os_password | quote }}
59 - name: OS_PROJECT_NAME
60 value: {{ .Values.keystone.os_project_name | quote }}
61 - name: OS_PROJECT_DOMAIN_NAME
62 value: {{ .Values.keystone.os_project_domain_name | quote }}
63 - name: LOG_LEVEL
64 value: {{ .Values.log_level | quote }}
65 - name: HOSTNAME_FROM_KUBERNETES
66 value: "true"
67 {{- if .Values.namespace_annotations }}
68 - name: KUBERNETES_NAMESPACE_ANNOTATIONS
69 value: {{ .Values.namespace_annotations | quote}}
70 {{- end}}
71 {{- if .Values.dimensions }}
72 - name: DIMENSIONS
73 value: {{ .Values.dimensions | quote}}
74 {{- end}}
75 - name: CHECK_FREQ
76 value: {{ .Values.collector.check_freq | quote }}
77 - name: NUM_COLLECTOR_THREADS
78 value: {{ .Values.collector.num_collector_threads | quote }}
79 - name: POOL_FULL_MAX_TRIES
80 value: {{ .Values.collector.pool_full_max_retries | quote }}
81 - name: SUB_COLLECTION_WARN
82 value: {{ .Values.collector.sub_collection_warn | quote }}
83 - name: {{ template "name" . }}-forwarder-daemonset
84 image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
85 imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
86 resources:
87{{ toYaml .Values.resources | indent 12 }}
88 env:
89 - name: AGENT_POD_NAME
90 valueFrom:
91 fieldRef:
92 fieldPath: metadata.name
93 - name: AGENT_POD_NAMESPACE
94 valueFrom:
95 fieldRef:
96 fieldPath: metadata.namespace
97 - name: OS_AUTH_URL
98 value: {{ .Values.keystone.url | quote }}
99 - name: OS_USERNAME
100 value: {{ .Values.keystone.os_username | quote }}
101 - name: OS_USER_DOMAIN_NAME
102 value: {{ .Values.keystone.os_user_domain_name | quote }}
103 - name: OS_PASSWORD
104 value: {{ .Values.keystone.os_password | quote }}
105 - name: OS_PROJECT_NAME
106 value: {{ .Values.keystone.os_project_name | quote }}
107 - name: OS_PROJECT_DOMAIN_NAME
108 value: {{ .Values.keystone.os_project_domain_name | quote }}
109 - name: MONASCA_URL
110 value: {{ .Values.monasca_url | quote }}
111 - name: LOG_LEVEL
112 value: {{ .Values.log_level | quote }}
113 - name: INSECURE
114 value: {{ .Values.insecure | quote }}
115 - name: MAX_BATCH_SIZE
116 value: {{ .Values.forwarder.max_batch_size | quote }}
117 - name: MAX_MEASUREMENT_BUFFER_SIZE
118 value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
119 - name: BACKLOG_SEND_RATE
120 value: {{ .Values.forwarder.backlog_send_rate | quote }}
121 - name: HOSTNAME_FROM_KUBERNETES
122 value: "true"
123 - name: NON_LOCAL_TRAFFIC
124 value: {{ .Values.forwarder.non_local_traffic | quote }}
diff --git a/monasca-agent/templates/deployment.yaml b/monasca-agent/templates/deployment.yaml
new file mode 100644
index 0000000..a1ca991
--- /dev/null
+++ b/monasca-agent/templates/deployment.yaml
@@ -0,0 +1,143 @@
1apiVersion: extensions/v1beta1
2kind: Deployment
3metadata:
4 name: {{ template "fullname" . }}
5 labels:
6 app: {{ template "fullname" . }}
7 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8 release: "{{ .Release.Name }}"
9 heritage: "{{ .Release.Service }}"
10 component: "{{ template "fullname" . }}-deployment"
11spec:
12 template:
13 metadata:
14 labels:
15 component: "{{ template "fullname" . }}-deployment"
16 app: {{ template "fullname" . }}
17 spec:
18 containers:
19 - name: {{ template "name" . }}-collector-deployment
20 image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
21 imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
22 resources:
23{{ toYaml .Values.resources | indent 12 }}
24 env:
25 - name: AGENT_POD_NAME
26 valueFrom:
27 fieldRef:
28 fieldPath: metadata.name
29 - name: AGENT_POD_NAMESPACE
30 valueFrom:
31 fieldRef:
32 fieldPath: metadata.namespace
33 - name: KUBERNETES_API
34 value: "true"
35 - name: KUBERNETES_API_TIMEOUT
36 value: {{ .Values.kubernetes_api.timeout | quote }}
37 - name: KUBERNETES_API_LABELS
38 value: {{ .Values.kubernetes_api.kubernetes_labels | quote }}
39 - name: PROMETHEUS
40 value: {{ .Values.prometheus.auto_detect_service_endpoints | quote }}
41 - name: PROMETHEUS_TIMEOUT
42 value: {{ .Values.prometheus.timeout | quote }}
43 - name: PROMETHEUS_DETECT_METHOD
44 value: service
45 - name: PROMETHEUS_KUBERNETES_LABELS
46 value: {{ .Values.prometheus.kubernetes_labels | quote }}
47 - name: OS_AUTH_URL
48 value: {{ .Values.keystone.url | quote }}
49 - name: OS_USERNAME
50 value: {{ .Values.keystone.os_username | quote }}
51 - name: OS_USER_DOMAIN_NAME
52 value: {{ .Values.keystone.os_user_domain_name | quote }}
53 - name: OS_PASSWORD
54 value: {{ .Values.keystone.os_password | quote }}
55 - name: OS_PROJECT_NAME
56 value: {{ .Values.keystone.os_project_name | quote }}
57 - name: OS_PROJECT_DOMAIN_NAME
58 value: {{ .Values.keystone.os_project_domain_name | quote }}
59 - name: LOG_LEVEL
60 value: {{ .Values.log_level | quote }}
61 - name: HOSTNAME_FROM_KUBERNETES
62 value: "true"
63 {{- if .Values.namespace_annotations }}
64 - name: KUBERNETES_NAMESPACE_ANNOTATIONS
65 value: {{ .Values.namespace_annotations | quote}}
66 {{- end}}
67 {{- if .Values.kubernetes_api.storage.parameter_dimensions }}
68 - name: STORAGE_PARAMETERS_DIMENSIONS
69 value: {{ .Values.kubernetes_api.storage.parameter_dimensions | quote}}
70 {{- end}}
71 - name: REPORT_PERSISTENT_STORAGE
72 value: {{ .Values.kubernetes_api.storage.report | quote }}
73 {{- if .Values.dimensions }}
74 - name: DIMENSIONS
75 value: {{ .Values.dimensions | quote}}
76 {{- end}}
77 - name: CHECK_FREQ
78 value: {{ .Values.collector.check_freq | quote }}
79 - name: NUM_COLLECTOR_THREADS
80 value: {{ .Values.collector.num_collector_threads | quote }}
81 - name: POOL_FULL_MAX_TRIES
82 value: {{ .Values.collector.pool_full_max_retries | quote }}
83 - name: SUB_COLLECTION_WARN
84 value: {{ .Values.collector.sub_collection_warn | quote }}
85 {{- if .Values.plugins.enabled }}
86 volumeMounts:
87 - name: agent-config
88 mountPath: /plugins.d
89 {{- end}}
90 - name: {{ template "name" . }}-forwarder-deployment
91 image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
92 imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
93 resources:
94{{ toYaml .Values.resources | indent 12 }}
95 env:
96 - name: AGENT_POD_NAME
97 valueFrom:
98 fieldRef:
99 fieldPath: metadata.name
100 - name: AGENT_POD_NAMESPACE
101 valueFrom:
102 fieldRef:
103 fieldPath: metadata.namespace
104 - name: OS_AUTH_URL
105 value: {{ .Values.keystone.url | quote }}
106 - name: OS_USERNAME
107 value: {{ .Values.keystone.os_username | quote }}
108 - name: OS_USER_DOMAIN_NAME
109 value: {{ .Values.keystone.os_user_domain_name | quote }}
110 - name: OS_PASSWORD
111 value: {{ .Values.keystone.os_password | quote }}
112 - name: OS_PROJECT_NAME
113 value: {{ .Values.keystone.os_project_name | quote }}
114 - name: OS_PROJECT_DOMAIN_NAME
115 value: {{ .Values.keystone.os_project_domain_name | quote }}
116 - name: MONASCA_URL
117 value: {{ .Values.monasca_url | quote }}
118 - name: LOG_LEVEL
119 value: {{ .Values.log_level | quote }}
120 - name: INSECURE
121 value: {{ .Values.insecure | quote }}
122 - name: MAX_BATCH_SIZE
123 value: {{ .Values.forwarder.max_batch_size | quote }}
124 - name: MAX_MEASUREMENT_BUFFER_SIZE
125 value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
126 - name: BACKLOG_SEND_RATE
127 value: {{ .Values.forwarder.backlog_send_rate | quote }}
128 - name: HOSTNAME_FROM_KUBERNETES
129 value: "true"
130 - name: NON_LOCAL_TRAFFIC
131 value: {{ .Values.forwarder.non_local_traffic | quote }}
132 {{- if .Values.plugins.enabled }}
133 volumes:
134 - name: agent-config
135 configMap:
136 name: {{ template "fullname" . }}
137 {{- end}}
138 {{- if .Values.plugins.enabled }}
139 volumes:
140 - name: agent-config
141 configMap:
142 name: {{ template "fullname" . }}
143 {{- end}}
diff --git a/monasca-agent/templates/role.yaml b/monasca-agent/templates/role.yaml
new file mode 100644
index 0000000..34b762e
--- /dev/null
+++ b/monasca-agent/templates/role.yaml
@@ -0,0 +1,32 @@
1{{- if .Values.rbac.enabled }}
2kind: ClusterRole
3apiVersion: rbac.authorization.k8s.io/v1alpha1
4metadata:
5 name: "{{ .Release.Name }}-role"
6rules:
7 - apiGroups: ["", "extensions", "storage.k8s.io"]
8 verbs: ["get", "list"]
9 resources:
10 - namespaces
11 - pods
12 - replicasets
13 - deployments
14 - replicationcontrollers
15 - nodes
16 - services
17 - componentstatuses
18 - storageclasses
19---
20kind: ClusterRoleBinding
21apiVersion: rbac.authorization.k8s.io/v1alpha1
22metadata:
23 name: "{{ .Release.Name }}-role-binding"
24subjects:
25 - kind: ServiceAccount
26 name: default
27 namespace: "{{ .Release.Namespace }}"
28roleRef:
29 kind: ClusterRole
30 name: "{{ .Release.Name }}-role"
31 apiGroup: rbac.authorization.k8s.io
32{{- end }}
diff --git a/monasca-agent/values.yaml b/monasca-agent/values.yaml
new file mode 100644
index 0000000..639d5e4
--- /dev/null
+++ b/monasca-agent/values.yaml
@@ -0,0 +1,56 @@
1name: agent
2collector:
3 image:
4 repository: monasca/agent-collector
5 tag: master-20180112-162543
6 pullPolicy: IfNotPresent
7 check_freq: 30
8 num_collector_threads: 1
9 pool_full_max_retries: 4
10 sub_collection_warn: 6
11forwarder:
12 image:
13 repository: monasca/agent-forwarder
14 tag: master-20180206-002800
15 pullPolicy: IfNotPresent
16 max_batch_size: 0
17 max_measurement_buffer_size: -1
18 backlog_send_rate: 5
19 non_local_traffic: "true"
20insecure: False
21log_level: WARN
22keystone:
23 os_username: mini-mon
24 os_user_domain_name: Default
25 os_password: password
26 os_project_name: mini-mon
27 os_project_domain_name: Default
28 url: http://keystone:35357/v3
29monasca_url: http://monasca-api:8070/v2.0
30prometheus:
31 auto_detect_pod_endpoints: true
32 auto_detect_service_endpoints: true
33 kubernetes_labels: 'app'
34 timeout: 3
35kubernetes_api:
36 kubernetes_labels: 'app'
37 timeout: 3
38 storage:
39 report: true
40kubernetes:
41 kubernetes_labels: 'app'
42 timeout: 3
43cadvisor:
44 enabled: true
45 timeout: 3
46resources:
47 requests:
48 memory: 256Mi
49 cpu: 100m
50 limits:
51 memory: 512Mi
52 cpu: 500m
53plugins:
54 enabled: false
55rbac:
56 enabled: false
diff --git a/monasca-alarms/Chart.yaml b/monasca-alarms/Chart.yaml
new file mode 100644
index 0000000..dfd58b7
--- /dev/null
+++ b/monasca-alarms/Chart.yaml
@@ -0,0 +1,9 @@
1apiVersion: v1
2description: A Helm chart for adding Alarms for Monasca
3name: monasca-alarms
4version: 0.0.1
5sources:
6- https://wiki.openstack.org/wiki/Monasca
7maintainers:
8- name: Michael Hoppal
9 email: michael.jam.hoppal@hpe.com
diff --git a/monasca-alarms/README.md b/monasca-alarms/README.md
new file mode 100644
index 0000000..0424cdf
--- /dev/null
+++ b/monasca-alarms/README.md
@@ -0,0 +1,112 @@
1# Monasca-alarms
2
3## Alarms for Monasca components
4
5[Monasca](https://wiki.openstack.org/wiki/Monasca), an
6[Openstack](https://www.openstack.org/) official project, is a scalable
7monitoring as a service solution. It monitors services and systems by a push
8model. The Monasca Agent will collect metrics from each node and push them to
9the Monasca API. It will then be processed by separate microservices for
10storing, alarming and notifications. The architecture can be viewed
11[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
12
13This chart adds alarms for the components of Monasca so Monasca can monitor
14itself. However, some components failing, for example Kafka, will have no
15alarms generated as the threshold engine requires kafka to be working.
16
17## QuickStart
18
19```bash
20$ helm repo add monasca http://monasca.io/monasca-helm
21$ helm install monasca/monasca --name monasca --namespace monitoring
22$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
23```
24
25## Introduction
26
27This chart adds Alarms for the components of a [Monasca](https://wiki.openstack.org/wiki/Monasca)
28deployment on a Kubernetes cluster using the Helm Package manager.
29
30## Prerequisites
31
32- Kubernetes 1.4+
33- Monasca installed using Helm
34
35## Installing the Chart
36
37Monasca-alarms can either be installed from the [monasca.io](https://monasca.io/) helm repo or by source.
38
39### Installing via Helm repo (recommended)
40
41```bash
42$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
43```
44Note: monasca-alarms must be installed in the same namespace as monasca
45
46### Installing via source
47
48```bash
49$ helm repo add monasca http://monasca.io/monasca-helm
50$ helm dependency update monasca-alarms
51$ helm install monasca-alarms --name monasca-alarms --namespace monitoring
52```
53
54Either option will add the alarms for the components of Monasca on the Kubernetes cluster
55with the default configuration. The [configuration](#configuration) section lists the parameters
56that can be configured during installation.
57
58> **Tip**: List all releases using `helm list`
59
60## Uninstalling the Chart
61
62To uninstall/delete the `my-release` deployment:
63
64```bash
65$ helm delete my-release --purge
66```
67
68The command removes all the Kubernetes components associated with the chart and
69deletes the release.
70
71### Default Alarms for components
72
73By default Monasca alarms will be created for Kafka and Zookeeper.
74
75## Configuration
76
77The following tables lists the configurable parameters of the Monasca alarms chart
78broken down by microservice and their default values.
79
80Specify each parameter using the `--set key=value[,key=value]` argument to
81`helm install`. For example,
82
83```console
84$ helm install monasca-alarms --name my-release \
85 --set kafka.start_periods=4
86```
87
88Alternatively, a YAML file that specifies the values for the below parameters
89can be provided while installing the chart. For example,
90
91```console
92$ helm install monasca-alarms --name my-release -f values.yaml
93```
94
95> **Tip**: You can use the default [values.yaml](values.yaml)
96
97
98### Kafka
99
100Parameter | Description | Default
101--------- | ----------- | -------
102`kafka.enabled` | Kafka alarms enabled | `true`
103`kafka.start_periods` | How many periods Kafka is not started before alarming | `3`
104`kafka.running_periods` | How many periods Kafka is not running before alarming | `1`
105
106### Zookeeper
107
108Parameter | Description | Default
109--------- | ----------- | -------
110`zookeeper.enabled` | Zookeeper alarms enabled | `true`
111`zookeeper.start_periods` | How many periods Zookeeper is not started before alarming | `3`
112`zookeeper.running_periods` | How many periods Zookeeper is not running before alarming | `1`
diff --git a/monasca-alarms/templates/_helpers.tpl b/monasca-alarms/templates/_helpers.tpl
new file mode 100644
index 0000000..f0d83d2
--- /dev/null
+++ b/monasca-alarms/templates/_helpers.tpl
@@ -0,0 +1,16 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}}
diff --git a/monasca-alarms/templates/alarms.yaml b/monasca-alarms/templates/alarms.yaml
new file mode 100644
index 0000000..00c4e8a
--- /dev/null
+++ b/monasca-alarms/templates/alarms.yaml
@@ -0,0 +1,68 @@
1{{- if .Values.kafka.enabled }}
2---
3apiVersion: "monasca.io/v1"
4kind: AlarmDefinition
5metadata:
6 name: kafka-not-starting
7 labels:
8 app: {{ template "fullname" . }}
9 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
10 release: "{{ .Release.Name }}"
11 heritage: "{{ .Release.Service }}"
12alarmDefinitionSpec:
13 name: "Kafka not started"
14 expression: "avg(kafka_watcher_status) < 0 times {{ .Values.kafka.start_periods }}"
15 match_by: []
16 description: "Kafka has not started in {{ .Values.kafka.start_periods }} minutes"
17 severity: "HIGH"
18---
19apiVersion: "monasca.io/v1"
20kind: AlarmDefinition
21metadata:
22 name: kafka-not-running
23 labels:
24 app: {{ template "fullname" . }}
25 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
26 release: "{{ .Release.Name }}"
27 heritage: "{{ .Release.Service }}"
28alarmDefinitionSpec:
29 name: "Kafka not running"
30 expression: "avg(kafka_watcher_status) > 0 times {{ .Values.kafka.running_periods }}"
31 match_by: []
32 description: "Kafka is not running for {{ .Values.kafka.running_periods }} minutes"
33 severity: "HIGH"
34{{- end }}
35{{- if .Values.zookeeper.enabled }}
36---
37apiVersion: "monasca.io/v1"
38kind: AlarmDefinition
39metadata:
40 name: zookeeper-not-starting
41 labels:
42 app: {{ template "fullname" . }}
43 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
44 release: "{{ .Release.Name }}"
45 heritage: "{{ .Release.Service }}"
46alarmDefinitionSpec:
47 name: "Zookeeper not started"
48 expression: "avg(zookeeper_watcher_status) < 0 times {{ .Values.zookeeper.start_periods }}"
49 match_by: []
50 description: "Zookeeper not started in {{ .Values.zookeeper.start_periods }} minutes"
51 severity: "HIGH"
52---
53apiVersion: "monasca.io/v1"
54kind: AlarmDefinition
55metadata:
56 name: zookeeper-not-running
57 labels:
58 app: {{ template "fullname" . }}
59 chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
60 release: "{{ .Release.Name }}"
61 heritage: "{{ .Release.Service }}"
62alarmDefinitionSpec:
63 name: "Zookeeper not running"
64 expression: "avg(zookeeper_watcher_status) > 0 times {{ .Values.zookeeper.running_periods }}"
65 match_by: []
66 description: "Zookeeper is not running for {{ .Values.zookeeper.running_periods }} minutes"
67 severity: "HIGH"
68{{- end }}
diff --git a/monasca-alarms/values.yaml b/monasca-alarms/values.yaml
new file mode 100644
index 0000000..d64ae94
--- /dev/null
+++ b/monasca-alarms/values.yaml
@@ -0,0 +1,9 @@
1kafka:
2 enabled: true
3 start_periods: 3
4 running_periods: 1
5
6zookeeper:
7 enabled: true
8 start_periods: 3
9 running_periods: 1
diff --git a/monasca/.helmignore b/monasca/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/monasca/.helmignore
@@ -0,0 +1,21 @@
1# Patterns to ignore when building packages.
2# This supports shell glob matching, relative path matching, and
3# negation (prefixed with !). Only one pattern per line.
4.DS_Store
5# Common VCS dirs
6.git/
7.gitignore
8.bzr/
9.bzrignore
10.hg/
11.hgignore
12.svn/
13# Common backup files
14*.swp
15*.bak
16*.tmp
17*~
18# Various IDEs
19.project
20.idea/
21*.tmproj
diff --git a/monasca/Chart.yaml b/monasca/Chart.yaml
new file mode 100644
index 0000000..275b9fa
--- /dev/null
+++ b/monasca/Chart.yaml
@@ -0,0 +1,9 @@
1apiVersion: v1
2description: A Helm chart for Monasca running in Kubernetes
3name: monasca
4version: 0.6.4
5sources:
6- https://wiki.openstack.org/wiki/Monasca
7maintainers:
8- name: Tim Buckley
9 email: timothy.jas.buckley@hpe.com
diff --git a/monasca/README.md b/monasca/README.md
new file mode 100644
index 0000000..6289bea
--- /dev/null
+++ b/monasca/README.md
@@ -0,0 +1,574 @@
1# Monasca
2
3## An Open-Source Monitoring as a Service at Scale solution
4
5[Monasca](https://wiki.openstack.org/wiki/Monasca), an
6[Openstack](https://www.openstack.org/) official project, is a scalable
7monitoring as a service solution. It monitors services and systems by a push
8model. The Monasca Agent will collect metrics from each node and push them to
9the Monasca API. It will then be processed by separate microservices for
10storing, alarming and notifications. The architecture can be viewed
11[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
12
13## QuickStart
14
15```bash
16$ helm repo add monasca http://monasca.io/monasca-helm
17$ helm install monasca/monasca --name monasca --namespace monitoring
18```
19
20## Introduction
21
22This chart bootstraps a [Monasca](https://wiki.openstack.org/wiki/Monasca)
23deployment on a Kubernetes cluster using the Helm Package manager.
24
25## Prerequisites
26
27- Kubernetes 1.4+
28
29## Installing the Chart
30
31Monasca can either be install from the [monasca.io](https://monasca.io/) helm repo or by source.
32
33### Installing via Helm repo (recommended)
34
35```bash
36$ helm repo add monasca http://monasca.io/monasca-helm
37$ helm install monasca/monasca --name monasca --namespace monitoring
38```
39
40### Installing via source
41
42```bash
43$ helm repo add monasca http://monasca.io/monasca-helm
44$ helm dependency update monasca
45$ helm install monasca --name monasca --namespace monitoring
46```
47
48Either option will bring up Monasca on the Kubernetes cluster with the default
49configuration. The [configuration](#configuration) section lists the parameters
50that can be configured during installation.
51
52> **Tip**: List all releases using `helm list`
53
54## Uninstalling the Chart
55
56To uninstall/delete the `my-release` deployment:
57
58```bash
59$ helm delete my-release --purge
60```
61
62The command removes all the Kubernetes components associated with the chart and
63deletes the release.
64
65### Default monitoring
66
67By default Monasca will monitor pod workloads (CPU, Network, Memory, etc.) and Kubernetes health.
68
69It will also autodetect Prometheus Endpoints by looking for the following annotations on services and pods
70
71* prometheus.io/scrape: Only scrape pods that have a value of 'true'
72* prometheus.io/path: If the metrics path is not '/metrics' override this.
73* prometheus.io/port: Scrape the pod on the indicated port instead of the default of '9102'.
74
75More information on our monitoring within in Kubernetes can be found on
76[monasca.io](http://monasca.io/docs/kubernetes.html)
77
78## Configuration
79
80The following tables lists the configurable parameters of the Monasca chart
81broken down by microservice and their default values.
82
83Specify each parameter using the `--set key=value[,key=value]` argument to
84`helm install`. For example,
85
86```console
87$ helm install monasca --name my-release \
88 --set persister.replicaCount=4
89```
90
91Alternatively, a YAML file that specifies the values for the below parameters
92can be provided while installing the chart. For example,
93
94```console
95$ helm install monasca --name my-release -f values.yaml
96```
97
98> **Tip**: You can use the default [values.yaml](values.yaml)
99
100## Helm Tests for Monasca
101
102We have two test suites that can be run via Helm Test.
103
104These are Smoke Tests and Tempest Tests. By default only Smoke Tests are enabled.
105
106In both tests, Monasca must be deployed or upgraded using helm and then once all
107pods have been created and all jobs have succeeded the tests can be run.
108
109### Tempest Tests
110
111These tests run the [Monasca tempest tests](https://github.com/openstack/monasca-api/tree/master/monasca_tempest_tests)
112
113Prior to running helm tests you must enable the tempest tests by running:
114
115```console
116$ helm upgrade monasca monasca/monasca --set tempest_tests.enabled=true
117```
118
119Due to the amount of time that it takes to run the tests, the timeout parameter
120must be specified. The time required for the tests vary according to your hardware
121and how loaded your system is. Test times as low as 600 seconds but up to 3100 seconds
122have been seen. Use the command below, but replacing 900 with the timeout that
123works for your system:
124
125```console
126$ helm test monasca --timeout 900
127```
128
129If your timeout is not long enough, then you will see a result like this:
130
131```console
132RUNNING: monasca-tempest-tests-test-pod
133UNKNOWN: monasca-tempest-tests-test-pod: timed out waiting for the condition
134```
135
136You must then wait for the pod monasca-tempest-tests-test-pod to exit
137and check its logs and exit status.
138
139If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
140
141To run the tests again, the pod monasca-tempest-tests-test-pod must be deleted.
142
143The tests are very sensitive to name resolution problems so if your Kubernetes
144cluster has any problems resolving services, random tests will fail.
145
146### Smoke Tests
147
148These tests run the [Monasca smoke tests](https://github.com/monasca/smoke-test)
149
150Since they are enabled by default you do not have to take an extra step to
151enable them and can run:
152
153```console
154$ helm test monasca
155```
156
157You must then wait for the pod monasca-smoke-tests-test-pod to exit
158and check its logs and exit status.
159
160If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
161
162To run the tests again, the pod monasca-smoke-tests-test-pod must be deleted.
163
164### Agent
165
166Parameter | Description | Default
167--------- | ----------- | -------
168`agent.name` | Agent container name | `agent`
169`agent.deployment_enabled` | Agent deployment enabled | `true`
170`agent.daemonset_enabled` | Agent daemonset enabled | `true`
171`agent.termination_grace_period` | Agent grace period before force terminating | `30`
172`agent.daemonset_toleration.enabled` | Agent daemonset toleration is enabled | `false`
173`agent.daemonset_toleration.operator` | Agent daemonset toleration operator | `true`
174`agent.daemonset_toleration.effect` | Agent daemonset toleration effect | `true`
175`agent.collector.image.repository` | Agent Collector container image repository | `monasca/agent-collector`
176`agent.collector.image.tag` | Agent Collector container image tag | `master-20170707-154334`
177`agent.collector.image.pullPolicy` | Agent Collector container image pull policy | `IfNotPresent`
178`agent.collector.check_freq` | How often to run metric collection in seconds | `30`
179`agent.collector.num_collector_threads` | Number of threads to use in collector for running checks | `1`
180`agent.collector.pool_full_max_retries` | Maximum number of collection cycles where all of the threads in the pool are still running plugins before the collector will exit | `4`
181`agent.collector.sub_collection_warn` | Number of seconds a plugin collection time exceeds that causes a warning to be logged for that plugin | `6`
182`agent.forwarder.image.repository` | Agent Forwarder container image repository | `monasca/agent-forwarder`
183`agent.forwarder.image.tag` | Agent Forwarder container image tag | `master-20170615-204444`
184`agent.forwarder.image.pullPolicy` | Agent Forwarder container image pull policy | `IfNotPresent`
185`agent.forwarder.max_batch_size` | Maximum batch size of measurements to write to monasca-api, 0 is no limit | `0`
186`agent.forwarder.max_measurement_buffer_size` | Maximum number of measurements to buffer when unable to communicate with the monasca-api (-1 means no limit)| `-1`
187`agent.forwarder.backlog_send_rate` | Maximum number of messages to send at one time when communication with the monasca-api is restored | `5`
188`agent.dimensions` | Default dimensions to attach to every metric being sent | ``
189`agent.plugins.enabled` | Enable passing in agent plugins | `False`
190`agent.plugins.config_files` | List of plugin yamls to be used with the agent | ``
191`agent.insecure` | Insecure connection to Keystone and Monasca API | `False`
192`agent.log_level` | Log level of agent log files | `WARN`
193`agent.keystone.username` | Agent Keystone username | `mini-mon`
194`agent.keystone.user_domain_name` | Agent Keystone user domain | `Default`
195`agent.keystone.password` | Agent Keystone password | `password`
196`agent.keystone.project_name` | Agent Keystone project name | `mini-mon`
197`agent.keystone.project_domain_name` | Agent Keystone project domain | `Default`
198`agent.namespace_annotations` | Namespace annotations to set as metrics dimensions | ``
199`agent.prometheus.auto_detect_pod_endpoints` | Autodetect Prometheus endpoints for scraping by pods | `true`
200`agent.prometheus.auto_detect_service_endpoints` | Autodetect Prometheus endpoints for scraping by services | `true`
201`agent.prometheus.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
202`agent.prometheus.timeout` | The Prometheus endpoint connection timeout | `3`
203`agent.kubernetes_api.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
204`agent.kubernetes_api.timeout` | The K8s API connection timeout | `3`
205`agent.kubernetes_api.storage.report` | Report bound pvc capacity metrics per a storage class | `true`
206`agent.kubernetes_api.storage.parameter_dimensions` | Storage class parameters as dimensions | ``
207`agent.kubernetes.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
208`agent.kubernetes.timeout` | The cAdvisor/Kubelet connection timeout | `3`
209`agent.kubernetes.enable_minimum_whitelist` | Only report minimum set of pod metrics (cpu, memory) | `false`
210`agent.cadvisor.enabled` | Enable host metrics from cAdvisor | `true`
211`agent.cadvisor.timeout` | The cAdvisor connection timeout | `3`
212`agent.cadvisor.enable_minimum_whitelist` | Only report minimum set of host metrics (cpu, memory) | `false`
213`agent.resources.requests.memory` | Memory request per agent pod | `256Mi`
214`agent.resources.requests.cpu` | CPU request per agent pod | `100m`
215`agent.resources.limits.memory` | Memory limit per agent pod | `512Mi`
216`agent.resources.limits.cpu` | Memory limit per agent pod | `500m`
217
218### Aggregator
219
220Parameter | Description | Default
221--------- | ----------- | -------
222`aggregator.name` | Aggregator container name | `aggregation`
223`aggregator.enabled` | Aggregator enabled | `true`
224`aggregator.image.repository` | Aggregator container image repository | `rbrndt/test-agg`
225`aggregator.image.tag` | Aggregator container image tag | `.0.1.1`
226`aggregator.image.pullPolicy` | Aggregator container image pull policy | `IfNotPresent`
227`aggregator.window_size` | Window size in seconds of metrics to aggregate on. | `60`
228`aggregator.window_lag` | Lag in seconds outside the window to accept metrics into current aggregations | `2`
229
230### Alarms Init Job
231
232Parameter | Description | Default
233--------- | ----------- | -------
234`alarms.name` | Alarms container name | `alarms`
235`alarms.enabled` | Alarms init job enabled | `true`
236`alarms.image.repository` | Alarms init job container image repository | `rbrndt/test-agg`
237`alarms.image.tag` | Alarms init job container image tag | `1.1.1`
238`alarms.image.pullPolicy` | Alarms init job container image pull policy | `IfNotPresent`
239`alarms.wait.retries` | Number of attempts to create alarms before giving up | `24`
240`alarms.wait.delay` | Seconds to wait between retries | `5`
241`alarms.wait.timeout` | Attempt connection timeout in seconds | `10`
242`alarms.keystone.username` | Monasca Keystone user | `mini-mon`
243`alarms.keystone.user_domain_name` | Monasca Keystone user domain | `Default`
244`alarms.keystone.password` | Monasca Keystone password | `password`
245`alarms.keystone.project_name` | Monasca Keystone project name | `mini-mon`
246`alarms.keystone.project_domain_name` | Monasca Keystone project domain | `Default`
247
248### API
249
250Parameter | Description | Default
251--------- | ----------- | -------
252`api.name` | API container name | `api`
253`api.image.repository` | API container image repository | `monasca/api`
254`api.image.tag` | API container image tag | `master-prometheus`
255`api.image.pullPolicy` | API container image pull policy | `IfNotPresent`
256`api.resources.requests.memory` | Memory request per API pod | `256Mi`
257`api.resources.requests.cpu` | CPU request per API pod | `250m`
258`api.resources.limits.memory` | Memory limit per API pod | `1Gi`
259`api.resources.limits.cpu` | Memory limit per API pod | `2000m`
260`api.replicaCount` | API pod replica count | `1`
261`api.keystone.admin_password` | Keystone admin account password | `secretadmin`
262`api.keystone.admin_user` | Keystone admin account user | `admin`
263`api.keystone.admin_tenant` | Keystone admin account tenant | `admin`
264`api.influxdb.user` | The influx username | `mon_api`
265`api.influxdb.password` | The influx password | `password`
266`api.influxdb.database` | The influx database | `mon`
267`api.gunicorn_workers` | Number of gunicorn api workers | `1`
268`api.service.port` | API service port | `8070`
269`api.service.type` | API service type | `ClusterIP`
270`api.service.node_port` | API node port if service type is set to NodePort | ``
271`api.logging.log_level_root` | The level of the root logger | `WARN`
272`api.logging.log_level_console` | Minimum level for console output | `WARN`
273`api.mysql_disabled` | Disable requirement on mysql for API | `false`
274`api.mysql_wait_retries` | Retries for mysql available checks |
275`api.auth_disabled` | Disable Keystone authentication | `false`
276`api.authorized_roles` | Roles for admin Users | `user, domainuser, domainadmin, monasca-user`
277`api.side_container.enabled` | Enable API side container that collects metrics from the API and exposes as a Prometheus endpoint | `true`
278`api.side_container.image.repository` | API side container image repository | `timothyb89/monasca-sidecar`
279`api.side_container.image.tag` | API side container image tag | `1.0.0`
280`api.side_container.image.pullPolicy` | API side container image pull policy | `IfNotPresent`
281`api.side_container.resources.requests.memory` | Memory request per API side container | `128Mi`
282`api.side_container.resources.requests.cpu` | CPU request per API side container | `50m`
283`api.side_container.resources.limits.memory` | Memory limit per API side container | `256Mi`
284`api.side_container.resources.limits.cpu` | Memory limit per API side container | `100m`
285
286### Client
287
288Parameter | Description | Default
289--------- | ----------- | -------
290`client.name` | Client container name | `client`
291`client.enabled` | Enable deploying client | `false`
292`client.image.repository` | Client container image repository | `rbrndt/python-monascaclient`
293`client.image.tag` | Client container image tag | `1.6.0`
294`client.image.pullPolicy` | Client container image pull policy | `IfNotPresent`
295`client.keystone.username` | Keystone user | `mini-mon`
296`client.keystone.user_domain_name` | Keystone user domain | `Default`
297`client.keystone.password` | Keystone password | `password`
298`client.keystone.project_name` | Keystone project name | `mini-mon`
299`client.keystone.project_domain_name` | Keystone project domain | `Default`
300
301### Forwarder
302
303Parameter | Description | Default
304--------- | ----------- | -------
305`forwarder.name` | Forwarder container name | `forwarder`
306`forwarder.image.repository` | Forwarder container image repository | `monasca/forwarder`
307`forwarder.image.tag` | Forwarder container image tag | `master`
308`forwarder.image.pullPolicy` | Forwarder container image pull policy | `IfNotPresent`
309`forwarder.insecure` | Insecure connection to Monasca API | `False`
310`forwarder.enabled` | Enable deploying the forwarder | `false`
311`forwarder.replicaCount` | Replica count of Forwarder pods | `1`
312`forwarder.logging.debug` | Enable debug logging | `false`
313`forwarder.logging.verbose` | Enable verbose logging | `true`
314`forwarder.config.remote_api_url` | Versioned monasca api url to forward metrics to | `http://monasca:8070/v2.0`
315`forwarder.config.monasca_project_id` | Project ID to forward metrics under | `3564760a3dd44ae9bd6618d442fd758c`
316`forwarder.config.use_insecure` | Use insecure when forwarding metrics | `false`
317`forwarder.config.monasca_role` | Role to forward metrics under | `monasca-agent`
318`forwarder.resources.requests.memory` | Memory request per forwarder pod | `128Mi`
319`forwarder.resources.requests.cpu` | CPU request per forwarder pod | `50m`
320`forwarder.resources.limits.memory` | Memory limit per forwarder pod | `256Mi`
321`forwarder.resources.limits.cpu` | Memory limit per forwarder pod | `100m`
322
323### Grafana
324
325Parameter | Description | Default
326--------- | ----------- | -------
327`grafana.name` | Grafana container name | `grafana`
328`granfa.enabled` | Grafana enabled | `true`
329`grafana.simple_name` | Whether to use `grafana.name` without prepending with `.Release.Name` | `false`
330`grafana.image.repository` | Grafana container image repository | `monasca/grafana`
331`grafana.image.tag` | Grafana container image tag | `4.1.0-pre1-1.0.0`
332`grafana.image.pullPolicy` | Grafana container image pull policy | `IfNotPresent`
333`grafana.service.port` | Grafana service port | `3000`
334`grafana.service.type` | Grafana service type | `NodePort`
335`grafana.resources.requests.memory` | Memory request per grafana pod | `64Mi`
336`grafana.resources.requests.cpu` | CPU request per grafana pod | `50m`
337`grafana.resources.limits.memory` | Memory limit per grafana pod | `128Mi`
338`grafana.resources.limits.cpu` | Memory limit per grafana pod | `100m`
339
340### Keystone
341
342Parameter | Description | Default
343--------- | ----------- | -------
344`keystone.name` | Keystone container name | `keystone`
345`keystone.enabled` | Keystone enable flag. If false each micro service using keystone will use the override keystone variables | `true`
346`keystone.override.public_url` | Keystone external url for public endpoint | `http://keystone:35357`
347`keystone.override.admin_url` | Keystone external url for admin endpoint | `http://keystone:5000`
348`keystone.image.repository` | Keystone container image repository | `monasca/keystone`
349`keystone.image.tag` | Keystone container image tag | `1.0.7`
350`keystone.image.pullPolicy` | Keystone container image pull policy | `IfNotPresent`
351`keystone.bootstrap.user` | Keystone bootstrap username | `admin`
352`keystone.bootstrap.password` | Keystone bootstrap password | `secretadmin`
353`keystone.bootstrap.project` | Keystone bootstrap project | `admin`
354`keystone.bootstrap.role` | Keystone bootstrap role | `admin`
355`keystone.bootstrap.service` | Keystone bootstrap service | `keystone`
356`keystone.bootstrap.region` | Keystone bootstrap region | `RegionOne`
357`keystone.database_backend` | Keystone backend database | `mysql`
358`keystone.mysql.database` | Keystone mysql database | `keystone`
359`keystone.replicaCount` | Keystone pod replicas | `1`
360`keystone.service.type` | Keystone service type | `ClusterIP`
361`keystone.service.port` | Keystone service port | `35357`
362`keystone.service.admin_port` | Keystone admin service port | `5000`
363`keystone.service.admin_node_port` | Keystone admin service node port if service type is NodePort | ``
364`keystone.service.node_port` | Keystone service node port if service type is NodePort | ``
365`keystone.users.mini_mon.password` | Keystone container image pull policy | `password`
366`keystone.users.monasca_agent.password` | Keystone container image pull policy | `password`
367`keystone.users.admin.password` | Keystone container image pull policy | `secretadmin`
368`keystone.users.demo.password` | Keystone container image pull policy | `secretadmin`
369`keystone.users.monasca_read_only.password` | Keystone container image pull policy | `password`
370`keystone.resources.requests.memory` | Memory request per keystone pod | `256Mi`
371`keystone.resources.requests.cpu` | CPU request per keystone pod | `100m`
372`keystone.resources.limits.memory` | Memory limit per keystone pod | `1Gi`
373`keystone.resources.limits.cpu` | Memory limit per keystone pod | `500m`
374
375
376### Influxdb
377
378Parameter | Description | Default
379----------|-------------|--------
380`influxdb.enabled` | Influxdb enabled | `true`
381`influxdb.imageTag` | Tag to use from `library/mysql` | `5.6`
382`influxdb.image.repository` | docker repository for influxdb | `influxdb`
383`influxdb.imagePullPolicy` | K8s pull policy for influxdb image | `IfNotPresent`
384`influxdb.persistence.enabled` | If `true`, enable persistent storage | `false`
385`influxdb.persistence.storageClass` | K8s storage class to use for persistence | `default`
386`influxdb.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
387`influxdb.persistence.size` | PVC request size | `100Gi`
388`influxdb.resources.requests.memory` | Memory request | `256Mi`
389`influxdb.resources.requests.cpu` | CPU request | `100m`
390`influxdb.resources.limits.memory` | Memory limit | `16Gi`
391`influxdb.resources.limits.cpu` | CPU limit | `500m`
392`influxdb.config.http.bind_address` | API Port| `8086`
393`influxdb.config.data.cache_max_memory_size` | CPU limit | `1073741824`
394
395
396### Influxdb Init Job
397
398Parameter | Description | Default
399--------- | ----------- | -------
400`influx_init.enabled` | Influxdb initialization job enabled | `true`
401`influx_init.image.repository` | docker repository for influx init | `monasca/influxdb-init`
402`influx_init.image.tag` | Docker image tag | `1.0.0`
403`influx_init.image.pullPolicy` | Kubernetes pull policy for image | `IfNotPresent`
404`influx_init.shard_duration` | Influxdb shard duration | `1d`
405`influx_init.default_retention` | Influxdb retention | `INF`
406
407### MySQL
408
409Parameter | Description | Default
410----------|-------------|--------
411`mysql.enabled` | MySQL enabled | `true`
412`mysql.imageTag` | Tag to use from `library/mysql` | `5.6`
413`mysql.imagePullPolicy` | K8s pull policy for mysql image | `IfNotPresent`
414`mysql.persistence.enabled` | If `true`, enable persistent storage | `false`
415`mysql.persistence.storageClass` | K8s storage class to use for persistence | `default`
416`mysql.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
417`mysql.persistence.size` | PVC request size | `10Gi`
418`mysql.resources.requests.memory` | Memory request | `256Mi`
419`mysql.resources.requests.cpu` | CPU request | `100m`
420`mysql.resources.limits.memory` | Memory limit | `1Gi`
421`mysql.resources.limits.cpu` | CPU limit | `500m`
422`mysql.users.keystone.username` | Keystone MySQL username | `keystone`
423`mysql.users.keystone.password` | Keystone MySQL password | `keystone`
424`mysql.users.api.username` | API MySQL username | `monapi`
425`mysql.users.api.password` | API MySQL password | `password`
426`mysql.users.notification.username` | Notification MySQL username | `notification`
427`mysql.users.notification.password` | Notification MySQL password | `password`
428`mysql.users.thresh.username` | Thresh MySQL username | `thresh`
429`mysql.users.thresh.password` | Thresh MySQL password | `password`
430`mysql.users.grafana.username` | Grafana MySQL username | `grafana`
431`mysql.users.grafana.password` | Grafana MySQL password | `password`
432
433### MySQL Init Job
434
435Parameter | Description | Default
436--------- | ----------- | -------
437`mysql_init.enabled` | MySQL initialization job enabled | `true`
438`mysql_init.image.repository` | docker repository for mysql-init | `monasca/mysql-init`
439`mysql_init.image.tag` | Docker image tag | `1.2.0`
440`mysql_init.image.pullPolicy` | Kubernetes pull polify for image | `IfNotPresent`
441`mysql_init.disable_remote_root` | If `true`, disable root account after init finishes successfully | `true`
442`mysql_init.keystone_db_enabled` | Setup Keystone Database. Use `false` with an external Keystone | `true`
443`mysql_init.create_mon_users` | Create the Database users for Monasca | `true`
444`mysql_init.grafana_db_enabled` | Setup Grafana Database | `true`
445
446### Notification
447
448Parameter | Description | Default
449--------- | ----------- | -------
450`notification.name` | Notification container name | `notification`
451`notification.enabled` | Notification engine enabled flag | `true`
452`notification.image.repository` | Notification container image repository | `monasca/notification`
453`notification.image.tag` | Notification container image tag | `master`
454`notification.image.pullPolicy` | Notification container image pull policy | `IfNotPresent`
455`notification.replicaCount` | Notification pod replica count | `1`
456`notification.log_level` | Notification log level | `WARN`
457`notification.plugins` | Notification plugins enabled | `pagerduty,webhook`
458`notification.plugin_config.email.defined` | Notification email plugin configuration is defined | `false`
459`notification.plugin_config.email.server` | SMTP server address | ``
460`notification.plugin_config.email.port` | SMTP server port | ``
461`notification.plugin_config.email.user` | SMTP username | ``
462`notification.plugin_config.email.password` | SMTP password | ``
463`notification.plugin_config.email.from_addr` | "from" field for emails sent, e.g. "Name" <name@example.com> | ``
464`notification.plugin_config.webhook.timeout` | Webhook timeout | `5`
465`notification.plugin_config.hipchat.ssl_certs` | Path to SSL certs | ``
466`notification.plugin_config.hipchat.timeout` | Hipchat timeout | `5`
467`notification.plugin_config.hipchat.insecure` | Insecure when sending to Hipchat | ``
468`notification.plugin_config.hipchat.proxy` | if set, use the given HTTP(S) proxy server to send Hipchat notifications | ``
469`notification.plugin_config.slack.timeout` | Notification slack timeout | `5`
470`notification.plugin_config.slack.certs` | Path to Slack certs | ``
471`notification.plugin_config.slack.insecure` | Insecure when sending to Slack | ``
472`notification.plugin_config.slack.proxy` | if set, use the given HTTP(S) proxy server to send Slack notifications | ``
473`notification.resources.requests.memory` | Memory request per notification pod | `128Mi`
474`notification.resources.requests.cpu` | CPU request per notification pod | `50m`
475`notification.resources.limits.memory` | Memory limit per notification pod | `256Mi`
476`notification.resources.limits.cpu` | Memory limit per notification pod | `100m`
477
478### Persister
479
480Parameter | Description | Default
481--------- | ----------- | -------
482`persister.name` | Persister container name | `persister`
483`persister.image.repository` | Persister container image repository | `monasca/persister`
484`persister.image.tag` | Persister container image tag | `master`
485`persister.image.pullPolicy` | Persister container image pull policy | `IfNotPresent`
486`persister.replicaCount` | Persister pod replica count | `1`
487`persister.influxdb.user` | Persister influx username | `mon_persister`
488`persister.influxdb.password` | Persister influx password | `password`
489`persister.influxdb.database` | Persister influx database | `mon`
490`persister.logging.debug` | Persister debug logging enabled | `false`
491`persister.logging.verbose` | Persister verbose logging enabled | `true`
492`persister.resources.requests.memory` | Memory request per persister pod | `128Mi`
493`persister.resources.requests.cpu` | CPU request per persister pod | `50m`
494`persister.resources.limits.memory` | Memory limit per persister pod | `256Mi`
495`persister.resources.limits.cpu` | Memory limit per persister pod | `100m`
496
497### Threshold Engine
498
499Parameter | Description | Default
500--------- | ----------- | -------
501`thresh.name` | Thresh container name | `thresh`
502`thresh.image.repository` | Thresh container image repository | `monasca/thresh`
503`thresh.image.tag` | Thresh container image tag | `master`
504`thresh.image.pullPolicy` | Thresh container image pull policy | `IfNotPresent`
505`thresh.use_local` | Run in local mode | `true`
506`thresh.secretSuffix` | MySQL secret suffix | `mysql-thresh-secret`
507`thresh.spout.metricSpoutThreads` | Amount of metric spout threads | `2`
508`thresh.spout.metricSpoutTasks` | Amount of metric spout tasks | `2`
509`thresh.wait.retries` | Number of startup connection attempts to make before giving up | `24`
510`thresh.wait.delay` | Seconds to wait between retries | `5`
511`thresh.wait.timeout` | Attempt connection timeout in seconds | `10`
512`thresh.memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
513`thresh.stack_size` | JVM stack size | `1024k`
514
515Storm-specific options are documented in the
516[Storm chart](https://github.com/hpcloud-mon/monasca-helm/tree/master/storm).
517
518Storm is disabled and the Threshold Engine is run without Storm by default. To run the Threshold
519Engine with Storm, set storm.enabled to true and thresh.enabled to false.
520
521### Tempest Tests
522
523Parameter | Description | Default
524--------- | ----------- | -------
525`tempest_test.name` | Tempest Test container name | `tempest-tests`
526`tempest_test.enabled` | If True, run Tempest Tests | `False`
527`tempest_tests.image.repository` | Tempest Test container image repository | `monasca/tempest-tests`
528`tempest_tests.image.tag` | Tempest Test container image tag | `1.0.0`
529`tempest_tests.image.pullPolicy` | Tempest Test container image pull policy | `IfNotPresent`
530`tempest_test.wait.enabled`| Enable Monasca API available checks | `True`
531`tempest_test.wait.retries`| Retries for Monasca API available checks | `24`
532`tempest_test.wait.delay` | Sleep time between Monasca API retries | `5`
533`tempest_test.keystone.os_password` Password for Keystone User | `password`
534`tempest_test.keystone.os_project_domain_name` | User Project Domain Name | `Default`
535`tempest_test.keystone.os_project_name` | User Project Name | `mini-mon`
536`tempest_test.keystone.os_username` | Keystone User Name | `mini-mon`
537`tempest_test.keystone.os_tenant_name` | Keystone User Tenant(Project) Name | `mini-mon`
538`tempest_test.keystone.os_domain_name` | Keystone User Domain Name | `Default`
539`tempest_test.keystone.alt_username` | Alternate User Name | `mini-mon`
540`tempest_test.keystone.alt_password` | Alternate User Password | `password`
541`tempest_test.keystone.auth_use_ssl` | Use https for keystone Auth URI | `False`
542`tempest_test.keystone.keystone_server` | Keystone Server Name | `keystone`
543`tempest_test.keystone.keystone_port` | Keystone Server Port | `35357`
544`tempest_test.keystone.use_dynamic_creds` | Whether to recreate creds for each test run | `True`
545`tempest_test.keystone.admin_username` | Keystone Admin Domain Name | `mini-mon`
546`tempest_test.keystone.admin_password` | Keystone Admin Domain Name | `password`
547`tempest_test.keystone.admin_domain_name` | Keystone Admin Domain Name | `Default`
548`tempest_test.keystone.ostestr_regex` | Selects which tests to run | `monasca_tempest_tests`
549`tempest_test.keystone.stay_alive_on_failure` | If true, container runs 2 hours after tests fail | False
550
551### Smoke Tests
552
553Parameter | Description | Default
554--------- | ----------- | -------
555`smoke_tests.name` | Smoke Test container name | `smoke-tests`
556`smoke_tests.enabled` | If True, run Smoke Test when using helm test | `True`
557`smoke_tests.image.repository` | Smoke Test container image repository | `monasca/smoke-tests`
558`smoke_tests.image.tag` | Smoke Test container image tag | `1.0.0`
559`smoke_tests.image.pullPolicy` | Smoke Test container image pull policy | `IfNotPresent`
560`smoke_tests.keystone.username`| Keystone User Name | `mini-mon`
561`smoke_tests.keystone.password`| Keystone User Tenant Name | `mini-mon`
562`smoke_tests.keystone.tenant_name` | Keystone Domain name | `Default`
563
564### Alarm Definition Controller
565
566Parameter | Description | Default
567--------- | ----------- | -------
568`alarm_definition_controller.name` | Alarm Definition Controller container name | `alarm-definition-controller`
569`alarm_definition_controller.resource_enabled` | If True, create Alarm Definition third party resource | `True`
570`alarm_definition_controller.controller_enabled` | If True, create Alarm Definition Controller | `True`
571`alarm_definition_controller.image.repository` | Alarm Definition Controller container image repository | `monasca/alarm-definition-controller`
572`alarm_definition_controller.image.tag` | Alarm Definition Controller container image tag | `1.0.0`
573`alarm_definition_controller.image.pullPolicy` | Alarm Definition Controller container image pull policy | `IfNotPresent`
574`alarm_definition_controller.version` | Alarm Definition Controller version | `v1`
diff --git a/monasca/requirements.yaml b/monasca/requirements.yaml
new file mode 100644
index 0000000..0d35720
--- /dev/null
+++ b/monasca/requirements.yaml
@@ -0,0 +1,21 @@
1dependencies:
2 - name: influxdb
3 version: 0.6.2-0.0.2
4 condition: 'influxdb.enabled, global.influxdb.enabled'
5 repository: 'http://monasca.io/monasca-helm/'
6 - name: mysql
7 version: 0.2.4
8 condition: 'mysql.enabled, global.mysql.enabled'
9 repository: 'https://kubernetes-charts.storage.googleapis.com/'
10 - name: kafka
11 version: 0.4.2
12 condition: 'kafka.enabled, global.kafka.enabled'
13 repository: 'http://monasca.io/monasca-helm/'
14 - name: storm
15 version: 0.5.3
16 condition: 'storm.enabled, global.storm.enabled'
17 repository: 'http://monasca.io/monasca-helm/'
18 - name: zookeeper
19 version: 0.3.8
20 condition: 'zookeeper.enabled, global.zookeeper.enabled'
21 repository: 'http://monasca.io/monasca-helm/'
diff --git a/monasca/templates/_helpers.tpl b/monasca/templates/_helpers.tpl
new file mode 100644
index 0000000..5f5ac3a
--- /dev/null
+++ b/monasca/templates/_helpers.tpl
@@ -0,0 +1,160 @@
1{{/* vim: set filetype=mustache: */}}
2{{/*
3Expand the name of the chart.
4*/}}
5{{- define "name" -}}
6{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7{{- end -}}
8
9{{/*
10Create a default fully qualified app name.
11We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12*/}}
13{{- define "fullname" -}}
14{{- $name := default .Chart.Name .Values.nameOverride -}}
15{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16{{- end -}}
17
18{{/*
19Create a fully qualified agent name.
20We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
21*/}}
22{{- define "agent.fullname" -}}
23{{- printf "%s-%s" .Release.Name "agent" | trunc 63 -}}
24{{- end -}}
25
26{{/*
27Create a fully qualified agent name.
28We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
29*/}}
30{{- define "aggregator.fullname" -}}
31{{- printf "%s-%s" .Release.Name "aggregator" | trunc 63 -}}
32{{- end -}}
33
34{{/*
35Create a fully qualified api name.
36We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
37*/}}
38{{- define "api.fullname" -}}
39{{- printf "%s-%s" .Release.Name "api" | trunc 63 -}}
40{{- end -}}
41
42{{/*
43Create a fully qualified forwarder name.
44We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
45*/}}
46{{- define "forwarder.fullname" -}}
47{{- printf "%s-%s" .Release.Name "forwarder" | trunc 63 -}}
48{{- end -}}
49
50{{/*
51Create a fully qualified grafana name.
52We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
53*/}}
54{{- define "grafana.fullname" -}}
55{{- printf "%s-%s" .Release.Name "grafana" | trunc 63 -}}
56{{- end -}}
57
58{{/*
59Create a fully qualified kafka name.
60We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
61*/}}
62{{- define "kafka.fullname" -}}
63{{- printf "%s-%s" .Release.Name "kafka" | trunc 63 -}}
64{{- end -}}
65
66{{/*
67Create a fully qualified keystone name.
68We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
69*/}}
70{{- define "keystone.fullname" -}}
71{{- printf "%s-%s" .Release.Name "keystone" | trunc 63 -}}
72{{- end -}}
73
74{{/*
75Create a fully qualified notification name.
76We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
77*/}}
78{{- define "notification.fullname" -}}
79{{- printf "%s-%s" .Release.Name "notification" | trunc 63 -}}
80{{- end -}}
81
82{{/*
83Create a fully qualified persister name.
84We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
85*/}}
86