Copy Monasca charts from monasca-helm repository

As discussed in the team meeting [1] this commit copies the Monasca
charts from monasca/monasca-helm repository. The goal is to adapt these
charts to OSH standards and patterns, and then move them to
openstack-helm and openstack-helm-infra repositories accordingly.

[1] http://eavesdrop.openstack.org/meetings/openstack_helm/2019/openstack_helm.2019-02-12-15.01.html

Change-Id: I261187de943046b7314ae6ab6b0f997624952d5e
This commit is contained in:
Witek Bedyk 2019-02-13 12:20:42 +01:00
parent 5fa68b90df
commit d632474b4d
143 changed files with 8402 additions and 1 deletions

View File

@ -18,7 +18,9 @@ SHELL := /bin/bash
HELM := helm
TASK := build
EXCLUDES := helm-toolkit doc tests tools logs tmp
EXCLUDES := helm-toolkit doc tests tools logs tmp influxdb kafka \
keystone-init monasca-agent monasca-alarms monasca mysql-users-init storm \
zookeeper
CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
.PHONY: $(EXCLUDES) $(CHARTS)

21
influxdb/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

14
influxdb/Chart.yaml Normal file
View File

@ -0,0 +1,14 @@
name: influxdb
version: 0.6.2-0.0.2
description: Scalable datastore for metrics, events, and real-time analytics.
keywords:
- influxdb
- database
- timeseries
home: https://www.influxdata.com/time-series-platform/influxdb/
sources:
- https://github.com/influxdata/influxdb
maintainers:
- name: Jack Zampolin
email: jack@influxdb.com
engine: gotpl

99
influxdb/README.md Normal file
View File

@ -0,0 +1,99 @@
# InfluxDB
## An Open-Source Time Series Database
[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series database built by the folks over at [InfluxData](https://influxdata.com) with no external dependencies. It's useful for recording metrics, events, and performing analytics.
## QuickStart
```bash
$ helm install stable/influxdb --name foo --namespace bar
```
## Introduction
This chart bootstraps an InfluxDB deployment and service on a Kubernetes cluster using the Helm Package manager.
## Prerequisites
- Kubernetes 1.4+
- PV provisioner support in the underlying infrastructure (optional)
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release stable/influxdb
```
The command deploys InfluxDB on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release --purge
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The default configuration values for this chart are listed in `values.yaml`.
The [full image documentation](https://hub.docker.com/_/influxdb/) contains more information about running InfluxDB in docker.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set persistence.enabled=true,persistence.size=200Gi \
stable/influxdb
```
The above command enables persistence and changes the size of the requested data volume to 200GB.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/influxdb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
### InfluxDB Watcher Configuration
Parameter | Description | Default
--------- | ----------- | -------
`watcher.enabled` | InfluxDB watcher enabled flag | `false`
`watcher.image.repository` | InfluxDB watcher container image repository | `monasca/influxdb-watcher`
`watcher.image.tag` | InfluxDB watcher container image tag | `latest`
`watcher.image.pullPolicy` | InfluxDB watcher container image pull policy | `IfNotPresent`
`watcher.address` | InfluxDB service address | `http://localhost:8086`
`watcher.username` | InfluxDB username with read/write privileges | `influxdb_watcher`
`watcher.password` | InfluxDB password | `password`
`watcher.database` | InfluxDB database | `mon`
`watcher.watcher_period` | InfluxDB watcher period | `600`
`watcher.watcher_timeout` | InfluxDB watcher read/write timeout | `60`
`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
`watcher.port` | InfluxDB watcher port to expose Promethues metrics on | `8080`
## Persistence
The [InfluxDB](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb` directory in the container.
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning.
## Starting with authentication
In `values.yaml` change `.Values.config.http.auth_enabled` to `true`.
Influxdb requires also a user to be set in order for authentication to be enforced. See more details [here](https://docs.influxdata.com/influxdb/v1.2/query_language/authentication_and_authorization/#set-up-authentication).
To handle this setup on startup, a job can be enabled in `values.yaml` by setting `.Values.setDefaultUser.enabled` to `true`.
Make sure to uncomment or configure the job settings after enabling it. If a password is not set, a random password will be generated.

View File

@ -0,0 +1,15 @@
InfluxDB can be accessed via port {{ .Values.config.http.bind_address }} on the following DNS name from within your cluster:
- http://{{ template "influxdb.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.config.http.bind_address }}
You can easily connect to the remote instance with your local influx cli. To forward the API port to localhost:8086 run the following:
- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }') 8086:{{ .Values.config.http.bind_address }}
You can also connect to the influx cli from inside the container. To open a shell session in the InfluxDB pod run the following:
- kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
To tail the logs for the InfluxDB pod run the following:
- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }')

View File

@ -0,0 +1,16 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "influxdb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "influxdb.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,149 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "influxdb.fullname" . }}
labels:
app: {{ template "influxdb.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
influxdb.conf: |+
reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
bind-address = ":{{ .Values.config.bind_address }}"
[meta]
dir = "{{ .Values.config.storage_directory }}/meta"
retention-autocreate = {{ .Values.config.meta.retention_autocreate }}
logging-enabled = {{ .Values.config.meta.logging_enabled }}
[data]
dir = "{{ .Values.config.storage_directory }}/data"
wal-dir = "{{ .Values.config.storage_directory }}/wal"
index-version = "{{ .Values.config.data.index_version }}"
query-log-enabled = {{ .Values.config.data.query_log_enabled }}
cache-max-memory-size = {{ .Values.config.data.cache_max_memory_size | int64 }}
cache-snapshot-memory-size = {{ .Values.config.data.cache_snapshot_memory_size | int64 }}
cache-snapshot-write-cold-duration = "{{ .Values.config.data.cache_snapshot_write_cold_duration }}"
compact-full-write-cold-duration = "{{ .Values.config.data.compact_full_write_cold_duration }}"
max-series-per-database = {{ .Values.config.data.max_series_per_database | int64 }}
max-values-per-tag = {{ .Values.config.data.max_values_per_tag | int64 }}
trace-logging-enabled = {{ .Values.config.data.trace_logging_enabled }}
[coordinator]
write-timeout = "{{ .Values.config.coordinator.write_timeout }}"
max-concurrent-queries = {{ .Values.config.coordinator.max_concurrent_queries | int64 }}
query-timeout = "{{ .Values.config.coordinator.query_timeout }}"
log-queries-after = "{{ .Values.config.coordinator.log_queries_after }}"
max-select-point = {{ .Values.config.coordinator.max_select_point | int64 }}
max-select-series = {{ .Values.config.coordinator.max_select_series | int64 }}
max-select-buckets = {{ .Values.config.coordinator.max_select_buckets | int64 }}
[retention]
enabled = {{ .Values.config.retention.enabled }}
check-interval = "{{ .Values.config.retention.check_interval }}"
[shard-precreation]
enabled = {{ .Values.config.shard_precreation.enabled }}
check-interval = "{{ .Values.config.shard_precreation.check_interval }}"
advance-period = "{{ .Values.config.shard_precreation.advance_period }}"
[admin]
enabled = {{ .Values.config.admin.enabled }}
bind-address = ":{{ .Values.config.admin.bind_address }}"
https-enabled = {{ .Values.config.admin.https_enabled }}
https-certificate = "{{ .Values.config.admin.https_certificate }}"
[monitor]
store-enabled = {{ .Values.config.monitor.store_enabled }}
store-database = "{{ .Values.config.monitor.store_database }}"
store-interval = "{{ .Values.config.monitor.store_interval }}"
[subscriber]
enabled = {{ .Values.config.subscriber.enabled }}
http-timeout = "{{ .Values.config.subscriber.http_timeout }}"
insecure-skip-verify = {{ .Values.config.subscriber.insecure_skip_verify }}
ca-certs = "{{ .Values.config.subscriber.ca_certs }}"
write-concurrency = {{ .Values.config.subscriber.write_concurrency | int64 }}
write-buffer-size = {{ .Values.config.subscriber.write_buffer_size | int64 }}
[http]
enabled = {{ .Values.config.http.enabled }}
bind-address = ":{{ .Values.config.http.bind_address }}"
auth-enabled = {{ .Values.config.http.auth_enabled }}
log-enabled = {{ .Values.config.http.log_enabled }}
write-tracing = {{ .Values.config.http.write_tracing }}
pprof-enabled = {{ .Values.config.http.pprof_enabled }}
https-enabled = {{ .Values.config.http.https_enabled }}
https-certificate = "{{ .Values.config.http.https_certificate }}"
https-private-key = "{{ .Values.config.http.https_private_key }}"
max-row-limit = {{ .Values.config.http.max_row_limit | int64 }}
max-connection-limit = {{ .Values.config.http.max_connection_limit | int64 }}
shared-secret = "{{ .Values.config.http.shared_secret }}"
realm = "{{ .Values.config.http.realm }}"
unix-socket-enabled = {{ .Values.config.http.unix_socket_enabled }}
bind-socket = "{{ .Values.config.http.bind_socket }}"
# TODO: allow multiple graphite listeners with templates
[[graphite]]
enabled = {{ .Values.config.graphite.enabled }}
bind-address = ":{{ .Values.config.graphite.bind_address }}"
database = "{{ .Values.config.graphite.database }}"
retention-policy = "{{ .Values.config.graphite.retention_policy }}"
protocol = "{{ .Values.config.graphite.protocol }}"
batch-size = {{ .Values.config.graphite.batch_size | int64 }}
batch-pending = {{ .Values.config.graphite.batch_pending | int64 }}
batch-timeout = "{{ .Values.config.graphite.batch_timeout }}"
consistency-level = "{{ .Values.config.graphite.consistency_level }}"
separator = "{{ .Values.config.graphite.separator }}"
udp-read-buffer = {{ .Values.config.graphite.udp_read_buffer | int64 }}
# TODO: allow multiple collectd listeners with templates
[[collectd]]
enabled = {{ .Values.config.collectd.enabled }}
bind-address = ":{{ .Values.config.collectd.bind_address }}"
database = "{{ .Values.config.collectd.database }}"
retention-policy = "{{ .Values.config.collectd.retention_policy }}"
batch-size = {{ .Values.config.collectd.batch_size | int64 }}
batch-pending = {{ .Values.config.collectd.batch_pending | int64 }}
batch-timeout = "{{ .Values.config.collectd.batch_timeout }}"
read-buffer = {{ .Values.config.collectd.read_buffer | int64 }}
typesdb = "{{ .Values.config.collectd.typesdb }}"
security-level = "{{ .Values.config.collectd.security_level }}"
auth-file = "{{ .Values.config.collectd.auth_file }}"
# TODO: allow multiple opentsdb listeners with templates
[[opentsdb]]
enabled = {{ .Values.config.opentsdb.enabled }}
bind-address = ":{{ .Values.config.opentsdb.bind_address }}"
database = "{{ .Values.config.opentsdb.database }}"
retention-policy = "{{ .Values.config.opentsdb.retention_policy }}"
consistency-level = "{{ .Values.config.opentsdb.consistency_level }}"
tls-enabled = {{ .Values.config.opentsdb.tls_enabled }}
certificate = "{{ .Values.config.opentsdb.certificate }}"
batch-size = {{ .Values.config.opentsdb.batch_size | int64 }}
batch-pending = {{ .Values.config.opentsdb.batch_pending | int64 }}
batch-timeout = "{{ .Values.config.opentsdb.batch_timeout }}"
log-point-errors = {{ .Values.config.opentsdb.log_point_errors }}
# TODO: allow multiple udp listeners with templates
[[udp]]
enabled = {{ .Values.config.udp.enabled }}
bind-address = ":{{ .Values.config.udp.bind_address }}"
database = "{{ .Values.config.udp.database }}"
retention-policy = "{{ .Values.config.udp.retention_policy }}"
batch-size = {{ .Values.config.udp.batch_size | int64 }}
batch-pending = {{ .Values.config.udp.batch_pending | int64 }}
read-buffer = {{ .Values.config.udp.read_buffer | int64 }}
batch-timeout = "{{ .Values.config.udp.batch_timeout }}"
precision = "{{ .Values.config.udp.precision }}"
[continuous_queries]
log-enabled = {{ .Values.config.continuous_queries.log_enabled }}
enabled = {{ .Values.config.continuous_queries.enabled }}
run-interval = "{{ .Values.config.continuous_queries.run_interval }}"

View File

@ -0,0 +1,127 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "influxdb.fullname" . }}
labels:
app: {{ template "influxdb.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: 1
template:
metadata:
labels:
app: {{ template "influxdb.fullname" . }}
{{- if .Values.watcher.enabled }}
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.watcher.port }}"
monasca.io/usek8slabels: "false"
monasca.io/whitelist: |
- influxdb_average_round_trip_time
- influxdb_dropped_message_count
- influxdb_max_round_trip_time
- influxdb_min_round_trip_time
- influxdb_read_failure_count
- influxdb_running_average_round_trip_time
- influxdb_watcher_status
- influxdb_write_failure_count
- go_memstats_heap_objects
- go_memstats_heap_inuse_bytes
{{- end }}
spec:
containers:
- name: {{ template "influxdb.fullname" . }}
image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
resources:
{{ toYaml .Values.resources | indent 10 }}
ports:
- name: api
containerPort: {{ .Values.config.http.bind_address }}
{{ if .Values.config.admin.enabled -}}
- name: admin
containerPort: {{ .Values.config.admin.bind_address }}
{{- end }}
{{ if .Values.config.graphite.enabled -}}
- name: graphite
containerPort: {{ .Values.config.graphite.bind_address }}
{{- end }}
{{ if .Values.config.collectd.enabled -}}
- name: collectd
containerPort: {{ .Values.config.collectd.bind_address }}
{{- end }}
{{ if .Values.config.udp.enabled -}}
- name: udp
containerPort: {{ .Values.config.udp.bind_address }}
{{- end }}
{{ if .Values.config.opentsdb.enabled -}}
- name: opentsdb
containerPort: {{ .Values.config.opentsdb.bind_address }}
{{- end }}
{{- if .Values.watcher.enabled }}
- name: metrics
containerPort: {{ .Values.watcher.port }}
{{- end }}
livenessProbe:
httpGet:
path: /ping
port: api
initialDelaySeconds: {{ .Values.liveness.initial_delay_seconds }}
timeoutSeconds: {{ .Values.liveness.timeout_seconds }}
readinessProbe:
httpGet:
path: /ping
port: api
initialDelaySeconds: {{ .Values.readiness.initial_delay_seconds }}
timeoutSeconds: {{ .Values.readiness.timeout_seconds }}
volumeMounts:
- name: data
mountPath: {{ .Values.config.storage_directory }}
- name: config
mountPath: /etc/influxdb
{{- if .Values.watcher.enabled }}
- name: watcher
image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
resources:
{{ toYaml .Values.watcher.resources | indent 12 }}
env:
- name: INFLUXDB_ADDRESS
value: {{ .Values.watcher.address | quote }}
- name: INFLUXDB_USERNAME
value: {{ .Values.watcher.username | quote }}
- name: INFLUXDB_PASSWORD
value: {{ .Values.watcher.password | quote }}
- name: INFLUXDB_DATABASE
value: {{ .Values.watcher.database | quote }}
- name: PROMETHEUS_ENDPOINT
value: "0.0.0.0:{{ .Values.watcher.port }}"
- name: WATCHER_PERIOD
value: {{ .Values.watcher.watcher_period | quote }}
- name: WATCHER_TIMEOUT
value: {{ .Values.watcher.watcher_timeout | quote }}
- name: STAY_ALIVE_ON_FAILURE
value: {{ .Values.watcher.stay_alive_on_failure | quote }}
{{- end }}
volumes:
- name: data
{{- if .Values.persistence.enabled }}
{{- if not (empty .Values.persistence.name) }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.name }}
{{- else }}
persistentVolumeClaim:
claimName: {{ template "influxdb.fullname" . }}
{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
- name: config
configMap:
name: {{ template "influxdb.fullname" . }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end -}}

View File

@ -0,0 +1,43 @@
{{- if .Values.setDefaultUser.enabled -}}
apiVersion: batch/v1
kind: Job
metadata:
labels:
app: {{ template "influxdb.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
name: {{ template "influxdb.fullname" . }}-set-auth
annotations:
"helm.sh/hook": post-install
spec:
activeDeadlineSeconds: {{ .Values.setDefaultUser.activeDeadlineSeconds }}
template:
metadata:
labels:
app: {{ template "influxdb.fullname" . }}
release: "{{ .Release.Name }}"
spec:
containers:
- name: {{ template "influxdb.fullname" . }}-set-auth
image: "{{ .Values.setDefaultUser.image }}"
env:
- name: INFLUXDB_USER
valueFrom:
secretKeyRef:
name: {{ template "influxdb.fullname" . }}-auth
key: influxdb-user
- name: INFLUXDB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "influxdb.fullname" . }}-auth
key: influxdb-password
args:
- "/bin/sh"
- "-c"
- |
curl -X POST http://{{ template "influxdb.fullname" . }}:{{ .Values.config.http.bind_address }}/query \
--data-urlencode \
"q=CREATE USER \"${INFLUXDB_USER}\" WITH PASSWORD '${INFLUXDB_PASSWORD}' {{ .Values.setDefaultUser.user.privileges }}"
restartPolicy: {{ .Values.setDefaultUser.restartPolicy }}
{{- end -}}

View File

@ -0,0 +1,24 @@
{{- if and (.Values.persistence.enabled) (not .Values.persistence.useExisting) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
labels:
app: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,18 @@
{{- if .Values.setDefaultUser.enabled -}}
apiVersion: v1
kind: Secret
metadata:
labels:
app: {{ template "influxdb.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "influxdb.fullname" . }}-auth
data:
{{- if .Values.setDefaultUser.user.password }}
influxdb-password: {{ .Values.setDefaultUser.user.password | b64enc | quote }}
{{- else }}
influxdb-password: {{ randAscii 10 | b64enc | quote }}
{{- end }}
influxdb-user: {{ .Values.setDefaultUser.user.username | b64enc | quote }}
{{- end -}}

View File

@ -0,0 +1,48 @@
apiVersion: v1
kind: Service
metadata:
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
name: {{ template "influxdb.fullname" . }}
labels:
app: {{ template "influxdb.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
type: {{ .Values.service.type }}
ports:
{{- if .Values.config.http.enabled }}
- name: api
port: {{ .Values.config.http.bind_address }}
targetPort: {{ .Values.config.http.bind_address }}
{{- end }}
{{- if .Values.config.admin.enabled }}
- name: admin
port: {{ .Values.config.admin.bind_address }}
targetPort: {{ .Values.config.admin.bind_address }}
{{- end }}
{{- if .Values.config.graphite.enabled }}
- name: graphite
port: {{ .Values.config.graphite.bind_address }}
targetPort: {{ .Values.config.graphite.bind_address }}
{{- end }}
{{- if .Values.config.collectd.enabled }}
- name: collectd
port: {{ .Values.config.collectd.bind_address }}
targetPort: {{ .Values.config.collectd.bind_address }}
{{- end }}
{{- if .Values.config.udp.enabled }}
- name: udp
port: {{ .Values.config.udp.bind_address }}
targetPort: {{ .Values.config.udp.bind_address }}
{{- end }}
{{- if .Values.config.opentsdb.enabled }}
- name: opentsdb
port: {{ .Values.config.opentsdb.bind_address }}
targetPort: {{ .Values.config.opentsdb.bind_address }}
{{- end }}
selector:
app: {{ template "influxdb.fullname" . }}

231
influxdb/values.yaml Normal file
View File

@ -0,0 +1,231 @@
## influxdb image version
## ref: https://hub.docker.com/r/library/influxdb/tags/
image:
repo: "influxdb"
tag: "1.3-alpine"
pullPolicy: IfNotPresent
## Specify a service type
## NodePort is default
## ref: http://kubernetes.io/docs/user-guide/services/
##
service:
## Add annotations to service
# annotations: {}
type: ClusterIP
## Persist data to a persistent volume
##
persistence:
enabled: false
## If true will use an existing PVC instead of creating one
# useExisting: false
## Name of existing PVC to be used in the influx deployment
# name:
## influxdb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
## Create default user through Kubernetes job
## Defaults indicated below
##
setDefaultUser:
enabled: false
## Image of the container used for job
## Default: appropriate/curl:latest
##
image: appropriate/curl:latest
## Deadline for job so it does not retry forever.
## Default: activeDeadline: 300
##
activeDeadline: 300
## Restart policy for job
## Default: OnFailure
restartPolicy: OnFailure
user:
## The user name
## Default: "admin"
username: "admin"
## User password
## Default: (Randomly generated 10 characters of Ascii)
# password:
## User privileges
## Default: "WITH ALL PRIVILEGES"
privileges: "WITH ALL PRIVILEGES"
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
memory: 256Mi
cpu: 0.1
limits:
memory: 16Gi
cpu: 8
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Liveness and Readiness check settings
liveness:
initial_delay_seconds: 30
timeout_seconds: 5
readiness:
initial_delay_seconds: 30
timeout_seconds: 1
## Change InfluxDB configuration paramaters below:
## Defaults are indicated
## ref: https://docs.influxdata.com/influxdb/v1.1/administration/config/
config:
reporting_disabled: false
bind_address: 8088
storage_directory: /var/lib/influxdb
meta:
retention_autocreate: true
logging_enabled: true
data:
query_log_enabled: true
index_version: inmem
cache_max_memory_size: 1073741824
cache_snapshot_memory_size: 26214400
cache_snapshot_write_cold_duration: 10m0s
compact_full_write_cold_duration: 4h0m0s
max_series_per_database: 1000000
max_values_per_tag: 100000
trace_logging_enabled: false
coordinator:
write_timeout: 10s
max_concurrent_queries: 0
query_timeout: 0s
log_queries_after: 0s
max_select_point: 0
max_select_series: 0
max_select_buckets: 0
retention:
enabled: true
check_interval: 30m0s
shard_precreation:
enabled: true
check_interval: 10m0s
advance_period: 30m0s
admin:
enabled: false
bind_address: 8083
https_enabled: false
https_certificate: /etc/ssl/influxdb.pem
monitor:
store_enabled: true
store_database: _internal
store_interval: 10s
subscriber:
enabled: true
http_timeout: 30s
insecure_skip_verify: false
ca_certs: ""
write_concurrency: 40
write_buffer_size: 1000
http:
enabled: true
bind_address: 8086
auth_enabled: false
log_enabled: true
write_tracing: false
pprof_enabled: true
https_enabled: false
https_certificate: /etc/ssl/influxdb.pem
https_private_key: ""
max_row_limit: 10000
max_connection_limit: 0
shared_secret: "beetlejuicebeetlejuicebeetlejuice"
realm: InfluxDB
unix_socket_enabled: false
bind_socket: /var/run/influxdb.sock
graphite:
enabled: false
bind_address: 2003
database: graphite
retention_policy: autogen
protocol: tcp
batch_size: 5000
batch_pending: 10
batch_timeout: 1s
consistency_level: one
separator: .
udp_read_buffer: 0
collectd:
enabled: false
bind_address: 25826
database: collectd
retention_policy: autogen
batch_size: 5000
batch_pending: 10
batch_timeout: 10s
read_buffer: 0
typesdb: /usr/share/collectd/types.db
security_level: none
auth_file: /etc/collectd/auth_file
opentsdb:
enabled: false
bind_address: 4242
database: opentsdb
retention_policy: autogen
consistency_level: one
tls_enabled: false
certificate: /etc/ssl/influxdb.pem
batch_size: 1000
batch_pending: 5
batch_timeout: 1s
log_point_errors: true
udp:
enabled: false
bind_address: 8089
database: udp
retention_policy: autogen
batch_size: 5000
batch_pending: 10
read_buffer: 0
batch_timeout: 1s
precision: "ns"
continuous_queries:
log_enabled: true
enabled: true
run_interval: 1s
watcher:
enabled: false
image:
repository: monasca/influxdb-watcher
tag: 0.0.2
pullPolicy: IfNotPresent
resources:
requests:
memory: 32Mi
cpu: 25m
limits:
memory: 64Mi
cpu: 50m
port: 8080
address: http://localhost:8086
username: influxdb_watcher
password: password
database: mon
watcher_period: 600
watcher_timeout: 60
stay_alive_on_failure: false

21
kafka/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

4
kafka/Chart.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
description: A Helm chart for Kafka
name: kafka
version: 0.4.3

36
kafka/README.md Normal file
View File

@ -0,0 +1,36 @@
### Kafka Configuration parameters
Parameter | Description | Default
--------- | ----------- | -------
`image.repository` | Kafka container image repository | `monasca/kafka`
`image.tag` | Kafka container image tag | `0.9.0.1-2.11-1.1.4`
`image.pullPolicy` | Kafka container image pull policy | `IfNotPresent`
`resources.requests.memory` | Memory request per kafka pod | `1Gi`
`resources.requests.cpu` | CPU request per kafka pod | `250m`
`resources.limits.memory` | Memory limit per kafka pod | `2Gi`
`resources.limits.cpu` | Memory limit per kafka pod | `2000m`
`persistence.storageClass` | Kafka storage class | `default`
`persistence.enabled` | Kafka persistent storage enabled flag | `false`
`persistence.accessMode` | Kafka persistent storage accessMode | `ReadWriteOnce`
`persistence.size` | Kafka persistent storage size | `10Gi`
`topic_config` | Default config args for created topics | `segment.ms=900000`
`service.port` | Kafka service port | `9092`
`service.type` | Kafka service type | `ClusterIP`
`exporter.enabled` | Kafka exporter enabled flag | `false`
`exporter.image.repository` | Kafka exporter container image repository | `rbrndt/kafka-prometheus`
`exporter.image.tag` | Kafka exporter container image tag | `latest`
`exporter.image.pullPolicy` | Kafka exporter container image pull policy | `IfNotPresent`
`exporter.port` | Kafka exporter port to expose Promethues metrics on | `7204`
`stack_size` | JVM stack size | `1024k`
`memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
`stay_alive_on_failure` | If `true`, container stays alive for 2 hours after kafka exits | `false`
`watcher.enabled` | Kafka watcher enabled flag | `false`
`watcher.image.repository` | Kafka watcher container image repository | `monasca/kafka-watcher`
`watcher.image.tag` | Kafka watcher container image tag | `latest`
`watcher.image.pullPolicy` | Kafka watcher container image pull policy | `IfNotPresent`
`watcher.health_check_topic` | Kafka watcher health check topic | `kafka-health-check`
`watcher.group_id` | Kafka watcher consumer group id | `kafka_watcher`
`watcher.watcher_period` | Kafka watcher period | `600`
`watcher.watcher_timeout` | Kafka watcher read/write timeout | `60`
`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
`watcher.port` | Kafka watcher port to expose Promethues metrics on | `8080`

View File

@ -0,0 +1,25 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a fully qualified cleanup name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "kafka.cleanup.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s-%s" .Release.Name $name "cleanup" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,47 @@
apiVersion: batch/v1
kind: Job
metadata:
# while not recommended, we add a random sequence to the end of the job name
# this job will attempt to delete itself when finished, but should it fail for
# some reason we don't want future upgrades to fail because of a name conflict
# (plus the future runs of this job will delete any previous iterations that
# failed to clean themselves up)
name: "{{ template "kafka.cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
"helm.sh/hook": pre-upgrade,post-delete
"helm.sh/hook-weight": "-5"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
restartPolicy: OnFailure
containers:
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
resources:
{{ toYaml .Values.cleanup.resources | indent 12 }}
env:
- name: "WAIT_RETRIES"
value: "{{ .Values.cleanup.wait.retries }}"
- name: "WAIT_DELAY"
value: "{{ .Values.cleanup.wait.delay }}"
- name: "WAIT_TIMEOUT"
value: "{{ .Values.cleanup.wait.timeout }}"
{{- if .Values.cleanup.serviceAccount }}
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "kafka.cleanup.fullname" . }}"
{{- end }}

View File

@ -0,0 +1,25 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: Role
metadata:
name: {{ template "kafka.cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete", "patch"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "delete"]
{{- end }}

View File

@ -0,0 +1,26 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: RoleBinding
metadata:
name: {{ template "kafka.cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "kafka.cleanup.fullname" . }}
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: Role
name: {{ template "kafka.cleanup.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "kafka.cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,124 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
component: kafka
spec:
replicas: 1
template:
metadata:
labels:
app: {{ template "fullname" . }}
{{- if .Values.watcher.enabled }}
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.watcher.port }}"
monasca.io/usek8slabels: "false"
monasca.io/whitelist: |
- kafka_dropped_message_count
- kafka_max_round_trip_time
- kafka_min_round_trip_time
- kafka_read_failure_count
- kafka_watcher_status
- kafka_write_failure_count
- go_memstats_heap_objects
- go_memstats_heap_inuse_bytes
{{- end }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
resources:
{{ toYaml .Values.resources | indent 12 }}
ports:
- name: kafka
containerPort: 9092
volumeMounts:
- name: kafka
mountPath: /data
env:
- name: KAFKA_DELETE_TOPIC_ENABLE
value: "true"
- name: KAFKA_AUTO_CREATE_TOPICS
value: "false"
- name: KAFKA_JMX
value: "true"
- name: JVM_MAX_RATIO
value: {{ .Values.memory_ratio | quote }}
- name: KAFKA_STACK_SIZE
value: {{ .Values.stack_size | quote }}
- name: ZOOKEEPER_CONNECTION_STRING
{{- if .Values.zookeeper.overrideUri }}
value: "{{ .Values.zookeeper.overrideUri }}"
{{- else }}
value: {{ .Release.Name }}-zookeeper:2181
{{- end }}
- name: STAY_ALIVE_ON_FAILURE
value: {{ .Values.stay_alive_on_failure | quote }}
{{- if .Values.exporter.enabled }}
- name: {{ .Chart.Name }}-exporter
image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
imagePullPolicy: {{ .Values.exporter.image.pullPolicy }}
ports:
- name: exporter
containerPort: {{ .Values.exporter.port }}
volumeMounts:
- name: kafka-exporter
mountPath: /prometheus-config
{{- end }}
{{- if .Values.watcher.enabled }}
- name: watcher
image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
resources:
{{ toYaml .Values.watcher.resources | indent 12 }}
env:
- name: HEALTH_CHECK_TOPIC
value: {{ .Values.watcher.health_check_topic | quote }}
- name: BOOT_STRAP_SERVERS
value: "localhost:9092"
- name: GROUP_ID
value: {{ .Values.watcher.group_id | quote }}
- name: PROMETHEUS_ENDPOINT
value: "0.0.0.0:{{ .Values.watcher.port }}"
- name: WATCHER_PERIOD
value: {{ .Values.watcher.watcher_period | quote }}
- name: WATCHER_TIMEOUT
value: {{ .Values.watcher.watcher_timeout | quote }}
- name: STAY_ALIVE_ON_FAILURE
value: {{ .Values.watcher.stay_alive_on_failure | quote }}
ports:
- name: metrics
containerPort: {{ .Values.watcher.port }}
{{- end }}
volumes:
- name: kafka
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ template "fullname" . }}
{{- else }}
emptyDir: {}
{{- end -}}
{{- if .Values.exporter.enabled }}
- name: kafka-exporter
configMap:
name: {{ template "fullname" . }}-exporter
{{- end }}
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- "{{ .Release.Name }}-influxdb"
topologyKey: "kubernetes.io/hostname"

View File

@ -0,0 +1,50 @@
{{- if .Values.exporter.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "fullname" . }}-exporter
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
kafka-config.yml: |
---
jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:7203/jmxrmi
lowercaseOutputName: true
rules:
- pattern: '"kafka.controller"<type="(KafkaController)", name="(OfflinePartitionsCount|ActiveControllerCount)"><>(Value)'
name: kafka_controller_$1_$2
- pattern: '"kafka.server"<type="(ReplicaManager)", name="(UnderReplicatedPartitions)"><>(Value)'
name: kafka_server_$1_$2
# This metric doesn't appear to be available in 0.8.1.1
#- pattern: '"kafka.server"<type="(KafkaServer)", name="(BrokerState)"><>(Value)'
# name: kafka_server_$2
- pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="AllTopics(Bytes|Messages)(In|Out)PerSec"><>(Count)'
name: kafka_server_$1_$2_$3_total
labels:
topic: all_topics
- pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="(.+)-(Bytes|Messages)(In|Out)PerSec"><>(Count)'
name: kafka_server_$1_$3_$4_total
labels:
topic: $2
- pattern: '"kafka.network"<type="(RequestMetrics)", name="Fetch-(Consumer|Follower)-TotalTimeMs"><>(Count)'
name: kafka_network_$1_fetch_$2_total_ms
- pattern: '"kafka.network"<type="(RequestMetrics)", name="Produce-(Local|Remote|Total|ResponseQueue)TimeMs"><>(Count)'
name: kafka_network_$1_produce_$2_ms
# These metric doesn't appear to be available in 0.8.1.1
#- pattern: '"kafka.server"<type="(KafkaRequestHandlerPool)", name="(RequestHandlerAvgIdlePercent)"><>(Count)'
# name: kafka_server_$1_$2
#- pattern: "kafka.network"<type="(SocketServer)", name="(NetworkProcessorAvgIdlePercent)"><>(Value)'
# name: kafa_network_$1_$2
- pattern: '"kafka.controller"<type="(ControllerStats)", name="(UncleanLeaderElectionsPerSec|LeaderElectionRateAndTimeMs)"><>(Count)'
name: kafka_controller_$1_$2
- pattern: '"kafka.server"<type="(ReplicaFetcherManager)", name="(Replica)-(MaxLag)"><>(Value)'
name: kafka_server_$1_$3
labels:
topic: $2
- pattern: '"kafka.server"<type="(ReplicaManager)", name="Isr(Expands|Shrinks)PerSec"><>(Count)'
name: kafka_server_$1_isr_$2_per_sec
{{- end }}

View File

@ -0,0 +1,49 @@
{{- if .Values.init.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "fullname" . }}-init-job
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "kafka-init-job"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: kafka-init-job
spec:
restartPolicy: OnFailure
containers:
- name: kafka-init-job
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
imagePullPolicy: {{ .Values.init.image.pullPolicy }}
resources:
{{ toYaml .Values.init.resources | indent 12 }}
env:
- name: KAFKA_HOST
value: "{{ template "fullname" . }}:9092"
- name: ZOOKEEPER_CONNECTION_STRING
{{- if .Values.zookeeper.overrideUri }}
value: "{{ .Values.zookeeper.overrideUri }}"
{{- else }}
value: {{ .Release.Name }}-zookeeper:2181
{{- end }}
- name: KAFKA_DELETE_TOPIC_ENABLE
value: "true"
- name: KAFKA_AUTO_CREATE_TOPICS
value: "false"
- name: JVM_MAX_HEAP_RATIO
value: {{ .Values.heap_ratio | quote }}
- name: KAFKA_STACK_SIZE
value: {{ .Values.stack_size | quote }}
{{- if .Values.init.topicConfig }}
- name: KAFKA_TOPIC_CONFIG
value: {{ .Values.init.topicConfig | quote }}
{{- end }}
- name: KAFKA_CREATE_TOPICS
value: {{ .Values.init.topics | join "," | quote }}
{{- end }}

18
kafka/templates/pvc.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- if .Values.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "fullname" . }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
storageClassName: {{ .Values.persistence.storageClass | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}

View File

@ -0,0 +1,19 @@
{{- if .Values.static_service.enabled }}
apiVersion: v1
kind: Service
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ .Values.static_service.name }}
spec:
type: {{ .Values.static_service.type }}
ports:
- name: kafka
port: {{ .Values.static_service.port }}
targetPort: kafka
selector:
app: {{ template "fullname" . }}
{{- end }}

17
kafka/templates/svc.yaml Normal file
View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Service
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "fullname" . }}
spec:
type: {{ .Values.service.type }}
ports:
- name: kafka
port: {{ .Values.service.port }}
targetPort: kafka
selector:
app: {{ template "fullname" . }}

93
kafka/values.yaml Normal file
View File

@ -0,0 +1,93 @@
exporter:
enabled: false
image:
repository: rbrndt/kafka-prometheus
tag: latest
pullPolicy: IfNotPresent
port: 7204
watcher:
enabled: false
image:
repository: monasca/kafka-watcher
tag: 0.0.4
pullPolicy: IfNotPresent
resources:
requests:
memory: 32Mi
cpu: 25m
limits:
memory: 64Mi
cpu: 50m
port: 8080
health_check_topic: kafka-health-check
group_id: kafka_watcher
watcher_period: 600
watcher_timeout: 60
stay_alive_on_failure: false
image:
repository: monasca/kafka
tag: 0.9.0.1-2.11-1.1.6
pullPolicy: IfNotPresent
service:
type: ClusterIP
port: 9092
resources:
requests:
memory: 1Gi
cpu: 250m
limits:
memory: 2Gi
cpu: 2000m
persistence:
storageClass: default
enabled: false
accessMode: ReadWriteOnce
size: 10Gi
memory_ratio: .85
stack_size: 1024k
stay_alive_on_failure: false
init:
enabled: true
image:
repository: monasca/kafka-init
tag: 0.0.3
pullPolicy: IfNotPresent
resources:
requests:
memory: 128Mi
cpu: 200m
limits:
memory: 256Mi
cpu: 250m
topicConfig: ''
topics: []
static_service:
enabled: false
type: ClusterIP
name: kafka
port: 9092
zookeeper:
overrideUri: ''
cleanup:
name: cleanup
serviceAccount: ''
image:
repository: monasca/job-cleanup
tag: 1.2.1
pullPolicy: IfNotPresent
resources:
requests:
memory: 64Mi
cpu: 50m
limits:
memory: 128Mi
cpu: 100m
wait:
retries: "24"
delay: "5.0"
timeout: "10"
rbac:
create: false

21
keystone-init/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

4
keystone-init/Chart.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
description: Chart to initialize users in Keystone
name: keystone-init
version: 0.4.0

View File

View File

@ -0,0 +1,24 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a fully qualified cleanup name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "cleanup.fullname" -}}
{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
{{- end -}}

View File

@ -0,0 +1,150 @@
{{- /*
Read a single optional secret or string from values into an `env` `value:` or
`valueFrom:`, depending on the user-defined content of the value.
Example:
- name: OS_AUTH_URL
{{ template "keystone_init_secret_env" .Values.auth.url }}
Note that unlike keystone_init_keystone_env, secret_key can not have any default
values.
Make sure to change the name of this template when copying to keep it unique,
e.g. chart_name_secret_env.
*/}}
{{- define "keystone_init_secret_env" -}}
{{- if eq (kindOf .) "map" -}}
valueFrom:
secretKeyRef:
name: "{{ .secret_name }}"
key: "{{ .secret_key }}"
{{- else -}}
value: "{{ . }}"
{{- end -}}
{{- end -}}
{{- /*
Generate a list of environment vars for Keystone Auth
Example:
env:
{{ include "keystone_init_keystone_env" .Values.my_pod.auth | indent 4 }}
(indent level should be adjusted as necessary)
Make sure to change the name of this template when copying to keep it unique,
e.g. chart_name_keystone_env.
Note that keystone_init_secret_env is not used here because we want to provide
default key names.
*/}}
{{- define "keystone_init_keystone_env" -}}
- name: OS_AUTH_URL
{{- if eq (kindOf .url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .url.secret_name }}"
key: "{{ .url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .url }}"
{{- end }}
{{- if .admin_url }}
- name: OS_ADMIN_URL
{{- if eq (kindOf .admin_url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .admin_url.secret_name }}"
key: "{{ .admin_url.secret_key | default "OS_ADMIN_URL" }}"
{{- else }}
value: "{{ .admin_url }}"
{{- end }}
{{- end }}
{{- if .api_version }}
- name: OS_IDENTITY_API_VERSION
value: "{{ .api_version }}"
{{- end }}
- name: OS_USERNAME
{{- if eq (kindOf .username) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .username.secret_name }}"
key: "{{ .username.secret_key | default "OS_USERNAME" }}"
{{- else }}
value: "{{ .username }}"
{{- end }}
- name: OS_PASSWORD
{{- if eq (kindOf .password) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .password.secret_name }}"
key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
{{- else }}
value: "{{ .password }}"
{{- end }}
{{- if .user_domain_name }}
- name: OS_USER_DOMAIN_NAME
{{- if eq (kindOf .user_domain_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .user_domain_name.secret_name }}"
key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
{{- else }}
value: "{{ .user_domain_name }}"
{{- end }}
{{- end }}
{{- if .project_name }}
- name: OS_PROJECT_NAME
{{- if eq (kindOf .project_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .project_name.secret_name }}"
key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
{{- else }}
value: "{{ .project_name }}"
{{- end }}
{{- end }}
{{- if .project_domain_name }}
- name: OS_PROJECT_DOMAIN_NAME
{{- if eq (kindOf .project_domain_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .project_domain_name.secret_name }}"
key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
{{- else }}
value: "{{ .project_domain_name }}"
{{- end }}
{{- end }}
{{- if .tenant_name }}
- name: OS_TENANT_NAME
{{- if eq (kindOf .tenant_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .tenant_name.secret_name }}"
key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
{{- else }}
value: "{{ .tenant_name }}"
{{- end }}
{{- end }}
{{- if .tenant_id }}
- name: OS_TENANT_ID
{{- if eq (kindOf .tenant_id) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .tenant_id.secret_name }}"
key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
{{- else }}
value: "{{ .tenant_id }}"
{{- end }}
{{- end }}
{{- if .region_name }}
- name: OS_REGION_NAME
{{- if eq (kindOf .region_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .region_name.secret_name }}"
key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
{{- else }}
value: "{{ .region_name }}"
{{- end }}
{{- end }}
{{- end -}}

View File

@ -0,0 +1,47 @@
apiVersion: batch/v1
kind: Job
metadata:
# while not recommended, we add a random sequence to the end of the job name
# this job will attempt to delete itself when finished, but should it fail for
# some reason we don't want future upgrades to fail because of a name conflict
# (plus the future runs of this job will delete any previous iterations that
# failed to clean themselves up)
name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
"helm.sh/hook": pre-upgrade,post-delete
"helm.sh/hook-weight": "-5"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
restartPolicy: OnFailure
containers:
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
resources:
{{ toYaml .Values.cleanup.resources | indent 12 }}
env:
- name: "WAIT_RETRIES"
value: "{{ .Values.cleanup.wait.retries }}"
- name: "WAIT_DELAY"
value: "{{ .Values.cleanup.wait.delay }}"
- name: "WAIT_TIMEOUT"
value: "{{ .Values.cleanup.wait.timeout }}"
{{- if .Values.cleanup.serviceAccount }}
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "cleanup.fullname" . }}"
{{- end }}

View File

@ -0,0 +1,25 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: Role
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete", "patch"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "delete"]
{{- end }}

View File

@ -0,0 +1,26 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: RoleBinding
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "cleanup.fullname" . }}
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: Role
name: {{ template "cleanup.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,51 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "fullname" . }}-job
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.keystone_init.name }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.keystone_init.deadline }}
activeDeadlineSeconds: {{ .Values.keystone_init.deadline }}
{{- end }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.keystone_init.name }}"
spec:
restartPolicy: OnFailure
volumes:
- name: preload-config
configMap:
name: "{{ template "fullname" . }}-preload"
containers:
- name: {{ template "fullname" . }}-job
image: "{{ .Values.keystone_init.image.repository }}:{{ .Values.keystone_init.image.tag }}"
imagePullPolicy: {{ .Values.keystone_init.image.pullPolicy }}
resources:
{{ toYaml .Values.keystone_init.resources | indent 12 }}
env:
- name: LOG_LEVEL
value: {{ .Values.keystone_init.log_level }}
- name: KEYSTONE_TIMEOUT
value: "{{ .Values.keystone_init.timeout }}"
- name: KEYSTONE_VERIFY
value: "{{ .Values.keystone_init.verify }}"
- name: KEYSTONE_CERT
value: "{{ .Values.keystone_init.cert }}"
{{ include "keystone_init_keystone_env" .Values.keystone_init.auth | indent 12 }}
- name: PRELOAD_PATH
value: "/config/preload.yml"
volumeMounts:
- name: preload-config
mountPath: /config
{{- if .Values.keystone_init.serviceAccount }}
serviceAccountName: {{ .Values.keystone_init.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "fullname" . }}"
{{- end }}

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ template "fullname" . }}-preload"
labels:
app: "{{ template "fullname" . }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
preload.yml: |
{{ toYaml .Values.keystone_init.preload | indent 4 }}

View File

@ -0,0 +1,25 @@
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: Role
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.keystone_init.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "create", "update"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "create"]
{{- end }}

View File

@ -0,0 +1,26 @@
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: RoleBinding
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.keystone_init.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "fullname" . }}
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: Role
name: {{ template "fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.keystone_init.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- end }}

109
keystone-init/values.yaml Normal file
View File

@ -0,0 +1,109 @@
# Default values for keystone-init.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
keystone_init:
name: keystone-init
# an optional preexisting serviceAccount to use
# to create a service account with the deployment,
# deploy with rbac.create=true
serviceAccount: ''
image:
repository: monasca/keystone-init
tag: 1.3.0
pullPolicy: IfNotPresent
# general options for the init job
log_level: INFO # python logging level
timeout: "10" # timeout in seconds
verify: "true" # if "true", verify SSL
cert: '' # cert to override if desired (must be mounted as configmap)
# keystone authentication for this component
# note that these options allow the init container to connect to keystone and
# the referenced account must already exist
# each parameter may either be specified directly as a string OR reference a
# secret
# example:
# # plaintext (will be stored in Helm's ConfigMap)
# password: 'some-plaintext-password'
#
# # secret ref
# password:
# secret_name: some-secret-name
# # key is optional, will default to `OS_`-style variables
# secret_key: some-key
auth:
url: 'http://keystone:5000'
username: "admin"
password: "s3cr3t"
user_domain_name: Default
project_name: 'admin'
project_domain_name: Default
# specify domains, projects, roles, and users to create
preload:
# global roles
global_roles: []
# named domains, the key name will be used to look up keystone domain name
domains:
# note that `default` is special and refers directly to the ID `default`,
# not the name `Default`
default:
# a list of project names that must exist (will be created)
projects: []
# a list of domain-scoped role names that must exist (will be created)
roles: []
# a list of user objects that must exist
# example:
# users:
# - username: some-user
# project: some-project # will be created if it does not exist
# roles: # will also be created automatically
# - a
# - b
# - c
# # if desired, create a secret (optional):
# secret: some-secret-name
# # alternatively, specify a namespace and name
# secret: some-namespace/some-secret-name
# # or even:
# secret:
# namespace: some-namespace
# name: some-secret-name
users: []
# container resource limits and requests
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 100m
memory: 128Mi
cleanup:
name: cleanup
serviceAccount: ''
image:
repository: monasca/job-cleanup
tag: 1.2.1
pullPolicy: IfNotPresent
resources:
requests:
memory: 128Mi
cpu: 200m
limits:
memory: 128Mi
cpu: 250m
wait:
retries: "10"
delay: "3.0"
timeout: "10"
rbac:
create: false

21
monasca-agent/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

9
monasca-agent/Chart.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v1
description: A Helm chart for Monasca-agent
name: monasca-agent
version: 0.2.3
sources:
- https://github.com/openstack/monasca-agent
maintainers:
- name: Tim Buckley
email: timothy.jas.buckley@hpe.com

View File

@ -0,0 +1,16 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,14 @@
{{- if .Values.plugins.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ template "fullname" . }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
{{ toYaml .Values.plugins.config_files | indent 2 }}
{{- end}}

View File

@ -0,0 +1,124 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
component: "{{ template "fullname" . }}-daemonset"
spec:
template:
metadata:
labels:
component: "{{ template "fullname" . }}-daemonset"
app: {{ template "fullname" . }}
spec:
containers:
- name: {{ template "name" . }}-collector-daemonset
image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
resources:
{{ toYaml .Values.resources | indent 12 }}
env:
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES
value: "true"
- name: KUBERNETES_TIMEOUT
value: {{ .Values.kubernetes.timeout | quote }}
- name: KUBERNETES_LABELS
value: {{ .Values.kubernetes.kubernetes_labels | quote }}
- name: PROMETHEUS
value: {{ .Values.prometheus.auto_detect_pod_endpoints | quote }}
- name: PROMETHEUS_TIMEOUT
value: {{ .Values.prometheus.timeout | quote }}
- name: PROMETHEUS_DETECT_METHOD
value: pod
- name: PROMETHEUS_KUBERNETES_LABELS
value: {{ .Values.prometheus.kubernetes_labels | quote }}
- name: CADVISOR
value: {{ .Values.cadvisor.enabled | quote }}
- name: CADVISOR_TIMEOUT
value: {{ .Values.cadvisor.timeout | quote }}
- name: OS_AUTH_URL
value: {{ .Values.keystone.url | quote }}
- name: OS_USERNAME
value: {{ .Values.keystone.os_username | quote }}
- name: OS_USER_DOMAIN_NAME
value: {{ .Values.keystone.os_user_domain_name | quote }}
- name: OS_PASSWORD
value: {{ .Values.keystone.os_password | quote }}
- name: OS_PROJECT_NAME
value: {{ .Values.keystone.os_project_name | quote }}
- name: OS_PROJECT_DOMAIN_NAME
value: {{ .Values.keystone.os_project_domain_name | quote }}
- name: LOG_LEVEL
value: {{ .Values.log_level | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
{{- if .Values.namespace_annotations }}
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
value: {{ .Values.namespace_annotations | quote}}
{{- end}}
{{- if .Values.dimensions }}
- name: DIMENSIONS
value: {{ .Values.dimensions | quote}}
{{- end}}
- name: CHECK_FREQ
value: {{ .Values.collector.check_freq | quote }}
- name: NUM_COLLECTOR_THREADS
value: {{ .Values.collector.num_collector_threads | quote }}
- name: POOL_FULL_MAX_TRIES
value: {{ .Values.collector.pool_full_max_retries | quote }}
- name: SUB_COLLECTION_WARN
value: {{ .Values.collector.sub_collection_warn | quote }}
- name: {{ template "name" . }}-forwarder-daemonset
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
resources:
{{ toYaml .Values.resources | indent 12 }}
env:
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: OS_AUTH_URL
value: {{ .Values.keystone.url | quote }}
- name: OS_USERNAME
value: {{ .Values.keystone.os_username | quote }}
- name: OS_USER_DOMAIN_NAME
value: {{ .Values.keystone.os_user_domain_name | quote }}
- name: OS_PASSWORD
value: {{ .Values.keystone.os_password | quote }}
- name: OS_PROJECT_NAME
value: {{ .Values.keystone.os_project_name | quote }}
- name: OS_PROJECT_DOMAIN_NAME
value: {{ .Values.keystone.os_project_domain_name | quote }}
- name: MONASCA_URL
value: {{ .Values.monasca_url | quote }}
- name: LOG_LEVEL
value: {{ .Values.log_level | quote }}
- name: INSECURE
value: {{ .Values.insecure | quote }}
- name: MAX_BATCH_SIZE
value: {{ .Values.forwarder.max_batch_size | quote }}
- name: MAX_MEASUREMENT_BUFFER_SIZE
value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
- name: BACKLOG_SEND_RATE
value: {{ .Values.forwarder.backlog_send_rate | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
- name: NON_LOCAL_TRAFFIC
value: {{ .Values.forwarder.non_local_traffic | quote }}

View File

@ -0,0 +1,143 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
component: "{{ template "fullname" . }}-deployment"
spec:
template:
metadata:
labels:
component: "{{ template "fullname" . }}-deployment"
app: {{ template "fullname" . }}
spec:
containers:
- name: {{ template "name" . }}-collector-deployment
image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
resources:
{{ toYaml .Values.resources | indent 12 }}
env:
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_API
value: "true"
- name: KUBERNETES_API_TIMEOUT
value: {{ .Values.kubernetes_api.timeout | quote }}
- name: KUBERNETES_API_LABELS
value: {{ .Values.kubernetes_api.kubernetes_labels | quote }}
- name: PROMETHEUS
value: {{ .Values.prometheus.auto_detect_service_endpoints | quote }}
- name: PROMETHEUS_TIMEOUT
value: {{ .Values.prometheus.timeout | quote }}
- name: PROMETHEUS_DETECT_METHOD
value: service
- name: PROMETHEUS_KUBERNETES_LABELS
value: {{ .Values.prometheus.kubernetes_labels | quote }}
- name: OS_AUTH_URL
value: {{ .Values.keystone.url | quote }}
- name: OS_USERNAME
value: {{ .Values.keystone.os_username | quote }}
- name: OS_USER_DOMAIN_NAME
value: {{ .Values.keystone.os_user_domain_name | quote }}
- name: OS_PASSWORD
value: {{ .Values.keystone.os_password | quote }}
- name: OS_PROJECT_NAME
value: {{ .Values.keystone.os_project_name | quote }}
- name: OS_PROJECT_DOMAIN_NAME
value: {{ .Values.keystone.os_project_domain_name | quote }}
- name: LOG_LEVEL
value: {{ .Values.log_level | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
{{- if .Values.namespace_annotations }}
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
value: {{ .Values.namespace_annotations | quote}}
{{- end}}
{{- if .Values.kubernetes_api.storage.parameter_dimensions }}
- name: STORAGE_PARAMETERS_DIMENSIONS
value: {{ .Values.kubernetes_api.storage.parameter_dimensions | quote}}
{{- end}}
- name: REPORT_PERSISTENT_STORAGE
value: {{ .Values.kubernetes_api.storage.report | quote }}
{{- if .Values.dimensions }}
- name: DIMENSIONS
value: {{ .Values.dimensions | quote}}
{{- end}}
- name: CHECK_FREQ
value: {{ .Values.collector.check_freq | quote }}
- name: NUM_COLLECTOR_THREADS
value: {{ .Values.collector.num_collector_threads | quote }}
- name: POOL_FULL_MAX_TRIES
value: {{ .Values.collector.pool_full_max_retries | quote }}
- name: SUB_COLLECTION_WARN
value: {{ .Values.collector.sub_collection_warn | quote }}
{{- if .Values.plugins.enabled }}
volumeMounts:
- name: agent-config
mountPath: /plugins.d
{{- end}}
- name: {{ template "name" . }}-forwarder-deployment
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
resources:
{{ toYaml .Values.resources | indent 12 }}
env:
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: OS_AUTH_URL
value: {{ .Values.keystone.url | quote }}
- name: OS_USERNAME
value: {{ .Values.keystone.os_username | quote }}
- name: OS_USER_DOMAIN_NAME
value: {{ .Values.keystone.os_user_domain_name | quote }}
- name: OS_PASSWORD
value: {{ .Values.keystone.os_password | quote }}
- name: OS_PROJECT_NAME
value: {{ .Values.keystone.os_project_name | quote }}
- name: OS_PROJECT_DOMAIN_NAME
value: {{ .Values.keystone.os_project_domain_name | quote }}
- name: MONASCA_URL
value: {{ .Values.monasca_url | quote }}
- name: LOG_LEVEL
value: {{ .Values.log_level | quote }}
- name: INSECURE
value: {{ .Values.insecure | quote }}
- name: MAX_BATCH_SIZE
value: {{ .Values.forwarder.max_batch_size | quote }}
- name: MAX_MEASUREMENT_BUFFER_SIZE
value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
- name: BACKLOG_SEND_RATE
value: {{ .Values.forwarder.backlog_send_rate | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
- name: NON_LOCAL_TRAFFIC
value: {{ .Values.forwarder.non_local_traffic | quote }}
{{- if .Values.plugins.enabled }}
volumes:
- name: agent-config
configMap:
name: {{ template "fullname" . }}
{{- end}}
{{- if .Values.plugins.enabled }}
volumes:
- name: agent-config
configMap:
name: {{ template "fullname" . }}
{{- end}}

View File

@ -0,0 +1,32 @@
{{- if .Values.rbac.enabled }}
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: "{{ .Release.Name }}-role"
rules:
- apiGroups: ["", "extensions", "storage.k8s.io"]
verbs: ["get", "list"]
resources:
- namespaces
- pods
- replicasets
- deployments
- replicationcontrollers
- nodes
- services
- componentstatuses
- storageclasses
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1alpha1
metadata:
name: "{{ .Release.Name }}-role-binding"
subjects:
- kind: ServiceAccount
name: default
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: ClusterRole
name: "{{ .Release.Name }}-role"
apiGroup: rbac.authorization.k8s.io
{{- end }}

56
monasca-agent/values.yaml Normal file
View File

@ -0,0 +1,56 @@
name: agent
collector:
image:
repository: monasca/agent-collector
tag: master-20180112-162543
pullPolicy: IfNotPresent
check_freq: 30
num_collector_threads: 1
pool_full_max_retries: 4
sub_collection_warn: 6
forwarder:
image:
repository: monasca/agent-forwarder
tag: master-20180206-002800
pullPolicy: IfNotPresent
max_batch_size: 0
max_measurement_buffer_size: -1
backlog_send_rate: 5
non_local_traffic: "true"
insecure: False
log_level: WARN
keystone:
os_username: mini-mon
os_user_domain_name: Default
os_password: password
os_project_name: mini-mon
os_project_domain_name: Default
url: http://keystone:35357/v3
monasca_url: http://monasca-api:8070/v2.0
prometheus:
auto_detect_pod_endpoints: true
auto_detect_service_endpoints: true
kubernetes_labels: 'app'
timeout: 3
kubernetes_api:
kubernetes_labels: 'app'
timeout: 3
storage:
report: true
kubernetes:
kubernetes_labels: 'app'
timeout: 3
cadvisor:
enabled: true
timeout: 3
resources:
requests:
memory: 256Mi
cpu: 100m
limits:
memory: 512Mi
cpu: 500m
plugins:
enabled: false
rbac:
enabled: false

View File

@ -0,0 +1,9 @@
apiVersion: v1
description: A Helm chart for adding Alarms for Monasca
name: monasca-alarms
version: 0.0.1
sources:
- https://wiki.openstack.org/wiki/Monasca
maintainers:
- name: Michael Hoppal
email: michael.jam.hoppal@hpe.com

112
monasca-alarms/README.md Normal file
View File

@ -0,0 +1,112 @@
# Monasca-alarms
## Alarms for Monasca components
[Monasca](https://wiki.openstack.org/wiki/Monasca), an
[Openstack](https://www.openstack.org/) official project, is a scalable
monitoring as a service solution. It monitors services and systems by a push
model. The Monasca Agent will collect metrics from each node and push them to
the Monasca API. It will then be processed by separate microservices for
storing, alarming and notifications. The architecture can be viewed
[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
This chart adds alarms for the components of Monasca so Monasca can monitor
itself. However, some components failing, for example Kafka, will have no
alarms generated as the threshold engine requires kafka to be working.
## QuickStart
```bash
$ helm repo add monasca http://monasca.io/monasca-helm
$ helm install monasca/monasca --name monasca --namespace monitoring
$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
```
## Introduction
This chart adds Alarms for the components of a [Monasca](https://wiki.openstack.org/wiki/Monasca)
deployment on a Kubernetes cluster using the Helm Package manager.
## Prerequisites
- Kubernetes 1.4+
- Monasca installed using Helm
## Installing the Chart
Monasca-alarms can either be installed from the [monasca.io](https://monasca.io/) helm repo or by source.
### Installing via Helm repo (recommended)
```bash
$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
```
Note: monasca-alarms must be installed in the same namespace as monasca
### Installing via source
```bash
$ helm repo add monasca http://monasca.io/monasca-helm
$ helm dependency update monasca-alarms
$ helm install monasca-alarms --name monasca-alarms --namespace monitoring
```
Either option will add the alarms for the components of Monasca on the Kubernetes cluster
with the default configuration. The [configuration](#configuration) section lists the parameters
that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release --purge
```
The command removes all the Kubernetes components associated with the chart and
deletes the release.
### Default Alarms for components
By default Monasca alarms will be created for Kafka and Zookeeper.
## Configuration
The following tables lists the configurable parameters of the Monasca alarms chart
broken down by microservice and their default values.
Specify each parameter using the `--set key=value[,key=value]` argument to
`helm install`. For example,
```console
$ helm install monasca-alarms --name my-release \
--set kafka.start_periods=4
```
Alternatively, a YAML file that specifies the values for the below parameters
can be provided while installing the chart. For example,
```console
$ helm install monasca-alarms --name my-release -f values.yaml
```
> **Tip**: You can use the default [values.yaml](values.yaml)
### Kafka
Parameter | Description | Default
--------- | ----------- | -------
`kafka.enabled` | Kafka alarms enabled | `true`
`kafka.start_periods` | How many periods Kafka is not started before alarming | `3`
`kafka.running_periods` | How many periods Kafka is not running before alarming | `1`
### Zookeeper
Parameter | Description | Default
--------- | ----------- | -------
`zookeeper.enabled` | Zookeeper alarms enabled | `true`
`zookeeper.start_periods` | How many periods Zookeeper is not started before alarming | `3`
`zookeeper.running_periods` | How many periods Zookeeper is not running before alarming | `1`

View File

@ -0,0 +1,16 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,68 @@
{{- if .Values.kafka.enabled }}
---
apiVersion: "monasca.io/v1"
kind: AlarmDefinition
metadata:
name: kafka-not-starting
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
alarmDefinitionSpec:
name: "Kafka not started"
expression: "avg(kafka_watcher_status) < 0 times {{ .Values.kafka.start_periods }}"
match_by: []
description: "Kafka has not started in {{ .Values.kafka.start_periods }} minutes"
severity: "HIGH"
---
apiVersion: "monasca.io/v1"
kind: AlarmDefinition
metadata:
name: kafka-not-running
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
alarmDefinitionSpec:
name: "Kafka not running"
expression: "avg(kafka_watcher_status) > 0 times {{ .Values.kafka.running_periods }}"
match_by: []
description: "Kafka is not running for {{ .Values.kafka.running_periods }} minutes"
severity: "HIGH"
{{- end }}
{{- if .Values.zookeeper.enabled }}
---
apiVersion: "monasca.io/v1"
kind: AlarmDefinition
metadata:
name: zookeeper-not-starting
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
alarmDefinitionSpec:
name: "Zookeeper not started"
expression: "avg(zookeeper_watcher_status) < 0 times {{ .Values.zookeeper.start_periods }}"
match_by: []
description: "Zookeeper not started in {{ .Values.zookeeper.start_periods }} minutes"
severity: "HIGH"
---
apiVersion: "monasca.io/v1"
kind: AlarmDefinition
metadata:
name: zookeeper-not-running
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
alarmDefinitionSpec:
name: "Zookeeper not running"
expression: "avg(zookeeper_watcher_status) > 0 times {{ .Values.zookeeper.running_periods }}"
match_by: []
description: "Zookeeper is not running for {{ .Values.zookeeper.running_periods }} minutes"
severity: "HIGH"
{{- end }}

View File

@ -0,0 +1,9 @@
kafka:
enabled: true
start_periods: 3
running_periods: 1
zookeeper:
enabled: true
start_periods: 3
running_periods: 1

21
monasca/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

9
monasca/Chart.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v1
description: A Helm chart for Monasca running in Kubernetes
name: monasca
version: 0.6.4
sources:
- https://wiki.openstack.org/wiki/Monasca
maintainers:
- name: Tim Buckley
email: timothy.jas.buckley@hpe.com

574
monasca/README.md Normal file
View File

@ -0,0 +1,574 @@
# Monasca
## An Open-Source Monitoring as a Service at Scale solution
[Monasca](https://wiki.openstack.org/wiki/Monasca), an
[Openstack](https://www.openstack.org/) official project, is a scalable
monitoring as a service solution. It monitors services and systems by a push
model. The Monasca Agent will collect metrics from each node and push them to
the Monasca API. It will then be processed by separate microservices for
storing, alarming and notifications. The architecture can be viewed
[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
## QuickStart
```bash
$ helm repo add monasca http://monasca.io/monasca-helm
$ helm install monasca/monasca --name monasca --namespace monitoring
```
## Introduction
This chart bootstraps a [Monasca](https://wiki.openstack.org/wiki/Monasca)
deployment on a Kubernetes cluster using the Helm Package manager.
## Prerequisites
- Kubernetes 1.4+
## Installing the Chart
Monasca can either be install from the [monasca.io](https://monasca.io/) helm repo or by source.
### Installing via Helm repo (recommended)
```bash
$ helm repo add monasca http://monasca.io/monasca-helm
$ helm install monasca/monasca --name monasca --namespace monitoring
```
### Installing via source
```bash
$ helm repo add monasca http://monasca.io/monasca-helm
$ helm dependency update monasca
$ helm install monasca --name monasca --namespace monitoring
```
Either option will bring up Monasca on the Kubernetes cluster with the default
configuration. The [configuration](#configuration) section lists the parameters
that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release --purge
```
The command removes all the Kubernetes components associated with the chart and
deletes the release.
### Default monitoring
By default Monasca will monitor pod workloads (CPU, Network, Memory, etc.) and Kubernetes health.
It will also autodetect Prometheus Endpoints by looking for the following annotations on services and pods
* prometheus.io/scrape: Only scrape pods that have a value of 'true'
* prometheus.io/path: If the metrics path is not '/metrics' override this.
* prometheus.io/port: Scrape the pod on the indicated port instead of the default of '9102'.
More information on our monitoring within in Kubernetes can be found on
[monasca.io](http://monasca.io/docs/kubernetes.html)
## Configuration
The following tables lists the configurable parameters of the Monasca chart
broken down by microservice and their default values.
Specify each parameter using the `--set key=value[,key=value]` argument to
`helm install`. For example,
```console
$ helm install monasca --name my-release \
--set persister.replicaCount=4
```
Alternatively, a YAML file that specifies the values for the below parameters
can be provided while installing the chart. For example,
```console
$ helm install monasca --name my-release -f values.yaml
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Helm Tests for Monasca
We have two test suites that can be run via Helm Test.
These are Smoke Tests and Tempest Tests. By default only Smoke Tests are enabled.
In both tests, Monasca must be deployed or upgraded using helm and then once all
pods have been created and all jobs have succeeded the tests can be run.
### Tempest Tests
These tests run the [Monasca tempest tests](https://github.com/openstack/monasca-api/tree/master/monasca_tempest_tests)
Prior to running helm tests you must enable the tempest tests by running:
```console
$ helm upgrade monasca monasca/monasca --set tempest_tests.enabled=true
```
Due to the amount of time that it takes to run the tests, the timeout parameter
must be specified. The time required for the tests vary according to your hardware
and how loaded your system is. Test times as low as 600 seconds but up to 3100 seconds
have been seen. Use the command below, but replacing 900 with the timeout that
works for your system:
```console
$ helm test monasca --timeout 900
```
If your timeout is not long enough, then you will see a result like this:
```console
RUNNING: monasca-tempest-tests-test-pod
UNKNOWN: monasca-tempest-tests-test-pod: timed out waiting for the condition
```
You must then wait for the pod monasca-tempest-tests-test-pod to exit
and check its logs and exit status.
If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
To run the tests again, the pod monasca-tempest-tests-test-pod must be deleted.
The tests are very sensitive to name resolution problems so if your Kubernetes
cluster has any problems resolving services, random tests will fail.
### Smoke Tests
These tests run the [Monasca smoke tests](https://github.com/monasca/smoke-test)
Since they are enabled by default you do not have to take an extra step to
enable them and can run:
```console
$ helm test monasca
```
You must then wait for the pod monasca-smoke-tests-test-pod to exit
and check its logs and exit status.
If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
To run the tests again, the pod monasca-smoke-tests-test-pod must be deleted.
### Agent
Parameter | Description | Default
--------- | ----------- | -------
`agent.name` | Agent container name | `agent`
`agent.deployment_enabled` | Agent deployment enabled | `true`
`agent.daemonset_enabled` | Agent daemonset enabled | `true`
`agent.termination_grace_period` | Agent grace period before force terminating | `30`
`agent.daemonset_toleration.enabled` | Agent daemonset toleration is enabled | `false`
`agent.daemonset_toleration.operator` | Agent daemonset toleration operator | `true`
`agent.daemonset_toleration.effect` | Agent daemonset toleration effect | `true`
`agent.collector.image.repository` | Agent Collector container image repository | `monasca/agent-collector`
`agent.collector.image.tag` | Agent Collector container image tag | `master-20170707-154334`
`agent.collector.image.pullPolicy` | Agent Collector container image pull policy | `IfNotPresent`
`agent.collector.check_freq` | How often to run metric collection in seconds | `30`
`agent.collector.num_collector_threads` | Number of threads to use in collector for running checks | `1`
`agent.collector.pool_full_max_retries` | Maximum number of collection cycles where all of the threads in the pool are still running plugins before the collector will exit | `4`
`agent.collector.sub_collection_warn` | Number of seconds a plugin collection time exceeds that causes a warning to be logged for that plugin | `6`
`agent.forwarder.image.repository` | Agent Forwarder container image repository | `monasca/agent-forwarder`
`agent.forwarder.image.tag` | Agent Forwarder container image tag | `master-20170615-204444`
`agent.forwarder.image.pullPolicy` | Agent Forwarder container image pull policy | `IfNotPresent`
`agent.forwarder.max_batch_size` | Maximum batch size of measurements to write to monasca-api, 0 is no limit | `0`
`agent.forwarder.max_measurement_buffer_size` | Maximum number of measurements to buffer when unable to communicate with the monasca-api (-1 means no limit)| `-1`
`agent.forwarder.backlog_send_rate` | Maximum number of messages to send at one time when communication with the monasca-api is restored | `5`
`agent.dimensions` | Default dimensions to attach to every metric being sent | ``
`agent.plugins.enabled` | Enable passing in agent plugins | `False`
`agent.plugins.config_files` | List of plugin yamls to be used with the agent | ``
`agent.insecure` | Insecure connection to Keystone and Monasca API | `False`
`agent.log_level` | Log level of agent log files | `WARN`
`agent.keystone.username` | Agent Keystone username | `mini-mon`
`agent.keystone.user_domain_name` | Agent Keystone user domain | `Default`
`agent.keystone.password` | Agent Keystone password | `password`
`agent.keystone.project_name` | Agent Keystone project name | `mini-mon`
`agent.keystone.project_domain_name` | Agent Keystone project domain | `Default`
`agent.namespace_annotations` | Namespace annotations to set as metrics dimensions | ``
`agent.prometheus.auto_detect_pod_endpoints` | Autodetect Prometheus endpoints for scraping by pods | `true`
`agent.prometheus.auto_detect_service_endpoints` | Autodetect Prometheus endpoints for scraping by services | `true`
`agent.prometheus.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
`agent.prometheus.timeout` | The Prometheus endpoint connection timeout | `3`
`agent.kubernetes_api.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
`agent.kubernetes_api.timeout` | The K8s API connection timeout | `3`
`agent.kubernetes_api.storage.report` | Report bound pvc capacity metrics per a storage class | `true`
`agent.kubernetes_api.storage.parameter_dimensions` | Storage class parameters as dimensions | ``
`agent.kubernetes.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
`agent.kubernetes.timeout` | The cAdvisor/Kubelet connection timeout | `3`
`agent.kubernetes.enable_minimum_whitelist` | Only report minimum set of pod metrics (cpu, memory) | `false`
`agent.cadvisor.enabled` | Enable host metrics from cAdvisor | `true`
`agent.cadvisor.timeout` | The cAdvisor connection timeout | `3`
`agent.cadvisor.enable_minimum_whitelist` | Only report minimum set of host metrics (cpu, memory) | `false`
`agent.resources.requests.memory` | Memory request per agent pod | `256Mi`
`agent.resources.requests.cpu` | CPU request per agent pod | `100m`
`agent.resources.limits.memory` | Memory limit per agent pod | `512Mi`
`agent.resources.limits.cpu` | Memory limit per agent pod | `500m`
### Aggregator
Parameter | Description | Default
--------- | ----------- | -------
`aggregator.name` | Aggregator container name | `aggregation`
`aggregator.enabled` | Aggregator enabled | `true`
`aggregator.image.repository` | Aggregator container image repository | `rbrndt/test-agg`
`aggregator.image.tag` | Aggregator container image tag | `.0.1.1`
`aggregator.image.pullPolicy` | Aggregator container image pull policy | `IfNotPresent`
`aggregator.window_size` | Window size in seconds of metrics to aggregate on. | `60`
`aggregator.window_lag` | Lag in seconds outside the window to accept metrics into current aggregations | `2`
### Alarms Init Job
Parameter | Description | Default
--------- | ----------- | -------
`alarms.name` | Alarms container name | `alarms`
`alarms.enabled` | Alarms init job enabled | `true`
`alarms.image.repository` | Alarms init job container image repository | `rbrndt/test-agg`
`alarms.image.tag` | Alarms init job container image tag | `1.1.1`
`alarms.image.pullPolicy` | Alarms init job container image pull policy | `IfNotPresent`
`alarms.wait.retries` | Number of attempts to create alarms before giving up | `24`
`alarms.wait.delay` | Seconds to wait between retries | `5`
`alarms.wait.timeout` | Attempt connection timeout in seconds | `10`
`alarms.keystone.username` | Monasca Keystone user | `mini-mon`
`alarms.keystone.user_domain_name` | Monasca Keystone user domain | `Default`
`alarms.keystone.password` | Monasca Keystone password | `password`
`alarms.keystone.project_name` | Monasca Keystone project name | `mini-mon`
`alarms.keystone.project_domain_name` | Monasca Keystone project domain | `Default`
### API
Parameter | Description | Default
--------- | ----------- | -------
`api.name` | API container name | `api`
`api.image.repository` | API container image repository | `monasca/api`
`api.image.tag` | API container image tag | `master-prometheus`
`api.image.pullPolicy` | API container image pull policy | `IfNotPresent`
`api.resources.requests.memory` | Memory request per API pod | `256Mi`
`api.resources.requests.cpu` | CPU request per API pod | `250m`
`api.resources.limits.memory` | Memory limit per API pod | `1Gi`
`api.resources.limits.cpu` | Memory limit per API pod | `2000m`
`api.replicaCount` | API pod replica count | `1`
`api.keystone.admin_password` | Keystone admin account password | `secretadmin`
`api.keystone.admin_user` | Keystone admin account user | `admin`
`api.keystone.admin_tenant` | Keystone admin account tenant | `admin`
`api.influxdb.user` | The influx username | `mon_api`
`api.influxdb.password` | The influx password | `password`
`api.influxdb.database` | The influx database | `mon`
`api.gunicorn_workers` | Number of gunicorn api workers | `1`
`api.service.port` | API service port | `8070`
`api.service.type` | API service type | `ClusterIP`
`api.service.node_port` | API node port if service type is set to NodePort | ``
`api.logging.log_level_root` | The level of the root logger | `WARN`
`api.logging.log_level_console` | Minimum level for console output | `WARN`
`api.mysql_disabled` | Disable requirement on mysql for API | `false`
`api.mysql_wait_retries` | Retries for mysql available checks |
`api.auth_disabled` | Disable Keystone authentication | `false`
`api.authorized_roles` | Roles for admin Users | `user, domainuser, domainadmin, monasca-user`
`api.side_container.enabled` | Enable API side container that collects metrics from the API and exposes as a Prometheus endpoint | `true`
`api.side_container.image.repository` | API side container image repository | `timothyb89/monasca-sidecar`
`api.side_container.image.tag` | API side container image tag | `1.0.0`
`api.side_container.image.pullPolicy` | API side container image pull policy | `IfNotPresent`
`api.side_container.resources.requests.memory` | Memory request per API side container | `128Mi`
`api.side_container.resources.requests.cpu` | CPU request per API side container | `50m`
`api.side_container.resources.limits.memory` | Memory limit per API side container | `256Mi`
`api.side_container.resources.limits.cpu` | Memory limit per API side container | `100m`
### Client
Parameter | Description | Default
--------- | ----------- | -------
`client.name` | Client container name | `client`
`client.enabled` | Enable deploying client | `false`
`client.image.repository` | Client container image repository | `rbrndt/python-monascaclient`
`client.image.tag` | Client container image tag | `1.6.0`
`client.image.pullPolicy` | Client container image pull policy | `IfNotPresent`
`client.keystone.username` | Keystone user | `mini-mon`
`client.keystone.user_domain_name` | Keystone user domain | `Default`
`client.keystone.password` | Keystone password | `password`
`client.keystone.project_name` | Keystone project name | `mini-mon`
`client.keystone.project_domain_name` | Keystone project domain | `Default`
### Forwarder
Parameter | Description | Default
--------- | ----------- | -------
`forwarder.name` | Forwarder container name | `forwarder`
`forwarder.image.repository` | Forwarder container image repository | `monasca/forwarder`
`forwarder.image.tag` | Forwarder container image tag | `master`
`forwarder.image.pullPolicy` | Forwarder container image pull policy | `IfNotPresent`
`forwarder.insecure` | Insecure connection to Monasca API | `False`
`forwarder.enabled` | Enable deploying the forwarder | `false`
`forwarder.replicaCount` | Replica count of Forwarder pods | `1`
`forwarder.logging.debug` | Enable debug logging | `false`
`forwarder.logging.verbose` | Enable verbose logging | `true`
`forwarder.config.remote_api_url` | Versioned monasca api url to forward metrics to | `http://monasca:8070/v2.0`
`forwarder.config.monasca_project_id` | Project ID to forward metrics under | `3564760a3dd44ae9bd6618d442fd758c`
`forwarder.config.use_insecure` | Use insecure when forwarding metrics | `false`
`forwarder.config.monasca_role` | Role to forward metrics under | `monasca-agent`
`forwarder.resources.requests.memory` | Memory request per forwarder pod | `128Mi`
`forwarder.resources.requests.cpu` | CPU request per forwarder pod | `50m`
`forwarder.resources.limits.memory` | Memory limit per forwarder pod | `256Mi`
`forwarder.resources.limits.cpu` | Memory limit per forwarder pod | `100m`
### Grafana
Parameter | Description | Default
--------- | ----------- | -------
`grafana.name` | Grafana container name | `grafana`
`granfa.enabled` | Grafana enabled | `true`
`grafana.simple_name` | Whether to use `grafana.name` without prepending with `.Release.Name` | `false`
`grafana.image.repository` | Grafana container image repository | `monasca/grafana`
`grafana.image.tag` | Grafana container image tag | `4.1.0-pre1-1.0.0`
`grafana.image.pullPolicy` | Grafana container image pull policy | `IfNotPresent`
`grafana.service.port` | Grafana service port | `3000`
`grafana.service.type` | Grafana service type | `NodePort`
`grafana.resources.requests.memory` | Memory request per grafana pod | `64Mi`
`grafana.resources.requests.cpu` | CPU request per grafana pod | `50m`
`grafana.resources.limits.memory` | Memory limit per grafana pod | `128Mi`
`grafana.resources.limits.cpu` | Memory limit per grafana pod | `100m`
### Keystone
Parameter | Description | Default
--------- | ----------- | -------
`keystone.name` | Keystone container name | `keystone`
`keystone.enabled` | Keystone enable flag. If false each micro service using keystone will use the override keystone variables | `true`
`keystone.override.public_url` | Keystone external url for public endpoint | `http://keystone:35357`
`keystone.override.admin_url` | Keystone external url for admin endpoint | `http://keystone:5000`
`keystone.image.repository` | Keystone container image repository | `monasca/keystone`
`keystone.image.tag` | Keystone container image tag | `1.0.7`
`keystone.image.pullPolicy` | Keystone container image pull policy | `IfNotPresent`
`keystone.bootstrap.user` | Keystone bootstrap username | `admin`
`keystone.bootstrap.password` | Keystone bootstrap password | `secretadmin`
`keystone.bootstrap.project` | Keystone bootstrap project | `admin`
`keystone.bootstrap.role` | Keystone bootstrap role | `admin`
`keystone.bootstrap.service` | Keystone bootstrap service | `keystone`
`keystone.bootstrap.region` | Keystone bootstrap region | `RegionOne`
`keystone.database_backend` | Keystone backend database | `mysql`
`keystone.mysql.database` | Keystone mysql database | `keystone`
`keystone.replicaCount` | Keystone pod replicas | `1`
`keystone.service.type` | Keystone service type | `ClusterIP`
`keystone.service.port` | Keystone service port | `35357`
`keystone.service.admin_port` | Keystone admin service port | `5000`
`keystone.service.admin_node_port` | Keystone admin service node port if service type is NodePort | ``
`keystone.service.node_port` | Keystone service node port if service type is NodePort | ``
`keystone.users.mini_mon.password` | Keystone container image pull policy | `password`
`keystone.users.monasca_agent.password` | Keystone container image pull policy | `password`
`keystone.users.admin.password` | Keystone container image pull policy | `secretadmin`
`keystone.users.demo.password` | Keystone container image pull policy | `secretadmin`
`keystone.users.monasca_read_only.password` | Keystone container image pull policy | `password`
`keystone.resources.requests.memory` | Memory request per keystone pod | `256Mi`
`keystone.resources.requests.cpu` | CPU request per keystone pod | `100m`
`keystone.resources.limits.memory` | Memory limit per keystone pod | `1Gi`
`keystone.resources.limits.cpu` | Memory limit per keystone pod | `500m`
### Influxdb
Parameter | Description | Default
----------|-------------|--------
`influxdb.enabled` | Influxdb enabled | `true`
`influxdb.imageTag` | Tag to use from `library/mysql` | `5.6`
`influxdb.image.repository` | docker repository for influxdb | `influxdb`
`influxdb.imagePullPolicy` | K8s pull policy for influxdb image | `IfNotPresent`
`influxdb.persistence.enabled` | If `true`, enable persistent storage | `false`
`influxdb.persistence.storageClass` | K8s storage class to use for persistence | `default`
`influxdb.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
`influxdb.persistence.size` | PVC request size | `100Gi`
`influxdb.resources.requests.memory` | Memory request | `256Mi`
`influxdb.resources.requests.cpu` | CPU request | `100m`
`influxdb.resources.limits.memory` | Memory limit | `16Gi`
`influxdb.resources.limits.cpu` | CPU limit | `500m`
`influxdb.config.http.bind_address` | API Port| `8086`
`influxdb.config.data.cache_max_memory_size` | CPU limit | `1073741824`
### Influxdb Init Job
Parameter | Description | Default
--------- | ----------- | -------
`influx_init.enabled` | Influxdb initialization job enabled | `true`
`influx_init.image.repository` | docker repository for influx init | `monasca/influxdb-init`
`influx_init.image.tag` | Docker image tag | `1.0.0`
`influx_init.image.pullPolicy` | Kubernetes pull policy for image | `IfNotPresent`
`influx_init.shard_duration` | Influxdb shard duration | `1d`
`influx_init.default_retention` | Influxdb retention | `INF`
### MySQL
Parameter | Description | Default
----------|-------------|--------
`mysql.enabled` | MySQL enabled | `true`
`mysql.imageTag` | Tag to use from `library/mysql` | `5.6`
`mysql.imagePullPolicy` | K8s pull policy for mysql image | `IfNotPresent`
`mysql.persistence.enabled` | If `true`, enable persistent storage | `false`
`mysql.persistence.storageClass` | K8s storage class to use for persistence | `default`
`mysql.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
`mysql.persistence.size` | PVC request size | `10Gi`
`mysql.resources.requests.memory` | Memory request | `256Mi`
`mysql.resources.requests.cpu` | CPU request | `100m`
`mysql.resources.limits.memory` | Memory limit | `1Gi`
`mysql.resources.limits.cpu` | CPU limit | `500m`
`mysql.users.keystone.username` | Keystone MySQL username | `keystone`
`mysql.users.keystone.password` | Keystone MySQL password | `keystone`
`mysql.users.api.username` | API MySQL username | `monapi`
`mysql.users.api.password` | API MySQL password | `password`
`mysql.users.notification.username` | Notification MySQL username | `notification`
`mysql.users.notification.password` | Notification MySQL password | `password`
`mysql.users.thresh.username` | Thresh MySQL username | `thresh`
`mysql.users.thresh.password` | Thresh MySQL password | `password`
`mysql.users.grafana.username` | Grafana MySQL username | `grafana`
`mysql.users.grafana.password` | Grafana MySQL password | `password`
### MySQL Init Job
Parameter | Description | Default
--------- | ----------- | -------
`mysql_init.enabled` | MySQL initialization job enabled | `true`
`mysql_init.image.repository` | docker repository for mysql-init | `monasca/mysql-init`
`mysql_init.image.tag` | Docker image tag | `1.2.0`
`mysql_init.image.pullPolicy` | Kubernetes pull polify for image | `IfNotPresent`
`mysql_init.disable_remote_root` | If `true`, disable root account after init finishes successfully | `true`
`mysql_init.keystone_db_enabled` | Setup Keystone Database. Use `false` with an external Keystone | `true`
`mysql_init.create_mon_users` | Create the Database users for Monasca | `true`
`mysql_init.grafana_db_enabled` | Setup Grafana Database | `true`
### Notification
Parameter | Description | Default
--------- | ----------- | -------
`notification.name` | Notification container name | `notification`
`notification.enabled` | Notification engine enabled flag | `true`
`notification.image.repository` | Notification container image repository | `monasca/notification`
`notification.image.tag` | Notification container image tag | `master`
`notification.image.pullPolicy` | Notification container image pull policy | `IfNotPresent`
`notification.replicaCount` | Notification pod replica count | `1`
`notification.log_level` | Notification log level | `WARN`
`notification.plugins` | Notification plugins enabled | `pagerduty,webhook`
`notification.plugin_config.email.defined` | Notification email plugin configuration is defined | `false`
`notification.plugin_config.email.server` | SMTP server address | ``
`notification.plugin_config.email.port` | SMTP server port | ``
`notification.plugin_config.email.user` | SMTP username | ``
`notification.plugin_config.email.password` | SMTP password | ``
`notification.plugin_config.email.from_addr` | "from" field for emails sent, e.g. "Name" <name@example.com> | ``
`notification.plugin_config.webhook.timeout` | Webhook timeout | `5`
`notification.plugin_config.hipchat.ssl_certs` | Path to SSL certs | ``
`notification.plugin_config.hipchat.timeout` | Hipchat timeout | `5`
`notification.plugin_config.hipchat.insecure` | Insecure when sending to Hipchat | ``
`notification.plugin_config.hipchat.proxy` | if set, use the given HTTP(S) proxy server to send Hipchat notifications | ``
`notification.plugin_config.slack.timeout` | Notification slack timeout | `5`
`notification.plugin_config.slack.certs` | Path to Slack certs | ``
`notification.plugin_config.slack.insecure` | Insecure when sending to Slack | ``
`notification.plugin_config.slack.proxy` | if set, use the given HTTP(S) proxy server to send Slack notifications | ``
`notification.resources.requests.memory` | Memory request per notification pod | `128Mi`
`notification.resources.requests.cpu` | CPU request per notification pod | `50m`
`notification.resources.limits.memory` | Memory limit per notification pod | `256Mi`
`notification.resources.limits.cpu` | Memory limit per notification pod | `100m`
### Persister
Parameter | Description | Default
--------- | ----------- | -------
`persister.name` | Persister container name | `persister`
`persister.image.repository` | Persister container image repository | `monasca/persister`
`persister.image.tag` | Persister container image tag | `master`
`persister.image.pullPolicy` | Persister container image pull policy | `IfNotPresent`
`persister.replicaCount` | Persister pod replica count | `1`
`persister.influxdb.user` | Persister influx username | `mon_persister`
`persister.influxdb.password` | Persister influx password | `password`
`persister.influxdb.database` | Persister influx database | `mon`
`persister.logging.debug` | Persister debug logging enabled | `false`
`persister.logging.verbose` | Persister verbose logging enabled | `true`
`persister.resources.requests.memory` | Memory request per persister pod | `128Mi`
`persister.resources.requests.cpu` | CPU request per persister pod | `50m`
`persister.resources.limits.memory` | Memory limit per persister pod | `256Mi`
`persister.resources.limits.cpu` | Memory limit per persister pod | `100m`
### Threshold Engine
Parameter | Description | Default
--------- | ----------- | -------
`thresh.name` | Thresh container name | `thresh`
`thresh.image.repository` | Thresh container image repository | `monasca/thresh`
`thresh.image.tag` | Thresh container image tag | `master`
`thresh.image.pullPolicy` | Thresh container image pull policy | `IfNotPresent`
`thresh.use_local` | Run in local mode | `true`
`thresh.secretSuffix` | MySQL secret suffix | `mysql-thresh-secret`
`thresh.spout.metricSpoutThreads` | Amount of metric spout threads | `2`
`thresh.spout.metricSpoutTasks` | Amount of metric spout tasks | `2`
`thresh.wait.retries` | Number of startup connection attempts to make before giving up | `24`
`thresh.wait.delay` | Seconds to wait between retries | `5`
`thresh.wait.timeout` | Attempt connection timeout in seconds | `10`
`thresh.memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
`thresh.stack_size` | JVM stack size | `1024k`
Storm-specific options are documented in the
[Storm chart](https://github.com/hpcloud-mon/monasca-helm/tree/master/storm).
Storm is disabled and the Threshold Engine is run without Storm by default. To run the Threshold
Engine with Storm, set storm.enabled to true and thresh.enabled to false.
### Tempest Tests
Parameter | Description | Default
--------- | ----------- | -------
`tempest_test.name` | Tempest Test container name | `tempest-tests`
`tempest_test.enabled` | If True, run Tempest Tests | `False`
`tempest_tests.image.repository` | Tempest Test container image repository | `monasca/tempest-tests`
`tempest_tests.image.tag` | Tempest Test container image tag | `1.0.0`
`tempest_tests.image.pullPolicy` | Tempest Test container image pull policy | `IfNotPresent`
`tempest_test.wait.enabled`| Enable Monasca API available checks | `True`
`tempest_test.wait.retries`| Retries for Monasca API available checks | `24`
`tempest_test.wait.delay` | Sleep time between Monasca API retries | `5`
`tempest_test.keystone.os_password` Password for Keystone User | `password`
`tempest_test.keystone.os_project_domain_name` | User Project Domain Name | `Default`
`tempest_test.keystone.os_project_name` | User Project Name | `mini-mon`
`tempest_test.keystone.os_username` | Keystone User Name | `mini-mon`
`tempest_test.keystone.os_tenant_name` | Keystone User Tenant(Project) Name | `mini-mon`
`tempest_test.keystone.os_domain_name` | Keystone User Domain Name | `Default`
`tempest_test.keystone.alt_username` | Alternate User Name | `mini-mon`
`tempest_test.keystone.alt_password` | Alternate User Password | `password`
`tempest_test.keystone.auth_use_ssl` | Use https for keystone Auth URI | `False`
`tempest_test.keystone.keystone_server` | Keystone Server Name | `keystone`
`tempest_test.keystone.keystone_port` | Keystone Server Port | `35357`
`tempest_test.keystone.use_dynamic_creds` | Whether to recreate creds for each test run | `True`
`tempest_test.keystone.admin_username` | Keystone Admin Domain Name | `mini-mon`
`tempest_test.keystone.admin_password` | Keystone Admin Domain Name | `password`
`tempest_test.keystone.admin_domain_name` | Keystone Admin Domain Name | `Default`
`tempest_test.keystone.ostestr_regex` | Selects which tests to run | `monasca_tempest_tests`
`tempest_test.keystone.stay_alive_on_failure` | If true, container runs 2 hours after tests fail | False
### Smoke Tests
Parameter | Description | Default
--------- | ----------- | -------
`smoke_tests.name` | Smoke Test container name | `smoke-tests`
`smoke_tests.enabled` | If True, run Smoke Test when using helm test | `True`
`smoke_tests.image.repository` | Smoke Test container image repository | `monasca/smoke-tests`
`smoke_tests.image.tag` | Smoke Test container image tag | `1.0.0`
`smoke_tests.image.pullPolicy` | Smoke Test container image pull policy | `IfNotPresent`
`smoke_tests.keystone.username`| Keystone User Name | `mini-mon`
`smoke_tests.keystone.password`| Keystone User Tenant Name | `mini-mon`
`smoke_tests.keystone.tenant_name` | Keystone Domain name | `Default`
### Alarm Definition Controller
Parameter | Description | Default
--------- | ----------- | -------
`alarm_definition_controller.name` | Alarm Definition Controller container name | `alarm-definition-controller`
`alarm_definition_controller.resource_enabled` | If True, create Alarm Definition third party resource | `True`
`alarm_definition_controller.controller_enabled` | If True, create Alarm Definition Controller | `True`
`alarm_definition_controller.image.repository` | Alarm Definition Controller container image repository | `monasca/alarm-definition-controller`
`alarm_definition_controller.image.tag` | Alarm Definition Controller container image tag | `1.0.0`
`alarm_definition_controller.image.pullPolicy` | Alarm Definition Controller container image pull policy | `IfNotPresent`
`alarm_definition_controller.version` | Alarm Definition Controller version | `v1`

21
monasca/requirements.yaml Normal file
View File

@ -0,0 +1,21 @@
dependencies:
- name: influxdb
version: 0.6.2-0.0.2
condition: 'influxdb.enabled, global.influxdb.enabled'
repository: 'http://monasca.io/monasca-helm/'
- name: mysql
version: 0.2.4
condition: 'mysql.enabled, global.mysql.enabled'
repository: 'https://kubernetes-charts.storage.googleapis.com/'
- name: kafka
version: 0.4.2
condition: 'kafka.enabled, global.kafka.enabled'
repository: 'http://monasca.io/monasca-helm/'
- name: storm
version: 0.5.3
condition: 'storm.enabled, global.storm.enabled'
repository: 'http://monasca.io/monasca-helm/'
- name: zookeeper
version: 0.3.8
condition: 'zookeeper.enabled, global.zookeeper.enabled'
repository: 'http://monasca.io/monasca-helm/'

View File

@ -0,0 +1,160 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a fully qualified agent name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "agent.fullname" -}}
{{- printf "%s-%s" .Release.Name "agent" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified agent name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "aggregator.fullname" -}}
{{- printf "%s-%s" .Release.Name "aggregator" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified api name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "api.fullname" -}}
{{- printf "%s-%s" .Release.Name "api" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified forwarder name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "forwarder.fullname" -}}
{{- printf "%s-%s" .Release.Name "forwarder" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified grafana name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "grafana.fullname" -}}
{{- printf "%s-%s" .Release.Name "grafana" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified kafka name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "kafka.fullname" -}}
{{- printf "%s-%s" .Release.Name "kafka" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified keystone name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "keystone.fullname" -}}
{{- printf "%s-%s" .Release.Name "keystone" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified notification name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "notification.fullname" -}}
{{- printf "%s-%s" .Release.Name "notification" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified persister name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "persister.fullname" -}}
{{- printf "%s-%s" .Release.Name "persister" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified storm-supervisor name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "thresh.fullname" -}}
{{- printf "%s-%s" .Release.Name "thresh" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified zookeeper name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "zookeeper.fullname" -}}
{{- printf "%s-%s" .Release.Name "zookeeper" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified client name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "client.fullname" -}}
{{- printf "%s-%s" .Release.Name "client" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified cleanup name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "cleanup.fullname" -}}
{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified alarms name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "alarms.fullname" -}}
{{- printf "%s-%s" .Release.Name "alarms" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified tempest test name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "tempest_tests.fullname" -}}
{{- printf "%s-%s" .Release.Name "tempest-tests" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified smoke tests name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "smoke_tests.fullname" -}}
{{- printf "%s-%s" .Release.Name "smoke-tests" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified memcached name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "memcached.fullname" -}}
{{- printf "%s-%s" .Release.Name "memcached" | trunc 63 -}}
{{- end -}}
{{/*
Create a fully qualified alarm definition controller name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "alarm_definition_controller.fullname" -}}
{{- printf "%s-%s" .Release.Name "adc" | trunc 63 -}}
{{- end -}}

View File

@ -0,0 +1,155 @@
{{- /*
Read a single optional secret or string from values into an `env` `value:` or
`valueFrom:`, depending on the user-defined content of the value.
Example:
- name: OS_AUTH_URL
{{ template "monasca_secret_env" .Values.auth.url }}
Note that unlike monasca_keystone_env, secret_key can not have any default
values.
Make sure to change the name of this template when copying to keep it unique,
e.g. chart_name_secret_env.
*/}}
{{- define "monasca_secret_env" }}
{{- if eq (kindOf .) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .secret_name }}"
key: "{{ .secret_key }}"
{{- else }}
value: "{{ . }}"
{{- end }}
{{- end }}
{{- /*
Generate a list of environment vars for Keystone Auth
Example:
env:
{{ include "monasca_keystone_env" .Values.my_pod.auth | indent 4 }}
(indent level should be adjusted as necessary)
Make sure to change the name of this template when copying to keep it unique,
e.g. chart_name_keystone_env.
Note that monasca_secret_env is not used here because we want to provide
default key names.
Note: this template does NOT set OS_AUTH_URL, since we may need to reference our
internal Keystone URL and Helm cannot pass more than one variable at once.
*/}}
{{- define "monasca_keystone_env" -}}
{{- if .api_version }}
- name: OS_IDENTITY_API_VERSION
value: "{{ .api_version }}"
{{- end }}
{{- if .domain_name }}
- name: OS_DOMAIN_NAME
{{- if eq (kindOf .domain_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .domain_name.secret_name }}"
key: "{{ .domain_name.secret_key | default "OS_DOMAIN_NAME" }}"
{{- else }}
value: "{{ .domain_name }}"
{{- end }}
{{- end }}
- name: OS_USERNAME
{{- if eq (kindOf .username) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .username.secret_name }}"
key: "{{ .username.secret_key | default "OS_USERNAME" }}"
{{- else }}
value: "{{ .username }}"
{{- end }}
- name: OS_PASSWORD
{{- if eq (kindOf .password) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .password.secret_name }}"
key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
{{- else }}
value: "{{ .password }}"
{{- end }}
{{- if .user_domain_name }}
- name: OS_USER_DOMAIN_NAME
{{- if eq (kindOf .user_domain_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .user_domain_name.secret_name }}"
key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
{{- else }}
value: "{{ .user_domain_name }}"
{{- end }}
{{- end }}
{{- if .project_name }}
- name: OS_PROJECT_NAME
{{- if eq (kindOf .project_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .project_name.secret_name }}"
key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
{{- else }}
value: "{{ .project_name }}"
{{- end }}
{{- end }}
{{- if .project_domain_name }}
- name: OS_PROJECT_DOMAIN_NAME
{{- if eq (kindOf .project_domain_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .project_domain_name.secret_name }}"
key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
{{- else }}
value: "{{ .project_domain_name }}"
{{- end }}
{{- end }}
{{- if .tenant_name }}
- name: OS_TENANT_NAME
{{- if eq (kindOf .tenant_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .tenant_name.secret_name }}"
key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
{{- else }}
value: "{{ .tenant_name }}"
{{- end }}
{{- end }}
{{- if .tenant_id }}
- name: OS_TENANT_ID
{{- if eq (kindOf .tenant_id) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .tenant_id.secret_name }}"
key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
{{- else }}
value: "{{ .tenant_id }}"
{{- end }}
{{- end }}
{{- if .region_name }}
- name: OS_REGION_NAME
{{- if eq (kindOf .region_name) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .region_name.secret_name }}"
key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
{{- else }}
value: "{{ .region_name }}"
{{- end }}
{{- end }}
{{- if .auth_type }}
- name: OS_AUTH_TYPE
{{- if eq (kindOf .auth_type) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .auth_type.secret_name }}"
key: "{{ .auth_type.secret_key | default "OS_AUTH_TYPE" }}"
{{- else }}
value: "{{ .auth_type }}"
{{- end }}
{{- end }}
{{- end -}}

View File

@ -0,0 +1,30 @@
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
kind: ClusterRole
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
metadata:
name: "{{ template "agent.fullname" . }}"
rules:
- apiGroups: ["", "extensions", "storage.k8s.io"]
verbs: ["get", "list"]
resources:
- namespaces
- pods
- replicasets
- deployments
- replicationcontrollers
- nodes
- services
- componentstatuses
- storageclasses
- apiGroups: ["", "batch", "extensions", "storage.k8s.io"]
verbs: ["get", "list", "delete"]
resources:
- jobs
- pods
{{- end }}

View File

@ -0,0 +1,20 @@
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
kind: ClusterRoleBinding
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
metadata:
name: "{{ template "agent.fullname" . }}"
subjects:
- kind: ServiceAccount
name: "{{ template "agent.fullname" . }}"
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: ClusterRole
name: "{{ template "agent.fullname" . }}"
apiGroup: rbac.authorization.k8s.io
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.agent.plugins.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "agent.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.agent.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
{{ toYaml .Values.agent.plugins.config_files | indent 2 }}
{{- end}}

View File

@ -0,0 +1,159 @@
{{- if .Values.agent.daemonset_enabled }}
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: {{ template "agent.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.agent.name }}-daemonset"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
component: "{{ .Values.agent.name }}-daemonset"
app: {{ template "fullname" . }}
spec:
{{- if .Values.agent.daemonset_toleration.enabled }}
tolerations:
- operator: "{{ .Values.agent.daemonset_toleration.operator }}"
effect: "{{ .Values.agent.daemonset_toleration.effect }}"
{{- end }}
terminationGracePeriodSeconds: {{ .Values.agent.termination_grace_period }}
containers:
- name: collector
image: "{{ .Values.agent.collector.image.repository }}:{{ .Values.agent.collector.image.tag }}"
imagePullPolicy: {{ .Values.agent.collector.image.pullPolicy }}
resources:
{{ toYaml .Values.agent.resources | indent 12 }}
env:
- name: KEYSTONE_DEFAULTS_ENABLED
value: "{{ .Values.agent.keystone.defaults_enabled }}"
- name: OS_AUTH_URL
{{- if .Values.agent.keystone.url }}
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.agent.keystone.url.secret_name }}"
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.agent.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES
value: "true"
- name: KUBERNETES_TIMEOUT
value: {{ .Values.agent.kubernetes.timeout | quote }}
- name: KUBERNETES_LABELS
value: {{ .Values.agent.kubernetes.kubernetes_labels | quote }}
- name: PROMETHEUS
value: {{ .Values.agent.prometheus.auto_detect_pod_endpoints | quote }}
- name: PROMETHEUS_TIMEOUT
value: {{ .Values.agent.prometheus.timeout | quote }}
- name: PROMETHEUS_DETECT_METHOD
value: pod
- name: PROMETHEUS_KUBERNETES_LABELS
value: {{ .Values.agent.prometheus.kubernetes_labels | quote }}
- name: CADVISOR
value: {{ .Values.agent.cadvisor.enabled | quote }}
- name: CADVISOR_TIMEOUT
value: {{ .Values.agent.cadvisor.timeout | quote }}
- name: LOG_LEVEL
value: {{ .Values.agent.log_level | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
{{- if .Values.agent.namespace_annotations }}
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
value: {{ .Values.agent.namespace_annotations | quote}}
{{- end}}
{{- if .Values.agent.dimensions }}
- name: DIMENSIONS
value: {{ .Values.agent.dimensions | quote}}
{{- end}}
- name: CHECK_FREQ
value: {{ .Values.agent.collector.check_freq | quote }}
- name: NUM_COLLECTOR_THREADS
value: {{ .Values.agent.collector.num_collector_threads | quote }}
- name: POOL_FULL_MAX_TRIES
value: {{ .Values.agent.collector.pool_full_max_retries | quote }}
- name: SUB_COLLECTION_WARN
value: {{ .Values.agent.collector.sub_collection_warn | quote }}
{{- if .Values.agent.cadvisor.enable_minimum_whitelist }}
- name: CADVISOR_MINIMUM_WHITELIST
value: "true"
{{- end }}
{{- if .Values.agent.kubernetes.enable_minimum_whitelist }}
- name: KUBERNETES_MINIMUM_WHITELIST
value: "true"
{{- end }}
- name: forwarder
image: "{{ .Values.agent.forwarder.image.repository }}:{{ .Values.agent.forwarder.image.tag }}"
imagePullPolicy: {{ .Values.agent.forwarder.image.pullPolicy }}
resources:
{{ toYaml .Values.agent.resources | indent 12 }}
env:
- name: KEYSTONE_DEFAULTS_ENABLED
value: "{{ .Values.agent.keystone.defaults_enabled }}"
- name: OS_AUTH_URL
{{- if .Values.agent.keystone.url }}
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.agent.keystone.url.secret_name }}"
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.agent.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MONASCA_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
- name: LOG_LEVEL
value: {{ .Values.agent.log_level | quote }}
- name: INSECURE
value: {{ .Values.agent.insecure | quote }}
- name: MAX_BATCH_SIZE
value: {{ .Values.agent.forwarder.max_batch_size | quote }}
- name: MAX_MEASUREMENT_BUFFER_SIZE
value: {{ .Values.agent.forwarder.max_measurement_buffer_size | quote }}
- name: BACKLOG_SEND_RATE
value: {{ .Values.agent.forwarder.backlog_send_rate | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
- name: NON_LOCAL_TRAFFIC
value: {{ .Values.agent.forwarder.non_local_traffic | quote }}
{{- if .Values.agent.serviceAccount }}
serviceAccountName: {{ .Values.agent.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "agent.fullname" . }}"
{{- end }}
{{- end}}

View File

@ -0,0 +1,157 @@
{{- if .Values.agent.deployment_enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "agent.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.agent.name }}-deployment"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
component: "{{ .Values.agent.name }}-deployment"
app: {{ template "fullname" . }}
spec:
terminationGracePeriodSeconds: {{ .Values.agent.termination_grace_period }}
containers:
- name: collector
image: "{{ .Values.agent.collector.image.repository }}:{{ .Values.agent.collector.image.tag }}"
imagePullPolicy: {{ .Values.agent.collector.image.pullPolicy }}
resources:
{{ toYaml .Values.agent.resources | indent 12 }}
env:
- name: KEYSTONE_DEFAULTS_ENABLED
value: "{{ .Values.agent.keystone.defaults_enabled }}"
- name: OS_AUTH_URL
{{- if .Values.agent.keystone.url }}
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.agent.keystone.url.secret_name }}"
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.agent.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_API
value: "true"
- name: KUBERNETES_API_TIMEOUT
value: {{ .Values.agent.kubernetes_api.timeout | quote }}
- name: KUBERNETES_API_LABELS
value: {{ .Values.agent.kubernetes_api.kubernetes_labels | quote }}
- name: PROMETHEUS
value: {{ .Values.agent.prometheus.auto_detect_service_endpoints | quote }}
- name: PROMETHEUS_TIMEOUT
value: {{ .Values.agent.prometheus.timeout | quote }}
- name: PROMETHEUS_DETECT_METHOD
value: service
- name: PROMETHEUS_KUBERNETES_LABELS
value: {{ .Values.agent.prometheus.kubernetes_labels | quote }}
- name: MONASCA_API_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
- name: LOG_LEVEL
value: {{ .Values.agent.log_level | quote }}
- name: HOSTNAME_FROM_KUBERNETES
value: "true"
{{- if .Values.agent.namespace_annotations }}
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
value: {{ .Values.agent.namespace_annotations | quote}}
{{- end}}
{{- if .Values.agent.kubernetes_api.storage.parameter_dimensions }}
- name: STORAGE_PARAMETERS_DIMENSIONS
value: {{ .Values.agent.kubernetes_api.storage.parameter_dimensions | quote}}
{{- end}}
- name: REPORT_PERSISTENT_STORAGE
value: {{ .Values.agent.kubernetes_api.storage.report | quote }}
{{- if .Values.agent.dimensions }}
- name: DIMENSIONS
value: {{ .Values.agent.dimensions | quote}}
{{- end}}
- name: CHECK_FREQ
value: {{ .Values.agent.collector.check_freq | quote }}
- name: NUM_COLLECTOR_THREADS
value: {{ .Values.agent.collector.num_collector_threads | quote }}
- name: POOL_FULL_MAX_TRIES
value: {{ .Values.agent.collector.pool_full_max_retries | quote }}
- name: SUB_COLLECTION_WARN
value: {{ .Values.agent.collector.sub_collection_warn | quote }}
{{- if .Values.agent.plugins.enabled }}
volumeMounts:
- name: agent-config
mountPath: /plugins.d
{{- end}}
- name: forwarder
image: "{{ .Values.agent.forwarder.image.repository }}:{{ .Values.agent.forwarder.image.tag }}"
imagePullPolicy: {{ .Values.agent.forwarder.image.pullPolicy }}
resources:
{{ toYaml .Values.agent.resources | indent 12 }}
env:
- name: KEYSTONE_DEFAULTS_ENABLED
value: "{{ .Values.agent.keystone.defaults_enabled }}"
- name: AGENT_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: AGENT_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: OS_AUTH_URL
{{- if .Values.agent.keystone.url }}
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.agent.keystone.url.secret_name }}"
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.agent.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
- name: MONASCA_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
- name: LOG_LEVEL
value: {{ .Values.agent.log_level | quote }}
- name: INSECURE
value: {{ .Values.agent.insecure | quote }}
- name: MAX_BATCH_SIZE
value: {{ .Values.agent.forwarder.max_batch_size | quote }}
- name: MAX_MEASUREMENT_BUFFER_SIZE
value: {{ .Values.agent.forwarder.max_measurement_buffer_size | quote }}
- name: BACKLOG_SEND_RATE
value: {{ .Values.agent.forwarder.backlog_send_rate | quote }}
- name: NON_LOCAL_TRAFFIC
value: {{ .Values.agent.forwarder.non_local_traffic | quote }}
{{- if .Values.agent.plugins.enabled }}
volumes:
- name: agent-config
configMap:
name: {{ template "agent.fullname" . }}
{{- end}}
{{- if .Values.agent.serviceAccount }}
serviceAccountName: {{ .Values.agent.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "agent.fullname" . }}"
{{- end }}
{{- end}}

View File

@ -0,0 +1,12 @@
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ template "agent.fullname" . }}"
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.agent.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.aggregator.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "aggregator.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.aggregator.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
{{ toYaml .Values.aggregator.metric_configuration | indent 2 }}
{{- end }}

View File

@ -0,0 +1,52 @@
{{- if .Values.aggregator.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "aggregator.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.aggregator.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: {{ .Values.aggregator.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.aggregator.name }}"
annotations:
checksum/metric_config: {{ toYaml .Values.aggregator.metric_configuration | sha256sum }}
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
prometheus.io/port: "8080"
spec:
containers:
- name: aggregator
image: "{{ .Values.aggregator.image.repository }}:{{ .Values.aggregator.image.tag }}"
imagePullPolicy: {{ .Values.aggregator.image.pullPolicy }}
resources:
{{ toYaml .Values.aggregator.resources | indent 10 }}
ports:
- containerPort: 8080
name: metrics
env:
- name: AGGREGATION_WINDOW_SIZE
value: {{ .Values.aggregator.window_size | quote }}
- name: AGGREGATION_WINDOW_LAG
value: {{ .Values.aggregator.window_lag | quote }}
- name: KAFKA_URI
{{- if .Values.kafka.overrideUri }}
value: "{{ .Values.kafka.overrideUri }}"
{{- else }}
value: "{{ template "kafka.fullname" . }}:9092"
{{- end }}
volumeMounts:
- name: aggregator-config
mountPath: /specs
volumes:
- name: aggregator-config
configMap:
name: {{ template "aggregator.fullname" . }}
{{- end }}

View File

@ -0,0 +1,59 @@
{{- if .Values.alarm_definition_controller.controller_enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "alarm_definition_controller.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.alarm_definition_controller.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: 1
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.alarm_definition_controller.name }}"
spec:
containers:
- name: adc
image: "{{ .Values.alarm_definition_controller.image.repository }}:{{ .Values.alarm_definition_controller.image.tag }}"
imagePullPolicy: {{ .Values.alarm_definition_controller.image.pullPolicy }}
resources:
{{ toYaml .Values.alarm_definition_controller.resources | indent 12 }}
env:
- name: OS_AUTH_URL
{{- if .Values.alarm_definition_controller.keystone.url }}
{{- if eq (kindOf .Values.alarm_definition_controller.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.alarm_definition_controller.keystone.url.secret_name }}"
key: "{{ .Values.alarm_definition_controller.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.alarm_definition_controller.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}"
{{- end }}
{{ include "monasca_keystone_env" .Values.alarm_definition_controller.keystone | indent 12 }}
- name: MONASCA_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
{{- if .Values.alarm_definition_controller.default_notification_name }}
- name: DEFAULT_NOTIFICATION
value: "{{ .Values.alarm_definition_controller.default_notification_name }}"
{{- end }}
- name: NAMESPACE
{{- if .Values.alarm_definition_controller.namespace }}
value: "{{ .Values.alarm_definition_controller.namespace }}"
{{- else }}
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- end }}
- name: VERSION
value: "{{ .Values.alarm_definition_controller.version }}"
{{- end }}

View File

@ -0,0 +1,9 @@
{{- if .Values.alarm_definition_controller.resource_enabled }}
apiVersion: extensions/v1beta1
kind: ThirdPartyResource
metadata:
name: alarm-definition.monasca.io
description: "A specification to create a Monasca alarm definition"
versions:
- name: {{ .Values.alarm_definition_controller.version }}
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.alarms.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "alarms.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.alarms.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
{{ toYaml .Values.alarms.definitions_configuration | indent 2 }}
{{- end }}

View File

@ -0,0 +1,82 @@
{{- if .Values.alarms.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "alarms.fullname" . }}-init-job
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.alarms.name }}-init-job"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.alarms.name }}-init-job"
spec:
restartPolicy: OnFailure
containers:
- name: alarms-init-job
image: "{{ .Values.alarms.image.repository }}:{{ .Values.alarms.image.tag }}"
imagePullPolicy: {{ .Values.alarms.image.pullPolicy }}
resources:
{{ toYaml .Values.alarms.resources | indent 12 }}
env:
- name: KEYSTONE_DEFAULTS_ENABLED
value: "{{ .Values.alarms.keystone.defaults_enabled }}"
- name: OS_AUTH_URL
{{- if .Values.alarms.keystone.url }}
{{- if eq (kindOf .Values.alarms.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.alarms.keystone.url.secret_name }}"
key: "{{ .Values.alarms.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.alarms.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.alarms.keystone | indent 12 }}
- name: MONASCA_API_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
- name: MONASCA_WAIT_FOR_API
value: "{{ .Values.alarms.wait.enabled }}"
- name: MONASCA_API_WAIT_RETRIES
value: "{{ .Values.alarms.wait.retries }}"
- name: MONASCA_API_WAIT_DELAY
value: "{{ .Values.alarms.wait.delay }}"
{{- if .Values.alarms.notification_name }}
- name: NOTIFICATION_NAME
value: "{{ .Values.alarms.notification_name }}"
{{- end }}
{{- if .Values.alarms.notification_type }}
- name: NOTIFICATION_TYPE
value: "{{ .Values.alarms.notification_type }}"
{{- end }}
{{- if .Values.alarms.notification_address_secret }}
- name: NOTIFICATION_ADDRESS
valueFrom:
secretKeyRef:
name: "{{ .Values.alarms.notification_address_secret }}"
key: "{{ .Values.alarms.notification_address_secret_key | default .Values.alarms.notification_address_secret }}"
{{- else if .Values.alarms.notification_address }}
- name: NOTIFICATION_ADDRESS
value: "{{ .Values.alarms.notification_address }}"
{{- end }}
volumeMounts:
- name: alarms-config
mountPath: /config/definitions.yml.j2
subPath: definitions.yml.j2
volumes:
- name: alarms-config
configMap:
name: {{ template "alarms.fullname" . }}
items:
- key: definitions.yml.j2
path: definitions.yml.j2
{{- end }}

View File

@ -0,0 +1,167 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "api.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.api.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: {{ .Values.api.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.api.name }}"
{{- if .Values.api.side_container.enabled }}
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: "/metrics"
prometheus.io/port: "4888"
{{- end }}
spec:
containers:
- name: api
image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}"
imagePullPolicy: {{ .Values.api.image.pullPolicy }}
resources:
{{ toYaml .Values.api.resources | indent 10 }}
ports:
- containerPort: 8070
name: client
env:
- name: LOG_LEVEL_ROOT
value: {{ .Values.api.logging.log_level_root | quote }}
- name: LOG_LEVEL_CONSOLE
value: {{ .Values.api.logging.log_level_console | quote }}
- name: KAFKA_URI
{{- if .Values.kafka.overrideUri }}
value: "{{ .Values.kafka.overrideUri }}"
{{- else }}
value: "{{ template "kafka.fullname" . }}:9092"
{{- end }}
- name: INFLUX_HOST
value: "{{ .Release.Name }}-influxdb"
- name: INFLUX_PORT
value: {{ .Values.influxdb.config.http.bind_address | quote }}
- name: INFLUX_USER
value: {{ .Values.api.influxdb.user | quote }}
- name: INFLUX_PASSWORD
value: {{ .Values.api.influxdb.password | quote }}
- name: INFLUX_DB
value: {{ .Values.api.influxdb.database | quote }}
{{- if .Values.api.mysql_disabled }}
- name: API_MYSQL_DISABLED
value: {{ .Values.api.mysql_disabled | quote }}
{{- end}}
{{- if .Values.api.mysql_disabled }}
- name: MYSQL_WAIT_RETRIES
value: {{ .Values.api.mysql_wait_retries | quote }}
{{- end}}
- name: MYSQL_HOST
{{- if .Values.api.mysql.host }}
{{- if eq (kindOf .Values.api.mysql.host) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.api.mysql.host.secret_name }}"
key: "{{ .Values.api.mysql.host.secret_key | default "host" }}"
{{- else }}
value: "{{ .Values.api.mysql.host }}"
{{- end}}
{{- else }}
value: "{{ .Release.Name }}-mysql"
{{- end}}
- name: MYSQL_USER
valueFrom:
secretKeyRef:
{{- if .Values.api.mysql.username.secret_name }}
name: "{{ .Values.api.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-api-secret"
{{- end}}
key: "{{ .Values.api.mysql.username.secret_key | default "username" }}"
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.api.mysql.password.secret_name }}
name: "{{ .Values.api.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-api-secret"
{{- end}}
key: "{{ .Values.api.mysql.password.secret_key | default "password" }}"
- name: MYSQL_DB
value: "mon"
- name: MEMCACHED_URI
{{- if .Values.api.memcachedUri }}
value: "{{ .Values.api.memcachedUri }}"
{{- else if .Values.memcached.enabled }}
value: "{{ template "memcached.fullname" . }}:{{ .Values.memcached.service.port | default "11211" }}"
{{- else }}
value: ""
{{- end }}
- name: KEYSTONE_IDENTITY_URI
{{- if .Values.api.keystone.identity_url }}
{{- include "monasca_secret_env" .Values.api.keystone.identity_url | indent 14 }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}"
{{- end }}
- name: KEYSTONE_AUTH_URI
{{- if .Values.api.keystone.auth_url }}
{{- include "monasca_secret_env" .Values.api.keystone.auth_url | indent 14 }}
{{- else if .Values.keystone.override.admin_url }}
value: "{{ .Values.keystone.override.admin_url }}"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.admin_port }}"
{{- end }}
- name: KEYSTONE_ADMIN_USER
{{- include "monasca_secret_env" .Values.api.keystone.username | indent 14 }}
- name: KEYSTONE_ADMIN_PASSWORD
{{- include "monasca_secret_env" .Values.api.keystone.password | indent 14 }}
- name: KEYSTONE_ADMIN_TENANT
{{- include "monasca_secret_env" .Values.api.keystone.tenant_name | indent 14 }}
{{- if .Values.api.auth_disabled }}
- name: API_AUTH_DISABLED
value: "true"
{{- end}}
{{- if .Values.api.authorized_roles }}
- name: AUTHORIZED_ROLES
value: {{ .Values.api.authorized_roles | quote }}
{{- end}}
{{- if .Values.api.http_proxy }}
- name: http_proxy
value: {{ .Values.api.http_proxy | quote }}
- name: HTTP_PROXY
value: {{ .Values.api.http_proxy | quote }}
{{- end }}
{{- if .Values.api.https_proxy }}
- name: https_proxy
value: {{ .Values.api.https_proxy | quote }}
- name: HTTPS_PROXY
value: {{ .Values.api.https_proxy | quote }}
{{- end }}
{{- if .Values.api.no_proxy }}
- name: no_proxy
value: {{ .Values.api.no_proxy | quote }}
- name: NO_PROXY
value: {{ .Values.api.no_proxy | quote }}
{{- end }}
{{- if .Values.api.side_container.enabled }}
- name: SIDECAR_URL
value: http://localhost:4888/v1/ingest
{{- end }}
- name: GUNICORN_WORKERS
value: {{ .Values.api.gunicorn_workers | quote }}
{{- if .Values.api.side_container.enabled }}
- name: sidecar
image: "{{ .Values.api.side_container.image.repository }}:{{ .Values.api.side_container.image.tag }}"
imagePullPolicy: {{ .Values.api.side_container.image.pullPolicy }}
resources:
{{ toYaml .Values.api.side_container.resources | indent 10 }}
ports:
- containerPort: 4888
name: scrape
{{- end }}

View File

@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.api.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "api.fullname" . }}
spec:
type: {{ .Values.api.service.type }}
ports:
- name: http
port: {{ .Values.api.service.port}}
{{- if .Values.api.service.node_port }}
nodePort: {{ .Values.api.service.node_port }}
{{- end }}
selector:
app: {{ template "fullname" . }}
component: "{{ .Values.api.name }}"

View File

@ -0,0 +1,47 @@
apiVersion: batch/v1
kind: Job
metadata:
# while not recommended, we add a random sequence to the end of the job name
# this job will attempt to delete itself when finished, but should it fail for
# some reason we don't want future upgrades to fail because of a name conflict
# (plus the future runs of this job will delete any previous iterations that
# failed to clean themselves up)
name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}-job"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
"helm.sh/hook": pre-upgrade,post-delete
"helm.sh/hook-weight": "-5"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.cleanup.name }}-job"
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
restartPolicy: OnFailure
containers:
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
resources:
{{ toYaml .Values.cleanup.resources | indent 12 }}
env:
- name: "WAIT_RETRIES"
value: "{{ .Values.cleanup.wait.retries }}"
- name: "WAIT_DELAY"
value: "{{ .Values.cleanup.wait.delay }}"
- name: "WAIT_TIMEOUT"
value: "{{ .Values.cleanup.wait.timeout }}"
{{- if .Values.cleanup.serviceAccount }}
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
{{- else if .Values.rbac.create }}
serviceAccountName: "{{ template "cleanup.fullname" . }}"
{{- end }}

View File

@ -0,0 +1,25 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: Role
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete", "patch"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "delete"]
{{- end }}

View File

@ -0,0 +1,26 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
apiVersion: rbac.authorization.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
apiVersion: rbac.authorization.k8s.io/v1beta1
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
apiVersion: rbac.authorization.k8s.io/v1alpha1
{{- end }}
kind: RoleBinding
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
subjects:
- kind: ServiceAccount
name: {{ template "cleanup.fullname" . }}
namespace: "{{ .Release.Namespace }}"
roleRef:
kind: Role
name: {{ template "cleanup.fullname" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

View File

@ -0,0 +1,12 @@
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "cleanup.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: "{{ .Values.cleanup.name }}"
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,48 @@
{{- if .Values.client.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "client.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.client.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
component: "{{ .Values.client.name }}-deployment"
app: {{ template "fullname" . }}
spec:
containers:
- name: client
image: "{{ .Values.client.image.repository }}:{{ .Values.client.image.tag }}"
imagePullPolicy: {{ .Values.client.image.pullPolicy }}
command:
- "sh"
- "-c"
- "while true; do sleep 86400; done"
resources:
{{ toYaml .Values.client.resources | indent 12 }}
env:
- name: OS_AUTH_URL
{{- if .Values.client.keystone.url }}
{{- if eq (kindOf .Values.client.keystone.url) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.client.keystone.url.secret_name }}"
key: "{{ .Values.client.keystone.url.secret_key | default "OS_AUTH_URL" }}"
{{- else }}
value: "{{ .Values.client.keystone.url }}"
{{- end }}
{{- else if .Values.keystone.override.public_url }}
value: "{{ .Values.keystone.override.public_url }}/v3"
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
{{- end }}
{{ include "monasca_keystone_env" .Values.client.keystone | indent 12 }}
- name: MONASCA_API_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.forwarder.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "forwarder.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.forwarder.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
{{ toYaml .Values.forwarder.metric_configuration | indent 2 }}
{{- end }}

View File

@ -0,0 +1,68 @@
{{- if .Values.forwarder.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "forwarder.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.forwarder.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: {{ .Values.forwarder.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.forwarder.name }}"
annotations:
checksum/metric_config: {{ toYaml .Values.forwarder.metric_configuration | sha256sum }}
spec:
containers:
- name: forwarder
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
resources:
{{ toYaml .Values.forwarder.resources | indent 10 }}
env:
- name: MONASCA_PROJECT_ID
value: {{ .Values.forwarder.config.monasca_project_id | quote }}
- name: REMOTE_API_URL
value: {{ .Values.forwarder.config.remote_api_url | quote }}
- name: DEBUG
value: {{ .Values.forwarder.logging.debug | quote }}
- name: VERBOSE
value: {{ .Values.forwarder.logging.verbose | quote }}
- name: ZOOKEEPER_URL
{{- if .Values.zookeeper.overrideUri }}
value: "{{ .Values.zookeeper.overrideUri }}"
{{- else }}
value: "{{ template "zookeeper.fullname" . }}:2181"
{{- end }}
- name: KAFKA_URI
{{- if .Values.kafka.overrideUri }}
value: "{{ .Values.kafka.overrideUri }}"
{{- else }}
value: "{{ template "kafka.fullname" . }}:9092"
{{- end }}
- name: USE_INSECURE
value: {{ .Values.forwarder.config.use_insecure | quote}}
- name: MONASCA_ROLE
value: {{ .Values.forwarder.config.monasca_role | quote }}
{{- if .Values.forwarder.metric_project_id }}
- name: METRIC_PROJECT_ID
value: {{ .Values.forwarder.config.metric_project_id | quote }}
{{- end }}
volumeMounts:
- name: forwarder-config
mountPath: /config/forwarder_metric_match.yml.j2
subPath: forwarder_metric_match.yml.j2
volumes:
- name: forwarder-config
configMap:
name: {{ template "forwarder.fullname" . }}
items:
- key: forwarder_metric_match.yml
path: forwarder_metric_match.yml.j2
{{- end }}

View File

@ -0,0 +1,37 @@
{{- if .Values.grafana.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "grafana.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.grafana.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
grafana.ini: |
[paths]
plugins = /var/lib/grafana/plugins
[auth.basic]
enabled = false
[users]
allow_sign_up = true
allow_org_create = true
[auth.keystone]
enabled = true
verify_ssl_cert = false
v3 = true
default_domain = Default
[log.console]
level = trace
[database]
type = mysql
name = grafana
ssl_mode = disable
{{- end}}

View File

@ -0,0 +1,76 @@
{{- if .Values.grafana.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "grafana.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.grafana.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: 1
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.grafana.name }}"
spec:
containers:
- name: grafana
image: "{{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}"
imagePullPolicy: {{ .Values.grafana.image.pullPolicy }}
resources:
{{ toYaml .Values.grafana.resources | indent 12 }}
ports:
- name: http
containerPort: 3000
volumeMounts:
- name: grafana-config
mountPath: /etc/grafana
env:
- name: GF_AUTH_KEYSTONE_AUTH_URL
{{- if .Values.grafana.keystone_url }}
{{- include "monasca_secret_env" .Values.grafana.keystone_url | indent 14 }}
{{- else }}
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.admin_port }}"
{{- end }}
- name: GF_DATABASE_HOST
{{- if .Values.grafana.mysql.host }}
{{- if eq (kindOf .Values.grafana.mysql.host) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.grafana.mysql.host.secret_name }}"
key: "{{ .Values.grafana.mysql.host.secret_key | default "host" }}"
{{- else }}
value: "{{ .Values.grafana.mysql.host }}"
{{- end}}
{{- else }}
value: "{{ .Release.Name }}-mysql"
{{- end}}
- name: GF_DATABASE_PORT
{{- include "monasca_secret_env" .Values.grafana.mysql.port | indent 14 }}
- name: GF_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.grafana.mysql.password.secret_name}}
name: "{{ .Values.grafana.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-grafana-secret"
{{- end}}
key: "{{ .Values.grafana.mysql.password.secret_key | default "password" }}"
- name: GF_DATABASE_USER
valueFrom:
secretKeyRef:
{{- if .Values.grafana.mysql.username.secret_name}}
name: "{{ .Values.grafana.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-grafana-secret"
{{- end}}
key: "{{ .Values.grafana.mysql.username.secret_key | default "username" }}"
volumes:
- name: grafana-config
configMap:
name: {{ template "grafana.fullname" . }}
{{- end}}

View File

@ -0,0 +1,41 @@
{{- if .Values.grafana.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "grafana.fullname" . }}-init-job
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.grafana.name }}-init-job"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.grafana.name }}-init-job"
spec:
restartPolicy: OnFailure
containers:
- name: grafana-init-job
image: "{{ .Values.grafana_init.image.repository }}:{{ .Values.grafana_init.image.tag }}"
imagePullPolicy: {{ .Values.grafana_init.image.pullPolicy }}
resources:
{{ toYaml .Values.grafana_init.resources | indent 12 }}
env:
- name: LOG_LEVEL
value: {{ .Values.grafana_init.log_level }}
- name: GRAFANA_URL
{{- if $.Values.grafana.simple_name }}
value: "http://{{ $.Values.grafana.name}}:{{ .Values.grafana.service.port }}"
{{- else }}
value: "http://{{ template "grafana.fullname" . }}:{{ .Values.grafana.service.port }}"
{{- end }}
- name: GRAFANA_USERNAME
{{- include "monasca_secret_env" .Values.grafana_init.username | indent 14 }}
- name: GRAFANA_PASSWORD
{{- include "monasca_secret_env" .Values.grafana_init.password | indent 14 }}
- name: DATASOURCE_URL
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}"
{{- end}}

View File

@ -0,0 +1,24 @@
{{- if .Values.grafana.enabled }}
apiVersion: v1
kind: Service
metadata:
{{- if $.Values.grafana.simple_name }}
name: {{ $.Values.grafana.name }}
{{- else }}
name: {{ template "grafana.fullname" . }}
{{- end }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.grafana.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
type: {{ .Values.grafana.service.type }}
ports:
- name: http
port: {{ .Values.grafana.service.port }}
selector:
app: {{ template "fullname" . }}
component: "{{ .Values.grafana.name }}"
{{- end}}

View File

@ -0,0 +1,31 @@
{{- if .Values.influx_init.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-influx-init-job
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
spec:
restartPolicy: OnFailure
containers:
- name: influx-init-job
image: "{{ .Values.influx_init.image.repository }}:{{ .Values.influx_init.image.tag }}"
imagePullPolicy: {{ .Values.influx_init.image.pullPolicy }}
env:
- name: INFLUXDB_URL
value: "http://{{ .Release.Name }}-influxdb:{{ .Values.influxdb.config.http.bind_address }}"
- name: INFLUXDB_SHARD_DURATION
value: {{ .Values.influx_init.shard_duration | quote }}
- name: INFLUXDB_DEFAULT_RETENTION
value: {{ .Values.influx_init.default_retention | quote }}
resources:
{{ toYaml .Values.influx_init.resources | indent 12 }}
{{- end }}

View File

@ -0,0 +1,63 @@
{{- if .Values.keystone.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.keystone.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "keystone.fullname" . }}
data:
preload.yml: |
users:
- username: mini-mon
password: {{ .Values.keystone.users.mini_mon.password }}
project: mini-mon
role: monasca-user
- username: monasca-agent
password: {{ .Values.keystone.users.monasca_agent.password }}
project: mini-mon
role: monasca-agent
- username: mini-mon
password: {{ .Values.keystone.users.mini_mon.password }}
project: mini-mon
role: admin
- username: admin
password: {{ .Values.keystone.users.admin.password }}
project: admin
role: monasca-user
- username: demo
password: {{ .Values.keystone.users.demo.password }}
project: demo
role: monasca-user
- username: monasca-read-only-user
password: {{ .Values.keystone.users.monasca_read_only.password }}
project: mini-mon
role: monasca-read-only-user
endpoints:
- name: monasca
description: Monasca monitoring service
type: monitoring
region: RegionOne
interfaces:
- name: internal
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
- name: public
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
{{- if .Values.api.service.node_port }}
resolve: true
{{- end }}
- name: admin
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
{{- if .Values.api.service.node_port }}
resolve: true
{{- end }}
{{- end}}

View File

@ -0,0 +1,85 @@
{{- if .Values.keystone.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.keystone.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "keystone.fullname" . }}
spec:
replicas: {{ .Values.keystone.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.keystone.name }}"
spec:
volumes:
- name: preload-config
configMap:
name: {{ template "keystone.fullname" . }}
items:
- key: preload.yml
path: preload.yml
containers:
- name: keystone
image: "{{ .Values.keystone.image.repository }}:{{ .Values.keystone.image.tag }}"
imagePullPolicy: {{ .Values.keystone.image.pullPolicy }}
resources:
{{ toYaml .Values.keystone.resources | indent 12 }}
env:
- name: KEYSTONE_HOST
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: KEYSTONE_USERNAME
value: {{ .Values.keystone.bootstrap.user | quote }}
- name: KEYSTONE_PASSWORD
value: {{ .Values.keystone.bootstrap.password | quote }}
- name: KEYSTONE_PROJECT
value: {{ .Values.keystone.bootstrap.project | quote }}
- name: KEYSTONE_ROLE
value: {{ .Values.keystone.bootstrap.role | quote }}
- name: KEYSTONE_SERVICE
value: {{ .Values.keystone.bootstrap.service | quote }}
- name: KEYSTONE_REGION
value: {{ .Values.keystone.bootstrap.region | quote }}
- name: KEYSTONE_DATABASE_BACKEND
value: {{ .Values.keystone.database_backend | quote }}
- name: KEYSTONE_MYSQL_HOST
value: "{{ .Release.Name }}-mysql"
- name: KEYSTONE_MYSQL_USER
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-mysql-keystone-secret"
key: username
- name: KEYSTONE_MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-mysql-keystone-secret"
key: password
- name: KEYSTONE_MYSQL_DATABASE
value: {{ .Values.keystone.mysql.database | quote }}
- name: KEYSTONE_MYSQL_TCP_PORT
value: "3306"
{{- if .Values.keystone.service.node_port }}
{{- if .Values.keystone.service.admin_node_port }}
- name: KUBERNETES_RESOLVE_PUBLIC_ENDPOINTS
value: "true"
- name: KEYSTONE_SERVICE_NAME
value: "{{ template "keystone.fullname" . }}"
{{- end }}
{{- end }}
ports:
- name: http
containerPort: 5000
- name: admin
containerPort: 35357
volumeMounts:
- name: preload-config
mountPath: /preload.yml
subPath: preload.yml
{{- end}}

View File

@ -0,0 +1,30 @@
{{- if .Values.keystone.enabled }}
apiVersion: v1
kind: Service
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.keystone.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "keystone.fullname" . }}
spec:
type: {{ .Values.keystone.service.type }}
ports:
- name: http
port: {{ .Values.keystone.service.port }}
targetPort: http
{{- if .Values.keystone.service.node_port }}
nodePort: {{ .Values.keystone.service.node_port }}
{{- end }}
- name: admin
port: {{ .Values.keystone.service.admin_port }}
targetPort: admin
{{- if .Values.keystone.service.admin_node_port }}
nodePort: {{ .Values.keystone.service.admin_node_port }}
{{- end }}
selector:
app: {{ template "fullname" . }}
component: "{{ .Values.keystone.name }}"
{{- end}}

View File

@ -0,0 +1,29 @@
{{- if .Values.memcached.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "memcached.fullname" . }}
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.memcached.name }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
replicas: {{ .Values.memcached.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.memcached.name }}"
spec:
containers:
- name: memcached
image: "{{ .Values.memcached.image.repository }}:{{ .Values.memcached.image.tag }}"
imagePullPolicy: {{ .Values.memcached.image.pullPolicy }}
resources:
{{ toYaml .Values.memcached.resources | indent 10 }}
ports:
- containerPort: 11211
name: memcached
{{- end }}

View File

@ -0,0 +1,24 @@
{{- if .Values.memcached.enabled }}
apiVersion: v1
kind: Service
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.memcached.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "memcached.fullname" . }}
spec:
type: {{ .Values.memcached.service.type | default "ClusterIP" }}
ports:
- name: memcached
port: {{ .Values.memcached.service.port | default "11211" }}
targetPort: memcached
{{- if .Values.memcached.service.node_port }}
nodePort: {{ .Values.memcached.service.node_port }}
{{- end }}
selector:
app: {{ template "fullname" . }}
component: "{{ .Values.memcached.name }}"
{{- end}}

View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: "{{ .Release.Name }}-mysql-api-secret"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
username: {{ b64enc .Values.mysql.users.api.username | quote }}
password: {{ b64enc .Values.mysql.users.api.password | quote }}

View File

@ -0,0 +1,17 @@
{{- if .Values.grafana.enabled }}
{{- if .Values.grafana.local_mysql_enabled }}
apiVersion: v1
kind: Secret
metadata:
name: "{{ .Release.Name }}-mysql-grafana-secret"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
username: {{ b64enc .Values.mysql.users.grafana.username | quote }}
password: {{ b64enc .Values.mysql.users.grafana.password | quote }}
{{- end}}
{{- end}}

View File

@ -0,0 +1,128 @@
{{- if .Values.mysql_init.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-mysql-init-job
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "fullname" . }}
spec:
restartPolicy: OnFailure
containers:
- name: mysql-init-job
image: "{{ .Values.mysql_init.image.repository }}:{{ .Values.mysql_init.image.tag }}"
imagePullPolicy: {{ .Values.mysql_init.image.pullPolicy }}
resources:
{{ toYaml .Values.mysql_init.resources | indent 12 }}
env:
- name: MYSQL_INIT_DISABLE_REMOTE_ROOT
value: {{ .Values.mysql_init.disable_remote_root | quote }}
- name: MYSQL_INIT_RANDOM_PASSWORD
value: "false"
- name: MYSQL_INIT_HOST
{{- if .Values.mysql_init.host }}
{{- if eq (kindOf .Values.mysql_init.host) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.mysql_init.host.secret_name }}"
key: "{{ .Values.mysql_init.host.secret_key }}"
{{- else }}
value: "{{ .Values.mysql_init.host }}"
{{- end}}
{{- else }}
value: "{{ .Release.Name }}-mysql"
{{- end}}
- name: MYSQL_INIT_USERNAME
{{- include "monasca_secret_env" .Values.mysql_init.username | indent 14 }}
- name: MYSQL_INIT_PASSWORD
{{- include "monasca_secret_env" .Values.mysql_init.password | indent 14 }}
- name: MYSQL_INIT_PORT
{{- include "monasca_secret_env" .Values.mysql_init.port | indent 14 }}
- name: CREATE_MON_USERS
value: {{ .Values.mysql_init.create_mon_users | quote }}
- name: GRAFANA_DB_ENABLED
value: {{ .Values.mysql_init.grafana_db_enabled | quote }}
- name: KEYSTONE_DB_ENABLED
value: {{ .Values.mysql_init.keystone_db_enabled | quote }}
{{- if .Values.mysql_init.keystone_db_enabled }}
- name: KEYSTONE_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.keystone.mysql.username.secret_name }}
name: "{{ .Values.keystone.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-keystone-secret"
{{- end}}
key: "{{ .Values.keystone.mysql.username.secret_key | default "username" }}"
- name: KEYSTONE_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.keystone.mysql.password.secret_name }}
name: "{{ .Values.keystone.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-keystone-secret"
{{- end}}
key: "{{ .Values.keystone.mysql.password.secret_key | default "password" }}"
{{- end}}
- name: API_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.api.mysql.username.secert_key }}
name: "{{ .Values.api.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-api-secret"
{{- end}}
key: "{{ .Values.api.mysql.username.secret_key | default "username" }}"
- name: API_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.api.mysql.password.secert_key }}
name: "{{ .Values.api.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-api-secret"
{{- end}}
key: "{{ .Values.api.mysql.password.secret_key | default "password" }}"
- name: NOTIFICATION_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.notification.mysql.username.secret_name }}
name: "{{ .Values.notification.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-notification-secret"
{{- end}}
key: "{{ .Values.notification.mysql.username.secret_key | default "username" }}"
- name: NOTIFICATION_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.notification.mysql.password.secret_name }}
name: "{{ .Values.notification.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-notification-secret"
{{- end}}
key: "{{ .Values.notification.mysql.password.secret_key | default "password" }}"
- name: THRESH_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.thresh.mysql.username.secret_name }}
name: "{{ .Values.thresh.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-thresh-secret"
{{- end}}
key: "{{ .Values.thresh.mysql.username.secret_key | default "username" }}"
- name: THRESH_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.thresh.mysql.password.secret_name }}
name: "{{ .Values.thresh.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-thresh-secret"
{{- end}}
key: "{{ .Values.thresh.mysql.password.secret_key | default "password" }}"
{{- end }}

View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: "{{ .Release.Name }}-mysql-keystone-secret"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
username: {{ b64enc .Values.mysql.users.keystone.username | quote }}
password: {{ b64enc .Values.mysql.users.keystone.password | quote }}

View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: "{{ .Release.Name }}-mysql-notification-secret"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
username: {{ b64enc .Values.mysql.users.notification.username | quote }}
password: {{ b64enc .Values.mysql.users.notification.password | quote }}

View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: "{{ .Release.Name }}-mysql-thresh-secret"
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
type: Opaque
data:
username: {{ b64enc .Values.mysql.users.thresh.username | quote }}
password: {{ b64enc .Values.mysql.users.thresh.password | quote }}

View File

@ -0,0 +1,141 @@
{{- if .Values.notification.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: {{ template "fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
component: "{{ .Values.notification.name }}"
heritage: "{{ .Release.Service }}"
release: "{{ .Release.Name }}"
name: {{ template "notification.fullname" . }}
spec:
replicas: {{ .Values.notification.replicaCount }}
template:
metadata:
labels:
app: {{ template "fullname" . }}
component: "{{ .Values.notification.name }}"
spec:
containers:
- name: notification
image: "{{ .Values.notification.image.repository }}:{{ .Values.notification.image.tag }}"
imagePullPolicy: {{ .Values.notification.image.pullPolicy }}
resources:
{{ toYaml .Values.notification.resources | indent 12 }}
env:
- name: MYSQL_DB_HOST
{{- if .Values.notification.mysql.host }}
{{- if eq (kindOf .Values.notification.mysql.host) "map" }}
valueFrom:
secretKeyRef:
name: "{{ .Values.notification.mysql.host.secret_name }}"
key: "{{ .Values.notification.mysql.host.secret_key | default "host" }}"
{{- else }}
value: "{{ .Values.notification.mysql.host }}"
{{- end}}
{{- else }}
value: "{{ .Release.Name }}-mysql"
{{- end}}
- name: MYSQL_DB_PORT
{{- include "monasca_secret_env" .Values.notification.mysql.port | indent 14 }}
- name: MYSQL_DB_USERNAME
valueFrom:
secretKeyRef:
{{- if .Values.notification.mysql.username.secret_name }}
name: "{{ .Values.notification.mysql.username.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-notification-secret"
{{- end}}
key: "{{ .Values.notification.mysql.username.secret_key | default "username" }}"
- name: MYSQL_DB_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.notification.mysql.password.secret_name }}
name: "{{ .Values.notification.mysql.password.secret_name }}"
{{- else }}
name: "{{ .Release.Name }}-mysql-notification-secret"
{{- end}}
key: "{{ .Values.notification.mysql.password.secret_key | default "password" }}"
- name: MYSQL_DB_DATABASE
value: "mon"
- name: KAFKA_URI
{{- if .Values.kafka.overrideUri }}
value: "{{ .Values.kafka.overrideUri }}"
{{- else }}
value: "{{ template "kafka.fullname" . }}:9092"
{{- end }}
- name: ZOOKEEPER_URL
{{- if .Values.zookeeper.overrideUri }}
value: "{{ .Values.zookeeper.overrideUri }}"
{{- else }}
value: "{{ template "zookeeper.fullname" . }}:2181"
{{- end }}
- name: LOG_LEVEL
value: {{ .Values.notification.log_level | quote }}
- name: NF_PLUGINS
value: {{ .Values.notification.plugins | quote }}
{{- if .Values.notification.plugin_config.email.defined }}
- name: NF_EMAIL_SERVER
value: {{ .Values.notification.plugin_config.email.server | quote }}
- name: NF_EMAIL_PORT
value: {{ .Values.notification.plugin_config.email.port | quote }}
{{- if .Values.notification.plugin_config.email.user }}
- name: NF_EMAIL_USER
value: {{ .Values.notification.plugin_config.email.user | quote }}
- name: NF_EMAIL_PASSWORD
value: {{ .Values.notification.plugin_config.email.password | quote }}
{{- end }}
- name: NF_EMAIL_FROM_ADDR
value: {{ .Values.notification.plugin_config.email.from_addr | quote }}
{{- end }}
- name: NF_WEBHOOK_TIMEOUT
value: {{ .Values.notification.plugin_config.webhook.timeout | quote }}
{{- if .Values.notification.plugin_config.hipchat.ssl_certs }}
- name: NF_HIPCHAT_SSL_CERTS
value: {{ .Values.notification.plugin_config.hipchat.ssl_certs | quote }}
{{- end }}
- name: NF_HIPCHAT_TIMEOUT
value: {{ .Values.notification.plugin_config.hipchat.timeout | quote }}
{{- if .Values.notification.plugin_config.hipchat.insecure }}
- name: NF_HIPCHAT_INSECURE
value: {{ .Values.notification.plugin_config.hipchat.insecure | quote }}
{{- end }}
{{- if .Values.notification.plugin_config.hipchat.proxy }}
- name: NF_HIPCHAT_PROXY
value: {{ .Values.notification.plugin_config.hipchat.proxy | quote }}
{{- end }}
- name: NF_SLACK_TIMEOUT
value: {{ .Values.notification.plugin_config.slack.timeout | quote }}
{{- if .Values.notification.plugin_config.slack.certs }}
- name: NF_SLACK_CERTS
value: {{ .Values.notification.plugin_config.slack.certs | quote }}
{{- end }}
{{- if .Values.notification.plugin_config.slack.insecure }}
- name: NF_SLACK_INSECURE
value: {{ .Values.notification.plugin_config.slack.insecure | quote }}
{{- end }}
{{- if .Values.notification.plugin_config.slack.proxy }}
- name: NF_SLACK_PROXY
value: {{ .Values.notification.plugin_config.slack.proxy | quote }}
{{- end }}
{{- if .Values.notification.plugin_config.hipchat.template }}
- name: NF_HIPCHAT_TEMPLATE
value: "/hipchat-template.yml.j2"
{{- end }}
{{- if .Values.notification.plugin_config.hipchat.template }}
volumeMounts:
- name: hipchat-template
mountPath: /hipchat-template.yml.j2
subPath: hipchat-template.yml.j2
{{- end }}
{{- if .Values.notification.plugin_config.hipchat.template }}
volumes:
- name: hipchat-template
configMap:
name: "{{ template "notification.fullname" . }}-hipchat-template"
items:
- key: hipchat-template.yml.j2
path: hipchat-template.yml.j2
{{- end }}
{{- end}}

Some files were not shown because too many files have changed in this diff Show More