Copy Monasca charts from monasca-helm repository
As discussed in the team meeting [1] this commit copies the Monasca charts from monasca/monasca-helm repository. The goal is to adapt these charts to OSH standards and patterns, and then move them to openstack-helm and openstack-helm-infra repositories accordingly. [1] http://eavesdrop.openstack.org/meetings/openstack_helm/2019/openstack_helm.2019-02-12-15.01.html Change-Id: I261187de943046b7314ae6ab6b0f997624952d5e
This commit is contained in:
parent
5fa68b90df
commit
d632474b4d
4
Makefile
4
Makefile
|
@ -18,7 +18,9 @@ SHELL := /bin/bash
|
|||
HELM := helm
|
||||
TASK := build
|
||||
|
||||
EXCLUDES := helm-toolkit doc tests tools logs tmp
|
||||
EXCLUDES := helm-toolkit doc tests tools logs tmp influxdb kafka \
|
||||
keystone-init monasca-agent monasca-alarms monasca mysql-users-init storm \
|
||||
zookeeper
|
||||
CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
|
||||
|
||||
.PHONY: $(EXCLUDES) $(CHARTS)
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,14 @@
|
|||
name: influxdb
|
||||
version: 0.6.2-0.0.2
|
||||
description: Scalable datastore for metrics, events, and real-time analytics.
|
||||
keywords:
|
||||
- influxdb
|
||||
- database
|
||||
- timeseries
|
||||
home: https://www.influxdata.com/time-series-platform/influxdb/
|
||||
sources:
|
||||
- https://github.com/influxdata/influxdb
|
||||
maintainers:
|
||||
- name: Jack Zampolin
|
||||
email: jack@influxdb.com
|
||||
engine: gotpl
|
|
@ -0,0 +1,99 @@
|
|||
# InfluxDB
|
||||
|
||||
## An Open-Source Time Series Database
|
||||
|
||||
[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series database built by the folks over at [InfluxData](https://influxdata.com) with no external dependencies. It's useful for recording metrics, events, and performing analytics.
|
||||
|
||||
## QuickStart
|
||||
|
||||
```bash
|
||||
$ helm install stable/influxdb --name foo --namespace bar
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart bootstraps an InfluxDB deployment and service on a Kubernetes cluster using the Helm Package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.4+
|
||||
- PV provisioner support in the underlying infrastructure (optional)
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```bash
|
||||
$ helm install --name my-release stable/influxdb
|
||||
```
|
||||
|
||||
The command deploys InfluxDB on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
|
||||
|
||||
> **Tip**: List all releases using `helm list`
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To uninstall/delete the `my-release` deployment:
|
||||
|
||||
```bash
|
||||
$ helm delete my-release --purge
|
||||
```
|
||||
|
||||
The command removes all the Kubernetes components associated with the chart and deletes the release.
|
||||
|
||||
## Configuration
|
||||
|
||||
The default configuration values for this chart are listed in `values.yaml`.
|
||||
|
||||
The [full image documentation](https://hub.docker.com/_/influxdb/) contains more information about running InfluxDB in docker.
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
|
||||
|
||||
```bash
|
||||
$ helm install --name my-release \
|
||||
--set persistence.enabled=true,persistence.size=200Gi \
|
||||
stable/influxdb
|
||||
```
|
||||
|
||||
The above command enables persistence and changes the size of the requested data volume to 200GB.
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
|
||||
|
||||
```bash
|
||||
$ helm install --name my-release -f values.yaml stable/influxdb
|
||||
```
|
||||
|
||||
> **Tip**: You can use the default [values.yaml](values.yaml)
|
||||
|
||||
### InfluxDB Watcher Configuration
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`watcher.enabled` | InfluxDB watcher enabled flag | `false`
|
||||
`watcher.image.repository` | InfluxDB watcher container image repository | `monasca/influxdb-watcher`
|
||||
`watcher.image.tag` | InfluxDB watcher container image tag | `latest`
|
||||
`watcher.image.pullPolicy` | InfluxDB watcher container image pull policy | `IfNotPresent`
|
||||
`watcher.address` | InfluxDB service address | `http://localhost:8086`
|
||||
`watcher.username` | InfluxDB username with read/write privileges | `influxdb_watcher`
|
||||
`watcher.password` | InfluxDB password | `password`
|
||||
`watcher.database` | InfluxDB database | `mon`
|
||||
`watcher.watcher_period` | InfluxDB watcher period | `600`
|
||||
`watcher.watcher_timeout` | InfluxDB watcher read/write timeout | `60`
|
||||
`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
|
||||
`watcher.port` | InfluxDB watcher port to expose Promethues metrics on | `8080`
|
||||
|
||||
## Persistence
|
||||
|
||||
The [InfluxDB](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb` directory in the container.
|
||||
|
||||
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning.
|
||||
|
||||
## Starting with authentication
|
||||
|
||||
In `values.yaml` change `.Values.config.http.auth_enabled` to `true`.
|
||||
|
||||
Influxdb requires also a user to be set in order for authentication to be enforced. See more details [here](https://docs.influxdata.com/influxdb/v1.2/query_language/authentication_and_authorization/#set-up-authentication).
|
||||
|
||||
To handle this setup on startup, a job can be enabled in `values.yaml` by setting `.Values.setDefaultUser.enabled` to `true`.
|
||||
|
||||
Make sure to uncomment or configure the job settings after enabling it. If a password is not set, a random password will be generated.
|
|
@ -0,0 +1,15 @@
|
|||
InfluxDB can be accessed via port {{ .Values.config.http.bind_address }} on the following DNS name from within your cluster:
|
||||
|
||||
- http://{{ template "influxdb.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.config.http.bind_address }}
|
||||
|
||||
You can easily connect to the remote instance with your local influx cli. To forward the API port to localhost:8086 run the following:
|
||||
|
||||
- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }') 8086:{{ .Values.config.http.bind_address }}
|
||||
|
||||
You can also connect to the influx cli from inside the container. To open a shell session in the InfluxDB pod run the following:
|
||||
|
||||
- kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
|
||||
|
||||
To tail the logs for the InfluxDB pod run the following:
|
||||
|
||||
- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }')
|
|
@ -0,0 +1,16 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "influxdb.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "influxdb.fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,149 @@
|
|||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "influxdb.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
influxdb.conf: |+
|
||||
reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
|
||||
bind-address = ":{{ .Values.config.bind_address }}"
|
||||
|
||||
[meta]
|
||||
dir = "{{ .Values.config.storage_directory }}/meta"
|
||||
retention-autocreate = {{ .Values.config.meta.retention_autocreate }}
|
||||
logging-enabled = {{ .Values.config.meta.logging_enabled }}
|
||||
|
||||
[data]
|
||||
dir = "{{ .Values.config.storage_directory }}/data"
|
||||
wal-dir = "{{ .Values.config.storage_directory }}/wal"
|
||||
index-version = "{{ .Values.config.data.index_version }}"
|
||||
query-log-enabled = {{ .Values.config.data.query_log_enabled }}
|
||||
cache-max-memory-size = {{ .Values.config.data.cache_max_memory_size | int64 }}
|
||||
cache-snapshot-memory-size = {{ .Values.config.data.cache_snapshot_memory_size | int64 }}
|
||||
cache-snapshot-write-cold-duration = "{{ .Values.config.data.cache_snapshot_write_cold_duration }}"
|
||||
compact-full-write-cold-duration = "{{ .Values.config.data.compact_full_write_cold_duration }}"
|
||||
max-series-per-database = {{ .Values.config.data.max_series_per_database | int64 }}
|
||||
max-values-per-tag = {{ .Values.config.data.max_values_per_tag | int64 }}
|
||||
trace-logging-enabled = {{ .Values.config.data.trace_logging_enabled }}
|
||||
|
||||
[coordinator]
|
||||
write-timeout = "{{ .Values.config.coordinator.write_timeout }}"
|
||||
max-concurrent-queries = {{ .Values.config.coordinator.max_concurrent_queries | int64 }}
|
||||
query-timeout = "{{ .Values.config.coordinator.query_timeout }}"
|
||||
log-queries-after = "{{ .Values.config.coordinator.log_queries_after }}"
|
||||
max-select-point = {{ .Values.config.coordinator.max_select_point | int64 }}
|
||||
max-select-series = {{ .Values.config.coordinator.max_select_series | int64 }}
|
||||
max-select-buckets = {{ .Values.config.coordinator.max_select_buckets | int64 }}
|
||||
|
||||
[retention]
|
||||
enabled = {{ .Values.config.retention.enabled }}
|
||||
check-interval = "{{ .Values.config.retention.check_interval }}"
|
||||
|
||||
[shard-precreation]
|
||||
enabled = {{ .Values.config.shard_precreation.enabled }}
|
||||
check-interval = "{{ .Values.config.shard_precreation.check_interval }}"
|
||||
advance-period = "{{ .Values.config.shard_precreation.advance_period }}"
|
||||
|
||||
[admin]
|
||||
enabled = {{ .Values.config.admin.enabled }}
|
||||
bind-address = ":{{ .Values.config.admin.bind_address }}"
|
||||
https-enabled = {{ .Values.config.admin.https_enabled }}
|
||||
https-certificate = "{{ .Values.config.admin.https_certificate }}"
|
||||
|
||||
[monitor]
|
||||
store-enabled = {{ .Values.config.monitor.store_enabled }}
|
||||
store-database = "{{ .Values.config.monitor.store_database }}"
|
||||
store-interval = "{{ .Values.config.monitor.store_interval }}"
|
||||
|
||||
[subscriber]
|
||||
enabled = {{ .Values.config.subscriber.enabled }}
|
||||
http-timeout = "{{ .Values.config.subscriber.http_timeout }}"
|
||||
insecure-skip-verify = {{ .Values.config.subscriber.insecure_skip_verify }}
|
||||
ca-certs = "{{ .Values.config.subscriber.ca_certs }}"
|
||||
write-concurrency = {{ .Values.config.subscriber.write_concurrency | int64 }}
|
||||
write-buffer-size = {{ .Values.config.subscriber.write_buffer_size | int64 }}
|
||||
|
||||
[http]
|
||||
enabled = {{ .Values.config.http.enabled }}
|
||||
bind-address = ":{{ .Values.config.http.bind_address }}"
|
||||
auth-enabled = {{ .Values.config.http.auth_enabled }}
|
||||
log-enabled = {{ .Values.config.http.log_enabled }}
|
||||
write-tracing = {{ .Values.config.http.write_tracing }}
|
||||
pprof-enabled = {{ .Values.config.http.pprof_enabled }}
|
||||
https-enabled = {{ .Values.config.http.https_enabled }}
|
||||
https-certificate = "{{ .Values.config.http.https_certificate }}"
|
||||
https-private-key = "{{ .Values.config.http.https_private_key }}"
|
||||
max-row-limit = {{ .Values.config.http.max_row_limit | int64 }}
|
||||
max-connection-limit = {{ .Values.config.http.max_connection_limit | int64 }}
|
||||
shared-secret = "{{ .Values.config.http.shared_secret }}"
|
||||
realm = "{{ .Values.config.http.realm }}"
|
||||
unix-socket-enabled = {{ .Values.config.http.unix_socket_enabled }}
|
||||
bind-socket = "{{ .Values.config.http.bind_socket }}"
|
||||
|
||||
# TODO: allow multiple graphite listeners with templates
|
||||
|
||||
[[graphite]]
|
||||
enabled = {{ .Values.config.graphite.enabled }}
|
||||
bind-address = ":{{ .Values.config.graphite.bind_address }}"
|
||||
database = "{{ .Values.config.graphite.database }}"
|
||||
retention-policy = "{{ .Values.config.graphite.retention_policy }}"
|
||||
protocol = "{{ .Values.config.graphite.protocol }}"
|
||||
batch-size = {{ .Values.config.graphite.batch_size | int64 }}
|
||||
batch-pending = {{ .Values.config.graphite.batch_pending | int64 }}
|
||||
batch-timeout = "{{ .Values.config.graphite.batch_timeout }}"
|
||||
consistency-level = "{{ .Values.config.graphite.consistency_level }}"
|
||||
separator = "{{ .Values.config.graphite.separator }}"
|
||||
udp-read-buffer = {{ .Values.config.graphite.udp_read_buffer | int64 }}
|
||||
|
||||
# TODO: allow multiple collectd listeners with templates
|
||||
|
||||
[[collectd]]
|
||||
enabled = {{ .Values.config.collectd.enabled }}
|
||||
bind-address = ":{{ .Values.config.collectd.bind_address }}"
|
||||
database = "{{ .Values.config.collectd.database }}"
|
||||
retention-policy = "{{ .Values.config.collectd.retention_policy }}"
|
||||
batch-size = {{ .Values.config.collectd.batch_size | int64 }}
|
||||
batch-pending = {{ .Values.config.collectd.batch_pending | int64 }}
|
||||
batch-timeout = "{{ .Values.config.collectd.batch_timeout }}"
|
||||
read-buffer = {{ .Values.config.collectd.read_buffer | int64 }}
|
||||
typesdb = "{{ .Values.config.collectd.typesdb }}"
|
||||
security-level = "{{ .Values.config.collectd.security_level }}"
|
||||
auth-file = "{{ .Values.config.collectd.auth_file }}"
|
||||
|
||||
# TODO: allow multiple opentsdb listeners with templates
|
||||
|
||||
[[opentsdb]]
|
||||
enabled = {{ .Values.config.opentsdb.enabled }}
|
||||
bind-address = ":{{ .Values.config.opentsdb.bind_address }}"
|
||||
database = "{{ .Values.config.opentsdb.database }}"
|
||||
retention-policy = "{{ .Values.config.opentsdb.retention_policy }}"
|
||||
consistency-level = "{{ .Values.config.opentsdb.consistency_level }}"
|
||||
tls-enabled = {{ .Values.config.opentsdb.tls_enabled }}
|
||||
certificate = "{{ .Values.config.opentsdb.certificate }}"
|
||||
batch-size = {{ .Values.config.opentsdb.batch_size | int64 }}
|
||||
batch-pending = {{ .Values.config.opentsdb.batch_pending | int64 }}
|
||||
batch-timeout = "{{ .Values.config.opentsdb.batch_timeout }}"
|
||||
log-point-errors = {{ .Values.config.opentsdb.log_point_errors }}
|
||||
|
||||
# TODO: allow multiple udp listeners with templates
|
||||
|
||||
[[udp]]
|
||||
enabled = {{ .Values.config.udp.enabled }}
|
||||
bind-address = ":{{ .Values.config.udp.bind_address }}"
|
||||
database = "{{ .Values.config.udp.database }}"
|
||||
retention-policy = "{{ .Values.config.udp.retention_policy }}"
|
||||
batch-size = {{ .Values.config.udp.batch_size | int64 }}
|
||||
batch-pending = {{ .Values.config.udp.batch_pending | int64 }}
|
||||
read-buffer = {{ .Values.config.udp.read_buffer | int64 }}
|
||||
batch-timeout = "{{ .Values.config.udp.batch_timeout }}"
|
||||
precision = "{{ .Values.config.udp.precision }}"
|
||||
|
||||
[continuous_queries]
|
||||
log-enabled = {{ .Values.config.continuous_queries.log_enabled }}
|
||||
enabled = {{ .Values.config.continuous_queries.enabled }}
|
||||
run-interval = "{{ .Values.config.continuous_queries.run_interval }}"
|
|
@ -0,0 +1,127 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "influxdb.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
{{- if .Values.watcher.enabled }}
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/port: "{{ .Values.watcher.port }}"
|
||||
monasca.io/usek8slabels: "false"
|
||||
monasca.io/whitelist: |
|
||||
- influxdb_average_round_trip_time
|
||||
- influxdb_dropped_message_count
|
||||
- influxdb_max_round_trip_time
|
||||
- influxdb_min_round_trip_time
|
||||
- influxdb_read_failure_count
|
||||
- influxdb_running_average_round_trip_time
|
||||
- influxdb_watcher_status
|
||||
- influxdb_write_failure_count
|
||||
- go_memstats_heap_objects
|
||||
- go_memstats_heap_inuse_bytes
|
||||
{{- end }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "influxdb.fullname" . }}
|
||||
image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 10 }}
|
||||
ports:
|
||||
- name: api
|
||||
containerPort: {{ .Values.config.http.bind_address }}
|
||||
{{ if .Values.config.admin.enabled -}}
|
||||
- name: admin
|
||||
containerPort: {{ .Values.config.admin.bind_address }}
|
||||
{{- end }}
|
||||
{{ if .Values.config.graphite.enabled -}}
|
||||
- name: graphite
|
||||
containerPort: {{ .Values.config.graphite.bind_address }}
|
||||
{{- end }}
|
||||
{{ if .Values.config.collectd.enabled -}}
|
||||
- name: collectd
|
||||
containerPort: {{ .Values.config.collectd.bind_address }}
|
||||
{{- end }}
|
||||
{{ if .Values.config.udp.enabled -}}
|
||||
- name: udp
|
||||
containerPort: {{ .Values.config.udp.bind_address }}
|
||||
{{- end }}
|
||||
{{ if .Values.config.opentsdb.enabled -}}
|
||||
- name: opentsdb
|
||||
containerPort: {{ .Values.config.opentsdb.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.watcher.enabled }}
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.watcher.port }}
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: api
|
||||
initialDelaySeconds: {{ .Values.liveness.initial_delay_seconds }}
|
||||
timeoutSeconds: {{ .Values.liveness.timeout_seconds }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /ping
|
||||
port: api
|
||||
initialDelaySeconds: {{ .Values.readiness.initial_delay_seconds }}
|
||||
timeoutSeconds: {{ .Values.readiness.timeout_seconds }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: {{ .Values.config.storage_directory }}
|
||||
- name: config
|
||||
mountPath: /etc/influxdb
|
||||
{{- if .Values.watcher.enabled }}
|
||||
- name: watcher
|
||||
image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.watcher.resources | indent 12 }}
|
||||
env:
|
||||
- name: INFLUXDB_ADDRESS
|
||||
value: {{ .Values.watcher.address | quote }}
|
||||
- name: INFLUXDB_USERNAME
|
||||
value: {{ .Values.watcher.username | quote }}
|
||||
- name: INFLUXDB_PASSWORD
|
||||
value: {{ .Values.watcher.password | quote }}
|
||||
- name: INFLUXDB_DATABASE
|
||||
value: {{ .Values.watcher.database | quote }}
|
||||
- name: PROMETHEUS_ENDPOINT
|
||||
value: "0.0.0.0:{{ .Values.watcher.port }}"
|
||||
- name: WATCHER_PERIOD
|
||||
value: {{ .Values.watcher.watcher_period | quote }}
|
||||
- name: WATCHER_TIMEOUT
|
||||
value: {{ .Values.watcher.watcher_timeout | quote }}
|
||||
- name: STAY_ALIVE_ON_FAILURE
|
||||
value: {{ .Values.watcher.stay_alive_on_failure | quote }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: data
|
||||
{{- if .Values.persistence.enabled }}
|
||||
{{- if not (empty .Values.persistence.name) }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.name }}
|
||||
{{- else }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ template "influxdb.fullname" . }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ template "influxdb.fullname" . }}
|
||||
{{- if .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.nodeSelector | indent 8 }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,43 @@
|
|||
{{- if .Values.setDefaultUser.enabled -}}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
name: {{ template "influxdb.fullname" . }}-set-auth
|
||||
annotations:
|
||||
"helm.sh/hook": post-install
|
||||
spec:
|
||||
activeDeadlineSeconds: {{ .Values.setDefaultUser.activeDeadlineSeconds }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
release: "{{ .Release.Name }}"
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "influxdb.fullname" . }}-set-auth
|
||||
image: "{{ .Values.setDefaultUser.image }}"
|
||||
env:
|
||||
- name: INFLUXDB_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "influxdb.fullname" . }}-auth
|
||||
key: influxdb-user
|
||||
- name: INFLUXDB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "influxdb.fullname" . }}-auth
|
||||
key: influxdb-password
|
||||
args:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
- |
|
||||
curl -X POST http://{{ template "influxdb.fullname" . }}:{{ .Values.config.http.bind_address }}/query \
|
||||
--data-urlencode \
|
||||
"q=CREATE USER \"${INFLUXDB_USER}\" WITH PASSWORD '${INFLUXDB_PASSWORD}' {{ .Values.setDefaultUser.user.privileges }}"
|
||||
restartPolicy: {{ .Values.setDefaultUser.restartPolicy }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,24 @@
|
|||
{{- if and (.Values.persistence.enabled) (not .Values.persistence.useExisting) }}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
|
||||
labels:
|
||||
app: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- if .Values.persistence.storageClass }}
|
||||
{{- if (eq "-" .Values.persistence.storageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.persistence.storageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,18 @@
|
|||
{{- if .Values.setDefaultUser.enabled -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "influxdb.fullname" . }}-auth
|
||||
data:
|
||||
{{- if .Values.setDefaultUser.user.password }}
|
||||
influxdb-password: {{ .Values.setDefaultUser.user.password | b64enc | quote }}
|
||||
{{- else }}
|
||||
influxdb-password: {{ randAscii 10 | b64enc | quote }}
|
||||
{{- end }}
|
||||
influxdb-user: {{ .Values.setDefaultUser.user.username | b64enc | quote }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,48 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if .Values.service.annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.service.annotations | indent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "influxdb.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "influxdb.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
{{- if .Values.config.http.enabled }}
|
||||
- name: api
|
||||
port: {{ .Values.config.http.bind_address }}
|
||||
targetPort: {{ .Values.config.http.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.config.admin.enabled }}
|
||||
- name: admin
|
||||
port: {{ .Values.config.admin.bind_address }}
|
||||
targetPort: {{ .Values.config.admin.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.config.graphite.enabled }}
|
||||
- name: graphite
|
||||
port: {{ .Values.config.graphite.bind_address }}
|
||||
targetPort: {{ .Values.config.graphite.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.config.collectd.enabled }}
|
||||
- name: collectd
|
||||
port: {{ .Values.config.collectd.bind_address }}
|
||||
targetPort: {{ .Values.config.collectd.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.config.udp.enabled }}
|
||||
- name: udp
|
||||
port: {{ .Values.config.udp.bind_address }}
|
||||
targetPort: {{ .Values.config.udp.bind_address }}
|
||||
{{- end }}
|
||||
{{- if .Values.config.opentsdb.enabled }}
|
||||
- name: opentsdb
|
||||
port: {{ .Values.config.opentsdb.bind_address }}
|
||||
targetPort: {{ .Values.config.opentsdb.bind_address }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "influxdb.fullname" . }}
|
|
@ -0,0 +1,231 @@
|
|||
## influxdb image version
|
||||
## ref: https://hub.docker.com/r/library/influxdb/tags/
|
||||
image:
|
||||
repo: "influxdb"
|
||||
tag: "1.3-alpine"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
## Specify a service type
|
||||
## NodePort is default
|
||||
## ref: http://kubernetes.io/docs/user-guide/services/
|
||||
##
|
||||
service:
|
||||
## Add annotations to service
|
||||
# annotations: {}
|
||||
type: ClusterIP
|
||||
|
||||
## Persist data to a persistent volume
|
||||
##
|
||||
persistence:
|
||||
enabled: false
|
||||
## If true will use an existing PVC instead of creating one
|
||||
# useExisting: false
|
||||
## Name of existing PVC to be used in the influx deployment
|
||||
# name:
|
||||
## influxdb data Persistent Volume Storage Class
|
||||
## If defined, storageClassName: <storageClass>
|
||||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||||
## If undefined (the default) or set to null, no storageClassName spec is
|
||||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
||||
## GKE, AWS & OpenStack)
|
||||
##
|
||||
# storageClass: "-"
|
||||
accessMode: ReadWriteOnce
|
||||
size: 8Gi
|
||||
|
||||
## Create default user through Kubernetes job
|
||||
## Defaults indicated below
|
||||
##
|
||||
setDefaultUser:
|
||||
enabled: false
|
||||
|
||||
## Image of the container used for job
|
||||
## Default: appropriate/curl:latest
|
||||
##
|
||||
image: appropriate/curl:latest
|
||||
|
||||
## Deadline for job so it does not retry forever.
|
||||
## Default: activeDeadline: 300
|
||||
##
|
||||
activeDeadline: 300
|
||||
|
||||
## Restart policy for job
|
||||
## Default: OnFailure
|
||||
restartPolicy: OnFailure
|
||||
|
||||
user:
|
||||
|
||||
## The user name
|
||||
## Default: "admin"
|
||||
username: "admin"
|
||||
|
||||
## User password
|
||||
## Default: (Randomly generated 10 characters of Ascii)
|
||||
# password:
|
||||
|
||||
## User privileges
|
||||
## Default: "WITH ALL PRIVILEGES"
|
||||
privileges: "WITH ALL PRIVILEGES"
|
||||
|
||||
## Configure resource requests and limits
|
||||
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
||||
resources:
|
||||
requests:
|
||||
memory: 256Mi
|
||||
cpu: 0.1
|
||||
limits:
|
||||
memory: 16Gi
|
||||
cpu: 8
|
||||
|
||||
## Node labels for pod assignment
|
||||
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
|
||||
##
|
||||
nodeSelector: {}
|
||||
|
||||
## Liveness and Readiness check settings
|
||||
liveness:
|
||||
initial_delay_seconds: 30
|
||||
timeout_seconds: 5
|
||||
readiness:
|
||||
initial_delay_seconds: 30
|
||||
timeout_seconds: 1
|
||||
|
||||
## Change InfluxDB configuration paramaters below:
|
||||
## Defaults are indicated
|
||||
## ref: https://docs.influxdata.com/influxdb/v1.1/administration/config/
|
||||
config:
|
||||
reporting_disabled: false
|
||||
bind_address: 8088
|
||||
storage_directory: /var/lib/influxdb
|
||||
meta:
|
||||
retention_autocreate: true
|
||||
logging_enabled: true
|
||||
data:
|
||||
query_log_enabled: true
|
||||
index_version: inmem
|
||||
cache_max_memory_size: 1073741824
|
||||
cache_snapshot_memory_size: 26214400
|
||||
cache_snapshot_write_cold_duration: 10m0s
|
||||
compact_full_write_cold_duration: 4h0m0s
|
||||
max_series_per_database: 1000000
|
||||
max_values_per_tag: 100000
|
||||
trace_logging_enabled: false
|
||||
coordinator:
|
||||
write_timeout: 10s
|
||||
max_concurrent_queries: 0
|
||||
query_timeout: 0s
|
||||
log_queries_after: 0s
|
||||
max_select_point: 0
|
||||
max_select_series: 0
|
||||
max_select_buckets: 0
|
||||
retention:
|
||||
enabled: true
|
||||
check_interval: 30m0s
|
||||
shard_precreation:
|
||||
enabled: true
|
||||
check_interval: 10m0s
|
||||
advance_period: 30m0s
|
||||
admin:
|
||||
enabled: false
|
||||
bind_address: 8083
|
||||
https_enabled: false
|
||||
https_certificate: /etc/ssl/influxdb.pem
|
||||
monitor:
|
||||
store_enabled: true
|
||||
store_database: _internal
|
||||
store_interval: 10s
|
||||
subscriber:
|
||||
enabled: true
|
||||
http_timeout: 30s
|
||||
insecure_skip_verify: false
|
||||
ca_certs: ""
|
||||
write_concurrency: 40
|
||||
write_buffer_size: 1000
|
||||
http:
|
||||
enabled: true
|
||||
bind_address: 8086
|
||||
auth_enabled: false
|
||||
log_enabled: true
|
||||
write_tracing: false
|
||||
pprof_enabled: true
|
||||
https_enabled: false
|
||||
https_certificate: /etc/ssl/influxdb.pem
|
||||
https_private_key: ""
|
||||
max_row_limit: 10000
|
||||
max_connection_limit: 0
|
||||
shared_secret: "beetlejuicebeetlejuicebeetlejuice"
|
||||
realm: InfluxDB
|
||||
unix_socket_enabled: false
|
||||
bind_socket: /var/run/influxdb.sock
|
||||
graphite:
|
||||
enabled: false
|
||||
bind_address: 2003
|
||||
database: graphite
|
||||
retention_policy: autogen
|
||||
protocol: tcp
|
||||
batch_size: 5000
|
||||
batch_pending: 10
|
||||
batch_timeout: 1s
|
||||
consistency_level: one
|
||||
separator: .
|
||||
udp_read_buffer: 0
|
||||
collectd:
|
||||
enabled: false
|
||||
bind_address: 25826
|
||||
database: collectd
|
||||
retention_policy: autogen
|
||||
batch_size: 5000
|
||||
batch_pending: 10
|
||||
batch_timeout: 10s
|
||||
read_buffer: 0
|
||||
typesdb: /usr/share/collectd/types.db
|
||||
security_level: none
|
||||
auth_file: /etc/collectd/auth_file
|
||||
opentsdb:
|
||||
enabled: false
|
||||
bind_address: 4242
|
||||
database: opentsdb
|
||||
retention_policy: autogen
|
||||
consistency_level: one
|
||||
tls_enabled: false
|
||||
certificate: /etc/ssl/influxdb.pem
|
||||
batch_size: 1000
|
||||
batch_pending: 5
|
||||
batch_timeout: 1s
|
||||
log_point_errors: true
|
||||
udp:
|
||||
enabled: false
|
||||
bind_address: 8089
|
||||
database: udp
|
||||
retention_policy: autogen
|
||||
batch_size: 5000
|
||||
batch_pending: 10
|
||||
read_buffer: 0
|
||||
batch_timeout: 1s
|
||||
precision: "ns"
|
||||
continuous_queries:
|
||||
log_enabled: true
|
||||
enabled: true
|
||||
run_interval: 1s
|
||||
|
||||
watcher:
|
||||
enabled: false
|
||||
image:
|
||||
repository: monasca/influxdb-watcher
|
||||
tag: 0.0.2
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: 32Mi
|
||||
cpu: 25m
|
||||
limits:
|
||||
memory: 64Mi
|
||||
cpu: 50m
|
||||
port: 8080
|
||||
address: http://localhost:8086
|
||||
username: influxdb_watcher
|
||||
password: password
|
||||
database: mon
|
||||
watcher_period: 600
|
||||
watcher_timeout: 60
|
||||
stay_alive_on_failure: false
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
description: A Helm chart for Kafka
|
||||
name: kafka
|
||||
version: 0.4.3
|
|
@ -0,0 +1,36 @@
|
|||
### Kafka Configuration parameters
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`image.repository` | Kafka container image repository | `monasca/kafka`
|
||||
`image.tag` | Kafka container image tag | `0.9.0.1-2.11-1.1.4`
|
||||
`image.pullPolicy` | Kafka container image pull policy | `IfNotPresent`
|
||||
`resources.requests.memory` | Memory request per kafka pod | `1Gi`
|
||||
`resources.requests.cpu` | CPU request per kafka pod | `250m`
|
||||
`resources.limits.memory` | Memory limit per kafka pod | `2Gi`
|
||||
`resources.limits.cpu` | Memory limit per kafka pod | `2000m`
|
||||
`persistence.storageClass` | Kafka storage class | `default`
|
||||
`persistence.enabled` | Kafka persistent storage enabled flag | `false`
|
||||
`persistence.accessMode` | Kafka persistent storage accessMode | `ReadWriteOnce`
|
||||
`persistence.size` | Kafka persistent storage size | `10Gi`
|
||||
`topic_config` | Default config args for created topics | `segment.ms=900000`
|
||||
`service.port` | Kafka service port | `9092`
|
||||
`service.type` | Kafka service type | `ClusterIP`
|
||||
`exporter.enabled` | Kafka exporter enabled flag | `false`
|
||||
`exporter.image.repository` | Kafka exporter container image repository | `rbrndt/kafka-prometheus`
|
||||
`exporter.image.tag` | Kafka exporter container image tag | `latest`
|
||||
`exporter.image.pullPolicy` | Kafka exporter container image pull policy | `IfNotPresent`
|
||||
`exporter.port` | Kafka exporter port to expose Promethues metrics on | `7204`
|
||||
`stack_size` | JVM stack size | `1024k`
|
||||
`memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
|
||||
`stay_alive_on_failure` | If `true`, container stays alive for 2 hours after kafka exits | `false`
|
||||
`watcher.enabled` | Kafka watcher enabled flag | `false`
|
||||
`watcher.image.repository` | Kafka watcher container image repository | `monasca/kafka-watcher`
|
||||
`watcher.image.tag` | Kafka watcher container image tag | `latest`
|
||||
`watcher.image.pullPolicy` | Kafka watcher container image pull policy | `IfNotPresent`
|
||||
`watcher.health_check_topic` | Kafka watcher health check topic | `kafka-health-check`
|
||||
`watcher.group_id` | Kafka watcher consumer group id | `kafka_watcher`
|
||||
`watcher.watcher_period` | Kafka watcher period | `600`
|
||||
`watcher.watcher_timeout` | Kafka watcher read/write timeout | `60`
|
||||
`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
|
||||
`watcher.port` | Kafka watcher port to expose Promethues metrics on | `8080`
|
|
@ -0,0 +1,25 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified cleanup name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "kafka.cleanup.fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s-%s" .Release.Name $name "cleanup" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
# while not recommended, we add a random sequence to the end of the job name
|
||||
# this job will attempt to delete itself when finished, but should it fail for
|
||||
# some reason we don't want future upgrades to fail because of a name conflict
|
||||
# (plus the future runs of this job will delete any previous iterations that
|
||||
# failed to clean themselves up)
|
||||
name: "{{ template "kafka.cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
annotations:
|
||||
"helm.sh/hook": pre-upgrade,post-delete
|
||||
"helm.sh/hook-weight": "-5"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
|
||||
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.cleanup.resources | indent 12 }}
|
||||
env:
|
||||
- name: "WAIT_RETRIES"
|
||||
value: "{{ .Values.cleanup.wait.retries }}"
|
||||
- name: "WAIT_DELAY"
|
||||
value: "{{ .Values.cleanup.wait.delay }}"
|
||||
- name: "WAIT_TIMEOUT"
|
||||
value: "{{ .Values.cleanup.wait.timeout }}"
|
||||
{{- if .Values.cleanup.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "kafka.cleanup.fullname" . }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "kafka.cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["get", "list", "delete", "patch"]
|
||||
- apiGroups: ["batch"]
|
||||
resources: ["jobs"]
|
||||
verbs: ["get", "list", "delete"]
|
||||
{{- end }}
|
|
@ -0,0 +1,26 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "kafka.cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "kafka.cleanup.fullname" . }}
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "kafka.cleanup.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "kafka.cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,124 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
component: kafka
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
{{- if .Values.watcher.enabled }}
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/port: "{{ .Values.watcher.port }}"
|
||||
monasca.io/usek8slabels: "false"
|
||||
monasca.io/whitelist: |
|
||||
- kafka_dropped_message_count
|
||||
- kafka_max_round_trip_time
|
||||
- kafka_min_round_trip_time
|
||||
- kafka_read_failure_count
|
||||
- kafka_watcher_status
|
||||
- kafka_write_failure_count
|
||||
- go_memstats_heap_objects
|
||||
- go_memstats_heap_inuse_bytes
|
||||
{{- end }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 12 }}
|
||||
ports:
|
||||
- name: kafka
|
||||
containerPort: 9092
|
||||
volumeMounts:
|
||||
- name: kafka
|
||||
mountPath: /data
|
||||
env:
|
||||
- name: KAFKA_DELETE_TOPIC_ENABLE
|
||||
value: "true"
|
||||
- name: KAFKA_AUTO_CREATE_TOPICS
|
||||
value: "false"
|
||||
- name: KAFKA_JMX
|
||||
value: "true"
|
||||
- name: JVM_MAX_RATIO
|
||||
value: {{ .Values.memory_ratio | quote }}
|
||||
- name: KAFKA_STACK_SIZE
|
||||
value: {{ .Values.stack_size | quote }}
|
||||
- name: ZOOKEEPER_CONNECTION_STRING
|
||||
{{- if .Values.zookeeper.overrideUri }}
|
||||
value: "{{ .Values.zookeeper.overrideUri }}"
|
||||
{{- else }}
|
||||
value: {{ .Release.Name }}-zookeeper:2181
|
||||
{{- end }}
|
||||
- name: STAY_ALIVE_ON_FAILURE
|
||||
value: {{ .Values.stay_alive_on_failure | quote }}
|
||||
{{- if .Values.exporter.enabled }}
|
||||
- name: {{ .Chart.Name }}-exporter
|
||||
image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.exporter.image.pullPolicy }}
|
||||
ports:
|
||||
- name: exporter
|
||||
containerPort: {{ .Values.exporter.port }}
|
||||
volumeMounts:
|
||||
- name: kafka-exporter
|
||||
mountPath: /prometheus-config
|
||||
{{- end }}
|
||||
{{- if .Values.watcher.enabled }}
|
||||
- name: watcher
|
||||
image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.watcher.resources | indent 12 }}
|
||||
env:
|
||||
- name: HEALTH_CHECK_TOPIC
|
||||
value: {{ .Values.watcher.health_check_topic | quote }}
|
||||
- name: BOOT_STRAP_SERVERS
|
||||
value: "localhost:9092"
|
||||
- name: GROUP_ID
|
||||
value: {{ .Values.watcher.group_id | quote }}
|
||||
- name: PROMETHEUS_ENDPOINT
|
||||
value: "0.0.0.0:{{ .Values.watcher.port }}"
|
||||
- name: WATCHER_PERIOD
|
||||
value: {{ .Values.watcher.watcher_period | quote }}
|
||||
- name: WATCHER_TIMEOUT
|
||||
value: {{ .Values.watcher.watcher_timeout | quote }}
|
||||
- name: STAY_ALIVE_ON_FAILURE
|
||||
value: {{ .Values.watcher.stay_alive_on_failure | quote }}
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.watcher.port }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: kafka
|
||||
{{- if .Values.persistence.enabled }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ template "fullname" . }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end -}}
|
||||
{{- if .Values.exporter.enabled }}
|
||||
- name: kafka-exporter
|
||||
configMap:
|
||||
name: {{ template "fullname" . }}-exporter
|
||||
{{- end }}
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 1
|
||||
podAffinityTerm:
|
||||
labelSelector:
|
||||
matchExpressions:
|
||||
- key: app
|
||||
operator: In
|
||||
values:
|
||||
- "{{ .Release.Name }}-influxdb"
|
||||
topologyKey: "kubernetes.io/hostname"
|
|
@ -0,0 +1,50 @@
|
|||
{{- if .Values.exporter.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-exporter
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
kafka-config.yml: |
|
||||
---
|
||||
jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:7203/jmxrmi
|
||||
|
||||
lowercaseOutputName: true
|
||||
rules:
|
||||
- pattern: '"kafka.controller"<type="(KafkaController)", name="(OfflinePartitionsCount|ActiveControllerCount)"><>(Value)'
|
||||
name: kafka_controller_$1_$2
|
||||
- pattern: '"kafka.server"<type="(ReplicaManager)", name="(UnderReplicatedPartitions)"><>(Value)'
|
||||
name: kafka_server_$1_$2
|
||||
# This metric doesn't appear to be available in 0.8.1.1
|
||||
#- pattern: '"kafka.server"<type="(KafkaServer)", name="(BrokerState)"><>(Value)'
|
||||
# name: kafka_server_$2
|
||||
- pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="AllTopics(Bytes|Messages)(In|Out)PerSec"><>(Count)'
|
||||
name: kafka_server_$1_$2_$3_total
|
||||
labels:
|
||||
topic: all_topics
|
||||
- pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="(.+)-(Bytes|Messages)(In|Out)PerSec"><>(Count)'
|
||||
name: kafka_server_$1_$3_$4_total
|
||||
labels:
|
||||
topic: $2
|
||||
- pattern: '"kafka.network"<type="(RequestMetrics)", name="Fetch-(Consumer|Follower)-TotalTimeMs"><>(Count)'
|
||||
name: kafka_network_$1_fetch_$2_total_ms
|
||||
- pattern: '"kafka.network"<type="(RequestMetrics)", name="Produce-(Local|Remote|Total|ResponseQueue)TimeMs"><>(Count)'
|
||||
name: kafka_network_$1_produce_$2_ms
|
||||
# These metric doesn't appear to be available in 0.8.1.1
|
||||
#- pattern: '"kafka.server"<type="(KafkaRequestHandlerPool)", name="(RequestHandlerAvgIdlePercent)"><>(Count)'
|
||||
# name: kafka_server_$1_$2
|
||||
#- pattern: "kafka.network"<type="(SocketServer)", name="(NetworkProcessorAvgIdlePercent)"><>(Value)'
|
||||
# name: kafa_network_$1_$2
|
||||
- pattern: '"kafka.controller"<type="(ControllerStats)", name="(UncleanLeaderElectionsPerSec|LeaderElectionRateAndTimeMs)"><>(Count)'
|
||||
name: kafka_controller_$1_$2
|
||||
- pattern: '"kafka.server"<type="(ReplicaFetcherManager)", name="(Replica)-(MaxLag)"><>(Value)'
|
||||
name: kafka_server_$1_$3
|
||||
labels:
|
||||
topic: $2
|
||||
- pattern: '"kafka.server"<type="(ReplicaManager)", name="Isr(Expands|Shrinks)PerSec"><>(Count)'
|
||||
name: kafka_server_$1_isr_$2_per_sec
|
||||
{{- end }}
|
|
@ -0,0 +1,49 @@
|
|||
{{- if .Values.init.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-init-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "kafka-init-job"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: kafka-init-job
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: kafka-init-job
|
||||
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.init.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.init.resources | indent 12 }}
|
||||
env:
|
||||
- name: KAFKA_HOST
|
||||
value: "{{ template "fullname" . }}:9092"
|
||||
- name: ZOOKEEPER_CONNECTION_STRING
|
||||
{{- if .Values.zookeeper.overrideUri }}
|
||||
value: "{{ .Values.zookeeper.overrideUri }}"
|
||||
{{- else }}
|
||||
value: {{ .Release.Name }}-zookeeper:2181
|
||||
{{- end }}
|
||||
- name: KAFKA_DELETE_TOPIC_ENABLE
|
||||
value: "true"
|
||||
- name: KAFKA_AUTO_CREATE_TOPICS
|
||||
value: "false"
|
||||
- name: JVM_MAX_HEAP_RATIO
|
||||
value: {{ .Values.heap_ratio | quote }}
|
||||
- name: KAFKA_STACK_SIZE
|
||||
value: {{ .Values.stack_size | quote }}
|
||||
{{- if .Values.init.topicConfig }}
|
||||
- name: KAFKA_TOPIC_CONFIG
|
||||
value: {{ .Values.init.topicConfig | quote }}
|
||||
{{- end }}
|
||||
- name: KAFKA_CREATE_TOPICS
|
||||
value: {{ .Values.init.topics | join "," | quote }}
|
||||
{{- end }}
|
|
@ -0,0 +1,18 @@
|
|||
{{- if .Values.persistence.enabled }}
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "fullname" . }}
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode | quote }}
|
||||
storageClassName: {{ .Values.persistence.storageClass | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.size | quote }}
|
||||
{{- end }}
|
|
@ -0,0 +1,19 @@
|
|||
{{- if .Values.static_service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ .Values.static_service.name }}
|
||||
spec:
|
||||
type: {{ .Values.static_service.type }}
|
||||
ports:
|
||||
- name: kafka
|
||||
port: {{ .Values.static_service.port }}
|
||||
targetPort: kafka
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
{{- end }}
|
|
@ -0,0 +1,17 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "fullname" . }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
- name: kafka
|
||||
port: {{ .Values.service.port }}
|
||||
targetPort: kafka
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
|
@ -0,0 +1,93 @@
|
|||
exporter:
|
||||
enabled: false
|
||||
image:
|
||||
repository: rbrndt/kafka-prometheus
|
||||
tag: latest
|
||||
pullPolicy: IfNotPresent
|
||||
port: 7204
|
||||
watcher:
|
||||
enabled: false
|
||||
image:
|
||||
repository: monasca/kafka-watcher
|
||||
tag: 0.0.4
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: 32Mi
|
||||
cpu: 25m
|
||||
limits:
|
||||
memory: 64Mi
|
||||
cpu: 50m
|
||||
port: 8080
|
||||
health_check_topic: kafka-health-check
|
||||
group_id: kafka_watcher
|
||||
watcher_period: 600
|
||||
watcher_timeout: 60
|
||||
stay_alive_on_failure: false
|
||||
image:
|
||||
repository: monasca/kafka
|
||||
tag: 0.9.0.1-2.11-1.1.6
|
||||
pullPolicy: IfNotPresent
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 9092
|
||||
resources:
|
||||
requests:
|
||||
memory: 1Gi
|
||||
cpu: 250m
|
||||
limits:
|
||||
memory: 2Gi
|
||||
cpu: 2000m
|
||||
persistence:
|
||||
storageClass: default
|
||||
enabled: false
|
||||
accessMode: ReadWriteOnce
|
||||
size: 10Gi
|
||||
memory_ratio: .85
|
||||
stack_size: 1024k
|
||||
stay_alive_on_failure: false
|
||||
init:
|
||||
enabled: true
|
||||
image:
|
||||
repository: monasca/kafka-init
|
||||
tag: 0.0.3
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
cpu: 200m
|
||||
limits:
|
||||
memory: 256Mi
|
||||
cpu: 250m
|
||||
topicConfig: ''
|
||||
topics: []
|
||||
static_service:
|
||||
enabled: false
|
||||
type: ClusterIP
|
||||
name: kafka
|
||||
port: 9092
|
||||
|
||||
zookeeper:
|
||||
overrideUri: ''
|
||||
|
||||
cleanup:
|
||||
name: cleanup
|
||||
serviceAccount: ''
|
||||
image:
|
||||
repository: monasca/job-cleanup
|
||||
tag: 1.2.1
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: 64Mi
|
||||
cpu: 50m
|
||||
limits:
|
||||
memory: 128Mi
|
||||
cpu: 100m
|
||||
wait:
|
||||
retries: "24"
|
||||
delay: "5.0"
|
||||
timeout: "10"
|
||||
|
||||
rbac:
|
||||
create: false
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
description: Chart to initialize users in Keystone
|
||||
name: keystone-init
|
||||
version: 0.4.0
|
|
@ -0,0 +1,24 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified cleanup name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "cleanup.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,150 @@
|
|||
{{- /*
|
||||
Read a single optional secret or string from values into an `env` `value:` or
|
||||
`valueFrom:`, depending on the user-defined content of the value.
|
||||
|
||||
Example:
|
||||
- name: OS_AUTH_URL
|
||||
{{ template "keystone_init_secret_env" .Values.auth.url }}
|
||||
|
||||
Note that unlike keystone_init_keystone_env, secret_key can not have any default
|
||||
values.
|
||||
|
||||
Make sure to change the name of this template when copying to keep it unique,
|
||||
e.g. chart_name_secret_env.
|
||||
*/}}
|
||||
{{- define "keystone_init_secret_env" -}}
|
||||
{{- if eq (kindOf .) "map" -}}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .secret_name }}"
|
||||
key: "{{ .secret_key }}"
|
||||
{{- else -}}
|
||||
value: "{{ . }}"
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- /*
|
||||
Generate a list of environment vars for Keystone Auth
|
||||
|
||||
Example:
|
||||
env:
|
||||
{{ include "keystone_init_keystone_env" .Values.my_pod.auth | indent 4 }}
|
||||
|
||||
(indent level should be adjusted as necessary)
|
||||
|
||||
Make sure to change the name of this template when copying to keep it unique,
|
||||
e.g. chart_name_keystone_env.
|
||||
|
||||
Note that keystone_init_secret_env is not used here because we want to provide
|
||||
default key names.
|
||||
*/}}
|
||||
{{- define "keystone_init_keystone_env" -}}
|
||||
- name: OS_AUTH_URL
|
||||
{{- if eq (kindOf .url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .url.secret_name }}"
|
||||
key: "{{ .url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .url }}"
|
||||
{{- end }}
|
||||
{{- if .admin_url }}
|
||||
- name: OS_ADMIN_URL
|
||||
{{- if eq (kindOf .admin_url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .admin_url.secret_name }}"
|
||||
key: "{{ .admin_url.secret_key | default "OS_ADMIN_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .admin_url }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .api_version }}
|
||||
- name: OS_IDENTITY_API_VERSION
|
||||
value: "{{ .api_version }}"
|
||||
{{- end }}
|
||||
- name: OS_USERNAME
|
||||
{{- if eq (kindOf .username) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .username.secret_name }}"
|
||||
key: "{{ .username.secret_key | default "OS_USERNAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .username }}"
|
||||
{{- end }}
|
||||
- name: OS_PASSWORD
|
||||
{{- if eq (kindOf .password) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .password.secret_name }}"
|
||||
key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
|
||||
{{- else }}
|
||||
value: "{{ .password }}"
|
||||
{{- end }}
|
||||
{{- if .user_domain_name }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
{{- if eq (kindOf .user_domain_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .user_domain_name.secret_name }}"
|
||||
key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .user_domain_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .project_name }}
|
||||
- name: OS_PROJECT_NAME
|
||||
{{- if eq (kindOf .project_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .project_name.secret_name }}"
|
||||
key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .project_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .project_domain_name }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
{{- if eq (kindOf .project_domain_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .project_domain_name.secret_name }}"
|
||||
key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .project_domain_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .tenant_name }}
|
||||
- name: OS_TENANT_NAME
|
||||
{{- if eq (kindOf .tenant_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .tenant_name.secret_name }}"
|
||||
key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .tenant_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .tenant_id }}
|
||||
- name: OS_TENANT_ID
|
||||
{{- if eq (kindOf .tenant_id) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .tenant_id.secret_name }}"
|
||||
key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
|
||||
{{- else }}
|
||||
value: "{{ .tenant_id }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .region_name }}
|
||||
- name: OS_REGION_NAME
|
||||
{{- if eq (kindOf .region_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .region_name.secret_name }}"
|
||||
key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .region_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
# while not recommended, we add a random sequence to the end of the job name
|
||||
# this job will attempt to delete itself when finished, but should it fail for
|
||||
# some reason we don't want future upgrades to fail because of a name conflict
|
||||
# (plus the future runs of this job will delete any previous iterations that
|
||||
# failed to clean themselves up)
|
||||
name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
annotations:
|
||||
"helm.sh/hook": pre-upgrade,post-delete
|
||||
"helm.sh/hook-weight": "-5"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
|
||||
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.cleanup.resources | indent 12 }}
|
||||
env:
|
||||
- name: "WAIT_RETRIES"
|
||||
value: "{{ .Values.cleanup.wait.retries }}"
|
||||
- name: "WAIT_DELAY"
|
||||
value: "{{ .Values.cleanup.wait.delay }}"
|
||||
- name: "WAIT_TIMEOUT"
|
||||
value: "{{ .Values.cleanup.wait.timeout }}"
|
||||
{{- if .Values.cleanup.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "cleanup.fullname" . }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["get", "list", "delete", "patch"]
|
||||
- apiGroups: ["batch"]
|
||||
resources: ["jobs"]
|
||||
verbs: ["get", "list", "delete"]
|
||||
{{- end }}
|
|
@ -0,0 +1,26 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,51 @@
|
|||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.keystone_init.name }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
{{- if .Values.keystone_init.deadline }}
|
||||
activeDeadlineSeconds: {{ .Values.keystone_init.deadline }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.keystone_init.name }}"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
volumes:
|
||||
- name: preload-config
|
||||
configMap:
|
||||
name: "{{ template "fullname" . }}-preload"
|
||||
containers:
|
||||
- name: {{ template "fullname" . }}-job
|
||||
image: "{{ .Values.keystone_init.image.repository }}:{{ .Values.keystone_init.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.keystone_init.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.keystone_init.resources | indent 12 }}
|
||||
env:
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.keystone_init.log_level }}
|
||||
- name: KEYSTONE_TIMEOUT
|
||||
value: "{{ .Values.keystone_init.timeout }}"
|
||||
- name: KEYSTONE_VERIFY
|
||||
value: "{{ .Values.keystone_init.verify }}"
|
||||
- name: KEYSTONE_CERT
|
||||
value: "{{ .Values.keystone_init.cert }}"
|
||||
{{ include "keystone_init_keystone_env" .Values.keystone_init.auth | indent 12 }}
|
||||
- name: PRELOAD_PATH
|
||||
value: "/config/preload.yml"
|
||||
volumeMounts:
|
||||
- name: preload-config
|
||||
mountPath: /config
|
||||
{{- if .Values.keystone_init.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.keystone_init.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "fullname" . }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: "{{ template "fullname" . }}-preload"
|
||||
labels:
|
||||
app: "{{ template "fullname" . }}"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
preload.yml: |
|
||||
{{ toYaml .Values.keystone_init.preload | indent 4 }}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.keystone_init.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["secrets"]
|
||||
verbs: ["get", "create", "update"]
|
||||
- apiGroups: [""]
|
||||
resources: ["namespaces"]
|
||||
verbs: ["get", "create"]
|
||||
{{- end }}
|
|
@ -0,0 +1,26 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.keystone_init.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "fullname" . }}
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.keystone_init.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,109 @@
|
|||
# Default values for keystone-init.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
keystone_init:
|
||||
name: keystone-init
|
||||
|
||||
# an optional preexisting serviceAccount to use
|
||||
# to create a service account with the deployment,
|
||||
# deploy with rbac.create=true
|
||||
serviceAccount: ''
|
||||
|
||||
image:
|
||||
repository: monasca/keystone-init
|
||||
tag: 1.3.0
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# general options for the init job
|
||||
log_level: INFO # python logging level
|
||||
timeout: "10" # timeout in seconds
|
||||
verify: "true" # if "true", verify SSL
|
||||
cert: '' # cert to override if desired (must be mounted as configmap)
|
||||
|
||||
# keystone authentication for this component
|
||||
# note that these options allow the init container to connect to keystone and
|
||||
# the referenced account must already exist
|
||||
# each parameter may either be specified directly as a string OR reference a
|
||||
# secret
|
||||
# example:
|
||||
# # plaintext (will be stored in Helm's ConfigMap)
|
||||
# password: 'some-plaintext-password'
|
||||
#
|
||||
# # secret ref
|
||||
# password:
|
||||
# secret_name: some-secret-name
|
||||
# # key is optional, will default to `OS_`-style variables
|
||||
# secret_key: some-key
|
||||
auth:
|
||||
url: 'http://keystone:5000'
|
||||
username: "admin"
|
||||
password: "s3cr3t"
|
||||
user_domain_name: Default
|
||||
project_name: 'admin'
|
||||
project_domain_name: Default
|
||||
|
||||
# specify domains, projects, roles, and users to create
|
||||
preload:
|
||||
# global roles
|
||||
global_roles: []
|
||||
|
||||
# named domains, the key name will be used to look up keystone domain name
|
||||
domains:
|
||||
# note that `default` is special and refers directly to the ID `default`,
|
||||
# not the name `Default`
|
||||
default:
|
||||
# a list of project names that must exist (will be created)
|
||||
projects: []
|
||||
|
||||
# a list of domain-scoped role names that must exist (will be created)
|
||||
roles: []
|
||||
|
||||
# a list of user objects that must exist
|
||||
# example:
|
||||
# users:
|
||||
# - username: some-user
|
||||
# project: some-project # will be created if it does not exist
|
||||
# roles: # will also be created automatically
|
||||
# - a
|
||||
# - b
|
||||
# - c
|
||||
# # if desired, create a secret (optional):
|
||||
# secret: some-secret-name
|
||||
# # alternatively, specify a namespace and name
|
||||
# secret: some-namespace/some-secret-name
|
||||
# # or even:
|
||||
# secret:
|
||||
# namespace: some-namespace
|
||||
# name: some-secret-name
|
||||
users: []
|
||||
|
||||
# container resource limits and requests
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
|
||||
cleanup:
|
||||
name: cleanup
|
||||
serviceAccount: ''
|
||||
image:
|
||||
repository: monasca/job-cleanup
|
||||
tag: 1.2.1
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
memory: 128Mi
|
||||
cpu: 200m
|
||||
limits:
|
||||
memory: 128Mi
|
||||
cpu: 250m
|
||||
wait:
|
||||
retries: "10"
|
||||
delay: "3.0"
|
||||
timeout: "10"
|
||||
|
||||
rbac:
|
||||
create: false
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
description: A Helm chart for Monasca-agent
|
||||
name: monasca-agent
|
||||
version: 0.2.3
|
||||
sources:
|
||||
- https://github.com/openstack/monasca-agent
|
||||
maintainers:
|
||||
- name: Tim Buckley
|
||||
email: timothy.jas.buckley@hpe.com
|
|
@ -0,0 +1,16 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if .Values.plugins.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ template "fullname" . }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
{{ toYaml .Values.plugins.config_files | indent 2 }}
|
||||
{{- end}}
|
|
@ -0,0 +1,124 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
component: "{{ template "fullname" . }}-daemonset"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: "{{ template "fullname" . }}-daemonset"
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "name" . }}-collector-daemonset
|
||||
image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 12 }}
|
||||
env:
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: KUBERNETES
|
||||
value: "true"
|
||||
- name: KUBERNETES_TIMEOUT
|
||||
value: {{ .Values.kubernetes.timeout | quote }}
|
||||
- name: KUBERNETES_LABELS
|
||||
value: {{ .Values.kubernetes.kubernetes_labels | quote }}
|
||||
- name: PROMETHEUS
|
||||
value: {{ .Values.prometheus.auto_detect_pod_endpoints | quote }}
|
||||
- name: PROMETHEUS_TIMEOUT
|
||||
value: {{ .Values.prometheus.timeout | quote }}
|
||||
- name: PROMETHEUS_DETECT_METHOD
|
||||
value: pod
|
||||
- name: PROMETHEUS_KUBERNETES_LABELS
|
||||
value: {{ .Values.prometheus.kubernetes_labels | quote }}
|
||||
- name: CADVISOR
|
||||
value: {{ .Values.cadvisor.enabled | quote }}
|
||||
- name: CADVISOR_TIMEOUT
|
||||
value: {{ .Values.cadvisor.timeout | quote }}
|
||||
- name: OS_AUTH_URL
|
||||
value: {{ .Values.keystone.url | quote }}
|
||||
- name: OS_USERNAME
|
||||
value: {{ .Values.keystone.os_username | quote }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_user_domain_name | quote }}
|
||||
- name: OS_PASSWORD
|
||||
value: {{ .Values.keystone.os_password | quote }}
|
||||
- name: OS_PROJECT_NAME
|
||||
value: {{ .Values.keystone.os_project_name | quote }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_project_domain_name | quote }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.log_level | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
{{- if .Values.namespace_annotations }}
|
||||
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
|
||||
value: {{ .Values.namespace_annotations | quote}}
|
||||
{{- end}}
|
||||
{{- if .Values.dimensions }}
|
||||
- name: DIMENSIONS
|
||||
value: {{ .Values.dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: CHECK_FREQ
|
||||
value: {{ .Values.collector.check_freq | quote }}
|
||||
- name: NUM_COLLECTOR_THREADS
|
||||
value: {{ .Values.collector.num_collector_threads | quote }}
|
||||
- name: POOL_FULL_MAX_TRIES
|
||||
value: {{ .Values.collector.pool_full_max_retries | quote }}
|
||||
- name: SUB_COLLECTION_WARN
|
||||
value: {{ .Values.collector.sub_collection_warn | quote }}
|
||||
- name: {{ template "name" . }}-forwarder-daemonset
|
||||
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 12 }}
|
||||
env:
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: OS_AUTH_URL
|
||||
value: {{ .Values.keystone.url | quote }}
|
||||
- name: OS_USERNAME
|
||||
value: {{ .Values.keystone.os_username | quote }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_user_domain_name | quote }}
|
||||
- name: OS_PASSWORD
|
||||
value: {{ .Values.keystone.os_password | quote }}
|
||||
- name: OS_PROJECT_NAME
|
||||
value: {{ .Values.keystone.os_project_name | quote }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_project_domain_name | quote }}
|
||||
- name: MONASCA_URL
|
||||
value: {{ .Values.monasca_url | quote }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.log_level | quote }}
|
||||
- name: INSECURE
|
||||
value: {{ .Values.insecure | quote }}
|
||||
- name: MAX_BATCH_SIZE
|
||||
value: {{ .Values.forwarder.max_batch_size | quote }}
|
||||
- name: MAX_MEASUREMENT_BUFFER_SIZE
|
||||
value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
|
||||
- name: BACKLOG_SEND_RATE
|
||||
value: {{ .Values.forwarder.backlog_send_rate | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
- name: NON_LOCAL_TRAFFIC
|
||||
value: {{ .Values.forwarder.non_local_traffic | quote }}
|
|
@ -0,0 +1,143 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
component: "{{ template "fullname" . }}-deployment"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: "{{ template "fullname" . }}-deployment"
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
containers:
|
||||
- name: {{ template "name" . }}-collector-deployment
|
||||
image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 12 }}
|
||||
env:
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: KUBERNETES_API
|
||||
value: "true"
|
||||
- name: KUBERNETES_API_TIMEOUT
|
||||
value: {{ .Values.kubernetes_api.timeout | quote }}
|
||||
- name: KUBERNETES_API_LABELS
|
||||
value: {{ .Values.kubernetes_api.kubernetes_labels | quote }}
|
||||
- name: PROMETHEUS
|
||||
value: {{ .Values.prometheus.auto_detect_service_endpoints | quote }}
|
||||
- name: PROMETHEUS_TIMEOUT
|
||||
value: {{ .Values.prometheus.timeout | quote }}
|
||||
- name: PROMETHEUS_DETECT_METHOD
|
||||
value: service
|
||||
- name: PROMETHEUS_KUBERNETES_LABELS
|
||||
value: {{ .Values.prometheus.kubernetes_labels | quote }}
|
||||
- name: OS_AUTH_URL
|
||||
value: {{ .Values.keystone.url | quote }}
|
||||
- name: OS_USERNAME
|
||||
value: {{ .Values.keystone.os_username | quote }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_user_domain_name | quote }}
|
||||
- name: OS_PASSWORD
|
||||
value: {{ .Values.keystone.os_password | quote }}
|
||||
- name: OS_PROJECT_NAME
|
||||
value: {{ .Values.keystone.os_project_name | quote }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_project_domain_name | quote }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.log_level | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
{{- if .Values.namespace_annotations }}
|
||||
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
|
||||
value: {{ .Values.namespace_annotations | quote}}
|
||||
{{- end}}
|
||||
{{- if .Values.kubernetes_api.storage.parameter_dimensions }}
|
||||
- name: STORAGE_PARAMETERS_DIMENSIONS
|
||||
value: {{ .Values.kubernetes_api.storage.parameter_dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: REPORT_PERSISTENT_STORAGE
|
||||
value: {{ .Values.kubernetes_api.storage.report | quote }}
|
||||
{{- if .Values.dimensions }}
|
||||
- name: DIMENSIONS
|
||||
value: {{ .Values.dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: CHECK_FREQ
|
||||
value: {{ .Values.collector.check_freq | quote }}
|
||||
- name: NUM_COLLECTOR_THREADS
|
||||
value: {{ .Values.collector.num_collector_threads | quote }}
|
||||
- name: POOL_FULL_MAX_TRIES
|
||||
value: {{ .Values.collector.pool_full_max_retries | quote }}
|
||||
- name: SUB_COLLECTION_WARN
|
||||
value: {{ .Values.collector.sub_collection_warn | quote }}
|
||||
{{- if .Values.plugins.enabled }}
|
||||
volumeMounts:
|
||||
- name: agent-config
|
||||
mountPath: /plugins.d
|
||||
{{- end}}
|
||||
- name: {{ template "name" . }}-forwarder-deployment
|
||||
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 12 }}
|
||||
env:
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: OS_AUTH_URL
|
||||
value: {{ .Values.keystone.url | quote }}
|
||||
- name: OS_USERNAME
|
||||
value: {{ .Values.keystone.os_username | quote }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_user_domain_name | quote }}
|
||||
- name: OS_PASSWORD
|
||||
value: {{ .Values.keystone.os_password | quote }}
|
||||
- name: OS_PROJECT_NAME
|
||||
value: {{ .Values.keystone.os_project_name | quote }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
value: {{ .Values.keystone.os_project_domain_name | quote }}
|
||||
- name: MONASCA_URL
|
||||
value: {{ .Values.monasca_url | quote }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.log_level | quote }}
|
||||
- name: INSECURE
|
||||
value: {{ .Values.insecure | quote }}
|
||||
- name: MAX_BATCH_SIZE
|
||||
value: {{ .Values.forwarder.max_batch_size | quote }}
|
||||
- name: MAX_MEASUREMENT_BUFFER_SIZE
|
||||
value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
|
||||
- name: BACKLOG_SEND_RATE
|
||||
value: {{ .Values.forwarder.backlog_send_rate | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
- name: NON_LOCAL_TRAFFIC
|
||||
value: {{ .Values.forwarder.non_local_traffic | quote }}
|
||||
{{- if .Values.plugins.enabled }}
|
||||
volumes:
|
||||
- name: agent-config
|
||||
configMap:
|
||||
name: {{ template "fullname" . }}
|
||||
{{- end}}
|
||||
{{- if .Values.plugins.enabled }}
|
||||
volumes:
|
||||
- name: agent-config
|
||||
configMap:
|
||||
name: {{ template "fullname" . }}
|
||||
{{- end}}
|
|
@ -0,0 +1,32 @@
|
|||
{{- if .Values.rbac.enabled }}
|
||||
kind: ClusterRole
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-role"
|
||||
rules:
|
||||
- apiGroups: ["", "extensions", "storage.k8s.io"]
|
||||
verbs: ["get", "list"]
|
||||
resources:
|
||||
- namespaces
|
||||
- pods
|
||||
- replicasets
|
||||
- deployments
|
||||
- replicationcontrollers
|
||||
- nodes
|
||||
- services
|
||||
- componentstatuses
|
||||
- storageclasses
|
||||
---
|
||||
kind: ClusterRoleBinding
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-role-binding"
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: "{{ .Release.Name }}-role"
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,56 @@
|
|||
name: agent
|
||||
collector:
|
||||
image:
|
||||
repository: monasca/agent-collector
|
||||
tag: master-20180112-162543
|
||||
pullPolicy: IfNotPresent
|
||||
check_freq: 30
|
||||
num_collector_threads: 1
|
||||
pool_full_max_retries: 4
|
||||
sub_collection_warn: 6
|
||||
forwarder:
|
||||
image:
|
||||
repository: monasca/agent-forwarder
|
||||
tag: master-20180206-002800
|
||||
pullPolicy: IfNotPresent
|
||||
max_batch_size: 0
|
||||
max_measurement_buffer_size: -1
|
||||
backlog_send_rate: 5
|
||||
non_local_traffic: "true"
|
||||
insecure: False
|
||||
log_level: WARN
|
||||
keystone:
|
||||
os_username: mini-mon
|
||||
os_user_domain_name: Default
|
||||
os_password: password
|
||||
os_project_name: mini-mon
|
||||
os_project_domain_name: Default
|
||||
url: http://keystone:35357/v3
|
||||
monasca_url: http://monasca-api:8070/v2.0
|
||||
prometheus:
|
||||
auto_detect_pod_endpoints: true
|
||||
auto_detect_service_endpoints: true
|
||||
kubernetes_labels: 'app'
|
||||
timeout: 3
|
||||
kubernetes_api:
|
||||
kubernetes_labels: 'app'
|
||||
timeout: 3
|
||||
storage:
|
||||
report: true
|
||||
kubernetes:
|
||||
kubernetes_labels: 'app'
|
||||
timeout: 3
|
||||
cadvisor:
|
||||
enabled: true
|
||||
timeout: 3
|
||||
resources:
|
||||
requests:
|
||||
memory: 256Mi
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 512Mi
|
||||
cpu: 500m
|
||||
plugins:
|
||||
enabled: false
|
||||
rbac:
|
||||
enabled: false
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
description: A Helm chart for adding Alarms for Monasca
|
||||
name: monasca-alarms
|
||||
version: 0.0.1
|
||||
sources:
|
||||
- https://wiki.openstack.org/wiki/Monasca
|
||||
maintainers:
|
||||
- name: Michael Hoppal
|
||||
email: michael.jam.hoppal@hpe.com
|
|
@ -0,0 +1,112 @@
|
|||
# Monasca-alarms
|
||||
|
||||
## Alarms for Monasca components
|
||||
|
||||
[Monasca](https://wiki.openstack.org/wiki/Monasca), an
|
||||
[Openstack](https://www.openstack.org/) official project, is a scalable
|
||||
monitoring as a service solution. It monitors services and systems by a push
|
||||
model. The Monasca Agent will collect metrics from each node and push them to
|
||||
the Monasca API. It will then be processed by separate microservices for
|
||||
storing, alarming and notifications. The architecture can be viewed
|
||||
[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
|
||||
|
||||
This chart adds alarms for the components of Monasca so Monasca can monitor
|
||||
itself. However, some components failing, for example Kafka, will have no
|
||||
alarms generated as the threshold engine requires kafka to be working.
|
||||
|
||||
## QuickStart
|
||||
|
||||
```bash
|
||||
$ helm repo add monasca http://monasca.io/monasca-helm
|
||||
$ helm install monasca/monasca --name monasca --namespace monitoring
|
||||
$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart adds Alarms for the components of a [Monasca](https://wiki.openstack.org/wiki/Monasca)
|
||||
deployment on a Kubernetes cluster using the Helm Package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.4+
|
||||
- Monasca installed using Helm
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
Monasca-alarms can either be installed from the [monasca.io](https://monasca.io/) helm repo or by source.
|
||||
|
||||
### Installing via Helm repo (recommended)
|
||||
|
||||
```bash
|
||||
$ helm install monasca/monasca-alarms --name monasca-alarms --namespace monitoring
|
||||
```
|
||||
Note: monasca-alarms must be installed in the same namespace as monasca
|
||||
|
||||
### Installing via source
|
||||
|
||||
```bash
|
||||
$ helm repo add monasca http://monasca.io/monasca-helm
|
||||
$ helm dependency update monasca-alarms
|
||||
$ helm install monasca-alarms --name monasca-alarms --namespace monitoring
|
||||
```
|
||||
|
||||
Either option will add the alarms for the components of Monasca on the Kubernetes cluster
|
||||
with the default configuration. The [configuration](#configuration) section lists the parameters
|
||||
that can be configured during installation.
|
||||
|
||||
> **Tip**: List all releases using `helm list`
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To uninstall/delete the `my-release` deployment:
|
||||
|
||||
```bash
|
||||
$ helm delete my-release --purge
|
||||
```
|
||||
|
||||
The command removes all the Kubernetes components associated with the chart and
|
||||
deletes the release.
|
||||
|
||||
### Default Alarms for components
|
||||
|
||||
By default Monasca alarms will be created for Kafka and Zookeeper.
|
||||
|
||||
## Configuration
|
||||
|
||||
The following tables lists the configurable parameters of the Monasca alarms chart
|
||||
broken down by microservice and their default values.
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to
|
||||
`helm install`. For example,
|
||||
|
||||
```console
|
||||
$ helm install monasca-alarms --name my-release \
|
||||
--set kafka.start_periods=4
|
||||
```
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the below parameters
|
||||
can be provided while installing the chart. For example,
|
||||
|
||||
```console
|
||||
$ helm install monasca-alarms --name my-release -f values.yaml
|
||||
```
|
||||
|
||||
> **Tip**: You can use the default [values.yaml](values.yaml)
|
||||
|
||||
|
||||
### Kafka
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`kafka.enabled` | Kafka alarms enabled | `true`
|
||||
`kafka.start_periods` | How many periods Kafka is not started before alarming | `3`
|
||||
`kafka.running_periods` | How many periods Kafka is not running before alarming | `1`
|
||||
|
||||
### Zookeeper
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`zookeeper.enabled` | Zookeeper alarms enabled | `true`
|
||||
`zookeeper.start_periods` | How many periods Zookeeper is not started before alarming | `3`
|
||||
`zookeeper.running_periods` | How many periods Zookeeper is not running before alarming | `1`
|
|
@ -0,0 +1,16 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,68 @@
|
|||
{{- if .Values.kafka.enabled }}
|
||||
---
|
||||
apiVersion: "monasca.io/v1"
|
||||
kind: AlarmDefinition
|
||||
metadata:
|
||||
name: kafka-not-starting
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
alarmDefinitionSpec:
|
||||
name: "Kafka not started"
|
||||
expression: "avg(kafka_watcher_status) < 0 times {{ .Values.kafka.start_periods }}"
|
||||
match_by: []
|
||||
description: "Kafka has not started in {{ .Values.kafka.start_periods }} minutes"
|
||||
severity: "HIGH"
|
||||
---
|
||||
apiVersion: "monasca.io/v1"
|
||||
kind: AlarmDefinition
|
||||
metadata:
|
||||
name: kafka-not-running
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
alarmDefinitionSpec:
|
||||
name: "Kafka not running"
|
||||
expression: "avg(kafka_watcher_status) > 0 times {{ .Values.kafka.running_periods }}"
|
||||
match_by: []
|
||||
description: "Kafka is not running for {{ .Values.kafka.running_periods }} minutes"
|
||||
severity: "HIGH"
|
||||
{{- end }}
|
||||
{{- if .Values.zookeeper.enabled }}
|
||||
---
|
||||
apiVersion: "monasca.io/v1"
|
||||
kind: AlarmDefinition
|
||||
metadata:
|
||||
name: zookeeper-not-starting
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
alarmDefinitionSpec:
|
||||
name: "Zookeeper not started"
|
||||
expression: "avg(zookeeper_watcher_status) < 0 times {{ .Values.zookeeper.start_periods }}"
|
||||
match_by: []
|
||||
description: "Zookeeper not started in {{ .Values.zookeeper.start_periods }} minutes"
|
||||
severity: "HIGH"
|
||||
---
|
||||
apiVersion: "monasca.io/v1"
|
||||
kind: AlarmDefinition
|
||||
metadata:
|
||||
name: zookeeper-not-running
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
alarmDefinitionSpec:
|
||||
name: "Zookeeper not running"
|
||||
expression: "avg(zookeeper_watcher_status) > 0 times {{ .Values.zookeeper.running_periods }}"
|
||||
match_by: []
|
||||
description: "Zookeeper is not running for {{ .Values.zookeeper.running_periods }} minutes"
|
||||
severity: "HIGH"
|
||||
{{- end }}
|
|
@ -0,0 +1,9 @@
|
|||
kafka:
|
||||
enabled: true
|
||||
start_periods: 3
|
||||
running_periods: 1
|
||||
|
||||
zookeeper:
|
||||
enabled: true
|
||||
start_periods: 3
|
||||
running_periods: 1
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
description: A Helm chart for Monasca running in Kubernetes
|
||||
name: monasca
|
||||
version: 0.6.4
|
||||
sources:
|
||||
- https://wiki.openstack.org/wiki/Monasca
|
||||
maintainers:
|
||||
- name: Tim Buckley
|
||||
email: timothy.jas.buckley@hpe.com
|
|
@ -0,0 +1,574 @@
|
|||
# Monasca
|
||||
|
||||
## An Open-Source Monitoring as a Service at Scale solution
|
||||
|
||||
[Monasca](https://wiki.openstack.org/wiki/Monasca), an
|
||||
[Openstack](https://www.openstack.org/) official project, is a scalable
|
||||
monitoring as a service solution. It monitors services and systems by a push
|
||||
model. The Monasca Agent will collect metrics from each node and push them to
|
||||
the Monasca API. It will then be processed by separate microservices for
|
||||
storing, alarming and notifications. The architecture can be viewed
|
||||
[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
|
||||
|
||||
## QuickStart
|
||||
|
||||
```bash
|
||||
$ helm repo add monasca http://monasca.io/monasca-helm
|
||||
$ helm install monasca/monasca --name monasca --namespace monitoring
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart bootstraps a [Monasca](https://wiki.openstack.org/wiki/Monasca)
|
||||
deployment on a Kubernetes cluster using the Helm Package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.4+
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
Monasca can either be install from the [monasca.io](https://monasca.io/) helm repo or by source.
|
||||
|
||||
### Installing via Helm repo (recommended)
|
||||
|
||||
```bash
|
||||
$ helm repo add monasca http://monasca.io/monasca-helm
|
||||
$ helm install monasca/monasca --name monasca --namespace monitoring
|
||||
```
|
||||
|
||||
### Installing via source
|
||||
|
||||
```bash
|
||||
$ helm repo add monasca http://monasca.io/monasca-helm
|
||||
$ helm dependency update monasca
|
||||
$ helm install monasca --name monasca --namespace monitoring
|
||||
```
|
||||
|
||||
Either option will bring up Monasca on the Kubernetes cluster with the default
|
||||
configuration. The [configuration](#configuration) section lists the parameters
|
||||
that can be configured during installation.
|
||||
|
||||
> **Tip**: List all releases using `helm list`
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To uninstall/delete the `my-release` deployment:
|
||||
|
||||
```bash
|
||||
$ helm delete my-release --purge
|
||||
```
|
||||
|
||||
The command removes all the Kubernetes components associated with the chart and
|
||||
deletes the release.
|
||||
|
||||
### Default monitoring
|
||||
|
||||
By default Monasca will monitor pod workloads (CPU, Network, Memory, etc.) and Kubernetes health.
|
||||
|
||||
It will also autodetect Prometheus Endpoints by looking for the following annotations on services and pods
|
||||
|
||||
* prometheus.io/scrape: Only scrape pods that have a value of 'true'
|
||||
* prometheus.io/path: If the metrics path is not '/metrics' override this.
|
||||
* prometheus.io/port: Scrape the pod on the indicated port instead of the default of '9102'.
|
||||
|
||||
More information on our monitoring within in Kubernetes can be found on
|
||||
[monasca.io](http://monasca.io/docs/kubernetes.html)
|
||||
|
||||
## Configuration
|
||||
|
||||
The following tables lists the configurable parameters of the Monasca chart
|
||||
broken down by microservice and their default values.
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to
|
||||
`helm install`. For example,
|
||||
|
||||
```console
|
||||
$ helm install monasca --name my-release \
|
||||
--set persister.replicaCount=4
|
||||
```
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the below parameters
|
||||
can be provided while installing the chart. For example,
|
||||
|
||||
```console
|
||||
$ helm install monasca --name my-release -f values.yaml
|
||||
```
|
||||
|
||||
> **Tip**: You can use the default [values.yaml](values.yaml)
|
||||
|
||||
## Helm Tests for Monasca
|
||||
|
||||
We have two test suites that can be run via Helm Test.
|
||||
|
||||
These are Smoke Tests and Tempest Tests. By default only Smoke Tests are enabled.
|
||||
|
||||
In both tests, Monasca must be deployed or upgraded using helm and then once all
|
||||
pods have been created and all jobs have succeeded the tests can be run.
|
||||
|
||||
### Tempest Tests
|
||||
|
||||
These tests run the [Monasca tempest tests](https://github.com/openstack/monasca-api/tree/master/monasca_tempest_tests)
|
||||
|
||||
Prior to running helm tests you must enable the tempest tests by running:
|
||||
|
||||
```console
|
||||
$ helm upgrade monasca monasca/monasca --set tempest_tests.enabled=true
|
||||
```
|
||||
|
||||
Due to the amount of time that it takes to run the tests, the timeout parameter
|
||||
must be specified. The time required for the tests vary according to your hardware
|
||||
and how loaded your system is. Test times as low as 600 seconds but up to 3100 seconds
|
||||
have been seen. Use the command below, but replacing 900 with the timeout that
|
||||
works for your system:
|
||||
|
||||
```console
|
||||
$ helm test monasca --timeout 900
|
||||
```
|
||||
|
||||
If your timeout is not long enough, then you will see a result like this:
|
||||
|
||||
```console
|
||||
RUNNING: monasca-tempest-tests-test-pod
|
||||
UNKNOWN: monasca-tempest-tests-test-pod: timed out waiting for the condition
|
||||
```
|
||||
|
||||
You must then wait for the pod monasca-tempest-tests-test-pod to exit
|
||||
and check its logs and exit status.
|
||||
|
||||
If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
|
||||
|
||||
To run the tests again, the pod monasca-tempest-tests-test-pod must be deleted.
|
||||
|
||||
The tests are very sensitive to name resolution problems so if your Kubernetes
|
||||
cluster has any problems resolving services, random tests will fail.
|
||||
|
||||
### Smoke Tests
|
||||
|
||||
These tests run the [Monasca smoke tests](https://github.com/monasca/smoke-test)
|
||||
|
||||
Since they are enabled by default you do not have to take an extra step to
|
||||
enable them and can run:
|
||||
|
||||
```console
|
||||
$ helm test monasca
|
||||
```
|
||||
|
||||
You must then wait for the pod monasca-smoke-tests-test-pod to exit
|
||||
and check its logs and exit status.
|
||||
|
||||
If the tests all succeed, the pod will exit 0, otherwise, it will exit 1.
|
||||
|
||||
To run the tests again, the pod monasca-smoke-tests-test-pod must be deleted.
|
||||
|
||||
### Agent
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`agent.name` | Agent container name | `agent`
|
||||
`agent.deployment_enabled` | Agent deployment enabled | `true`
|
||||
`agent.daemonset_enabled` | Agent daemonset enabled | `true`
|
||||
`agent.termination_grace_period` | Agent grace period before force terminating | `30`
|
||||
`agent.daemonset_toleration.enabled` | Agent daemonset toleration is enabled | `false`
|
||||
`agent.daemonset_toleration.operator` | Agent daemonset toleration operator | `true`
|
||||
`agent.daemonset_toleration.effect` | Agent daemonset toleration effect | `true`
|
||||
`agent.collector.image.repository` | Agent Collector container image repository | `monasca/agent-collector`
|
||||
`agent.collector.image.tag` | Agent Collector container image tag | `master-20170707-154334`
|
||||
`agent.collector.image.pullPolicy` | Agent Collector container image pull policy | `IfNotPresent`
|
||||
`agent.collector.check_freq` | How often to run metric collection in seconds | `30`
|
||||
`agent.collector.num_collector_threads` | Number of threads to use in collector for running checks | `1`
|
||||
`agent.collector.pool_full_max_retries` | Maximum number of collection cycles where all of the threads in the pool are still running plugins before the collector will exit | `4`
|
||||
`agent.collector.sub_collection_warn` | Number of seconds a plugin collection time exceeds that causes a warning to be logged for that plugin | `6`
|
||||
`agent.forwarder.image.repository` | Agent Forwarder container image repository | `monasca/agent-forwarder`
|
||||
`agent.forwarder.image.tag` | Agent Forwarder container image tag | `master-20170615-204444`
|
||||
`agent.forwarder.image.pullPolicy` | Agent Forwarder container image pull policy | `IfNotPresent`
|
||||
`agent.forwarder.max_batch_size` | Maximum batch size of measurements to write to monasca-api, 0 is no limit | `0`
|
||||
`agent.forwarder.max_measurement_buffer_size` | Maximum number of measurements to buffer when unable to communicate with the monasca-api (-1 means no limit)| `-1`
|
||||
`agent.forwarder.backlog_send_rate` | Maximum number of messages to send at one time when communication with the monasca-api is restored | `5`
|
||||
`agent.dimensions` | Default dimensions to attach to every metric being sent | ``
|
||||
`agent.plugins.enabled` | Enable passing in agent plugins | `False`
|
||||
`agent.plugins.config_files` | List of plugin yamls to be used with the agent | ``
|
||||
`agent.insecure` | Insecure connection to Keystone and Monasca API | `False`
|
||||
`agent.log_level` | Log level of agent log files | `WARN`
|
||||
`agent.keystone.username` | Agent Keystone username | `mini-mon`
|
||||
`agent.keystone.user_domain_name` | Agent Keystone user domain | `Default`
|
||||
`agent.keystone.password` | Agent Keystone password | `password`
|
||||
`agent.keystone.project_name` | Agent Keystone project name | `mini-mon`
|
||||
`agent.keystone.project_domain_name` | Agent Keystone project domain | `Default`
|
||||
`agent.namespace_annotations` | Namespace annotations to set as metrics dimensions | ``
|
||||
`agent.prometheus.auto_detect_pod_endpoints` | Autodetect Prometheus endpoints for scraping by pods | `true`
|
||||
`agent.prometheus.auto_detect_service_endpoints` | Autodetect Prometheus endpoints for scraping by services | `true`
|
||||
`agent.prometheus.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
|
||||
`agent.prometheus.timeout` | The Prometheus endpoint connection timeout | `3`
|
||||
`agent.kubernetes_api.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
|
||||
`agent.kubernetes_api.timeout` | The K8s API connection timeout | `3`
|
||||
`agent.kubernetes_api.storage.report` | Report bound pvc capacity metrics per a storage class | `true`
|
||||
`agent.kubernetes_api.storage.parameter_dimensions` | Storage class parameters as dimensions | ``
|
||||
`agent.kubernetes.kubernetes_labels` | A list of Kubernetes labels to include as dimensions from gathered metrics | `app`
|
||||
`agent.kubernetes.timeout` | The cAdvisor/Kubelet connection timeout | `3`
|
||||
`agent.kubernetes.enable_minimum_whitelist` | Only report minimum set of pod metrics (cpu, memory) | `false`
|
||||
`agent.cadvisor.enabled` | Enable host metrics from cAdvisor | `true`
|
||||
`agent.cadvisor.timeout` | The cAdvisor connection timeout | `3`
|
||||
`agent.cadvisor.enable_minimum_whitelist` | Only report minimum set of host metrics (cpu, memory) | `false`
|
||||
`agent.resources.requests.memory` | Memory request per agent pod | `256Mi`
|
||||
`agent.resources.requests.cpu` | CPU request per agent pod | `100m`
|
||||
`agent.resources.limits.memory` | Memory limit per agent pod | `512Mi`
|
||||
`agent.resources.limits.cpu` | Memory limit per agent pod | `500m`
|
||||
|
||||
### Aggregator
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`aggregator.name` | Aggregator container name | `aggregation`
|
||||
`aggregator.enabled` | Aggregator enabled | `true`
|
||||
`aggregator.image.repository` | Aggregator container image repository | `rbrndt/test-agg`
|
||||
`aggregator.image.tag` | Aggregator container image tag | `.0.1.1`
|
||||
`aggregator.image.pullPolicy` | Aggregator container image pull policy | `IfNotPresent`
|
||||
`aggregator.window_size` | Window size in seconds of metrics to aggregate on. | `60`
|
||||
`aggregator.window_lag` | Lag in seconds outside the window to accept metrics into current aggregations | `2`
|
||||
|
||||
### Alarms Init Job
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`alarms.name` | Alarms container name | `alarms`
|
||||
`alarms.enabled` | Alarms init job enabled | `true`
|
||||
`alarms.image.repository` | Alarms init job container image repository | `rbrndt/test-agg`
|
||||
`alarms.image.tag` | Alarms init job container image tag | `1.1.1`
|
||||
`alarms.image.pullPolicy` | Alarms init job container image pull policy | `IfNotPresent`
|
||||
`alarms.wait.retries` | Number of attempts to create alarms before giving up | `24`
|
||||
`alarms.wait.delay` | Seconds to wait between retries | `5`
|
||||
`alarms.wait.timeout` | Attempt connection timeout in seconds | `10`
|
||||
`alarms.keystone.username` | Monasca Keystone user | `mini-mon`
|
||||
`alarms.keystone.user_domain_name` | Monasca Keystone user domain | `Default`
|
||||
`alarms.keystone.password` | Monasca Keystone password | `password`
|
||||
`alarms.keystone.project_name` | Monasca Keystone project name | `mini-mon`
|
||||
`alarms.keystone.project_domain_name` | Monasca Keystone project domain | `Default`
|
||||
|
||||
### API
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`api.name` | API container name | `api`
|
||||
`api.image.repository` | API container image repository | `monasca/api`
|
||||
`api.image.tag` | API container image tag | `master-prometheus`
|
||||
`api.image.pullPolicy` | API container image pull policy | `IfNotPresent`
|
||||
`api.resources.requests.memory` | Memory request per API pod | `256Mi`
|
||||
`api.resources.requests.cpu` | CPU request per API pod | `250m`
|
||||
`api.resources.limits.memory` | Memory limit per API pod | `1Gi`
|
||||
`api.resources.limits.cpu` | Memory limit per API pod | `2000m`
|
||||
`api.replicaCount` | API pod replica count | `1`
|
||||
`api.keystone.admin_password` | Keystone admin account password | `secretadmin`
|
||||
`api.keystone.admin_user` | Keystone admin account user | `admin`
|
||||
`api.keystone.admin_tenant` | Keystone admin account tenant | `admin`
|
||||
`api.influxdb.user` | The influx username | `mon_api`
|
||||
`api.influxdb.password` | The influx password | `password`
|
||||
`api.influxdb.database` | The influx database | `mon`
|
||||
`api.gunicorn_workers` | Number of gunicorn api workers | `1`
|
||||
`api.service.port` | API service port | `8070`
|
||||
`api.service.type` | API service type | `ClusterIP`
|
||||
`api.service.node_port` | API node port if service type is set to NodePort | ``
|
||||
`api.logging.log_level_root` | The level of the root logger | `WARN`
|
||||
`api.logging.log_level_console` | Minimum level for console output | `WARN`
|
||||
`api.mysql_disabled` | Disable requirement on mysql for API | `false`
|
||||
`api.mysql_wait_retries` | Retries for mysql available checks |
|
||||
`api.auth_disabled` | Disable Keystone authentication | `false`
|
||||
`api.authorized_roles` | Roles for admin Users | `user, domainuser, domainadmin, monasca-user`
|
||||
`api.side_container.enabled` | Enable API side container that collects metrics from the API and exposes as a Prometheus endpoint | `true`
|
||||
`api.side_container.image.repository` | API side container image repository | `timothyb89/monasca-sidecar`
|
||||
`api.side_container.image.tag` | API side container image tag | `1.0.0`
|
||||
`api.side_container.image.pullPolicy` | API side container image pull policy | `IfNotPresent`
|
||||
`api.side_container.resources.requests.memory` | Memory request per API side container | `128Mi`
|
||||
`api.side_container.resources.requests.cpu` | CPU request per API side container | `50m`
|
||||
`api.side_container.resources.limits.memory` | Memory limit per API side container | `256Mi`
|
||||
`api.side_container.resources.limits.cpu` | Memory limit per API side container | `100m`
|
||||
|
||||
### Client
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`client.name` | Client container name | `client`
|
||||
`client.enabled` | Enable deploying client | `false`
|
||||
`client.image.repository` | Client container image repository | `rbrndt/python-monascaclient`
|
||||
`client.image.tag` | Client container image tag | `1.6.0`
|
||||
`client.image.pullPolicy` | Client container image pull policy | `IfNotPresent`
|
||||
`client.keystone.username` | Keystone user | `mini-mon`
|
||||
`client.keystone.user_domain_name` | Keystone user domain | `Default`
|
||||
`client.keystone.password` | Keystone password | `password`
|
||||
`client.keystone.project_name` | Keystone project name | `mini-mon`
|
||||
`client.keystone.project_domain_name` | Keystone project domain | `Default`
|
||||
|
||||
### Forwarder
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`forwarder.name` | Forwarder container name | `forwarder`
|
||||
`forwarder.image.repository` | Forwarder container image repository | `monasca/forwarder`
|
||||
`forwarder.image.tag` | Forwarder container image tag | `master`
|
||||
`forwarder.image.pullPolicy` | Forwarder container image pull policy | `IfNotPresent`
|
||||
`forwarder.insecure` | Insecure connection to Monasca API | `False`
|
||||
`forwarder.enabled` | Enable deploying the forwarder | `false`
|
||||
`forwarder.replicaCount` | Replica count of Forwarder pods | `1`
|
||||
`forwarder.logging.debug` | Enable debug logging | `false`
|
||||
`forwarder.logging.verbose` | Enable verbose logging | `true`
|
||||
`forwarder.config.remote_api_url` | Versioned monasca api url to forward metrics to | `http://monasca:8070/v2.0`
|
||||
`forwarder.config.monasca_project_id` | Project ID to forward metrics under | `3564760a3dd44ae9bd6618d442fd758c`
|
||||
`forwarder.config.use_insecure` | Use insecure when forwarding metrics | `false`
|
||||
`forwarder.config.monasca_role` | Role to forward metrics under | `monasca-agent`
|
||||
`forwarder.resources.requests.memory` | Memory request per forwarder pod | `128Mi`
|
||||
`forwarder.resources.requests.cpu` | CPU request per forwarder pod | `50m`
|
||||
`forwarder.resources.limits.memory` | Memory limit per forwarder pod | `256Mi`
|
||||
`forwarder.resources.limits.cpu` | Memory limit per forwarder pod | `100m`
|
||||
|
||||
### Grafana
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`grafana.name` | Grafana container name | `grafana`
|
||||
`granfa.enabled` | Grafana enabled | `true`
|
||||
`grafana.simple_name` | Whether to use `grafana.name` without prepending with `.Release.Name` | `false`
|
||||
`grafana.image.repository` | Grafana container image repository | `monasca/grafana`
|
||||
`grafana.image.tag` | Grafana container image tag | `4.1.0-pre1-1.0.0`
|
||||
`grafana.image.pullPolicy` | Grafana container image pull policy | `IfNotPresent`
|
||||
`grafana.service.port` | Grafana service port | `3000`
|
||||
`grafana.service.type` | Grafana service type | `NodePort`
|
||||
`grafana.resources.requests.memory` | Memory request per grafana pod | `64Mi`
|
||||
`grafana.resources.requests.cpu` | CPU request per grafana pod | `50m`
|
||||
`grafana.resources.limits.memory` | Memory limit per grafana pod | `128Mi`
|
||||
`grafana.resources.limits.cpu` | Memory limit per grafana pod | `100m`
|
||||
|
||||
### Keystone
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`keystone.name` | Keystone container name | `keystone`
|
||||
`keystone.enabled` | Keystone enable flag. If false each micro service using keystone will use the override keystone variables | `true`
|
||||
`keystone.override.public_url` | Keystone external url for public endpoint | `http://keystone:35357`
|
||||
`keystone.override.admin_url` | Keystone external url for admin endpoint | `http://keystone:5000`
|
||||
`keystone.image.repository` | Keystone container image repository | `monasca/keystone`
|
||||
`keystone.image.tag` | Keystone container image tag | `1.0.7`
|
||||
`keystone.image.pullPolicy` | Keystone container image pull policy | `IfNotPresent`
|
||||
`keystone.bootstrap.user` | Keystone bootstrap username | `admin`
|
||||
`keystone.bootstrap.password` | Keystone bootstrap password | `secretadmin`
|
||||
`keystone.bootstrap.project` | Keystone bootstrap project | `admin`
|
||||
`keystone.bootstrap.role` | Keystone bootstrap role | `admin`
|
||||
`keystone.bootstrap.service` | Keystone bootstrap service | `keystone`
|
||||
`keystone.bootstrap.region` | Keystone bootstrap region | `RegionOne`
|
||||
`keystone.database_backend` | Keystone backend database | `mysql`
|
||||
`keystone.mysql.database` | Keystone mysql database | `keystone`
|
||||
`keystone.replicaCount` | Keystone pod replicas | `1`
|
||||
`keystone.service.type` | Keystone service type | `ClusterIP`
|
||||
`keystone.service.port` | Keystone service port | `35357`
|
||||
`keystone.service.admin_port` | Keystone admin service port | `5000`
|
||||
`keystone.service.admin_node_port` | Keystone admin service node port if service type is NodePort | ``
|
||||
`keystone.service.node_port` | Keystone service node port if service type is NodePort | ``
|
||||
`keystone.users.mini_mon.password` | Keystone container image pull policy | `password`
|
||||
`keystone.users.monasca_agent.password` | Keystone container image pull policy | `password`
|
||||
`keystone.users.admin.password` | Keystone container image pull policy | `secretadmin`
|
||||
`keystone.users.demo.password` | Keystone container image pull policy | `secretadmin`
|
||||
`keystone.users.monasca_read_only.password` | Keystone container image pull policy | `password`
|
||||
`keystone.resources.requests.memory` | Memory request per keystone pod | `256Mi`
|
||||
`keystone.resources.requests.cpu` | CPU request per keystone pod | `100m`
|
||||
`keystone.resources.limits.memory` | Memory limit per keystone pod | `1Gi`
|
||||
`keystone.resources.limits.cpu` | Memory limit per keystone pod | `500m`
|
||||
|
||||
|
||||
### Influxdb
|
||||
|
||||
Parameter | Description | Default
|
||||
----------|-------------|--------
|
||||
`influxdb.enabled` | Influxdb enabled | `true`
|
||||
`influxdb.imageTag` | Tag to use from `library/mysql` | `5.6`
|
||||
`influxdb.image.repository` | docker repository for influxdb | `influxdb`
|
||||
`influxdb.imagePullPolicy` | K8s pull policy for influxdb image | `IfNotPresent`
|
||||
`influxdb.persistence.enabled` | If `true`, enable persistent storage | `false`
|
||||
`influxdb.persistence.storageClass` | K8s storage class to use for persistence | `default`
|
||||
`influxdb.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
|
||||
`influxdb.persistence.size` | PVC request size | `100Gi`
|
||||
`influxdb.resources.requests.memory` | Memory request | `256Mi`
|
||||
`influxdb.resources.requests.cpu` | CPU request | `100m`
|
||||
`influxdb.resources.limits.memory` | Memory limit | `16Gi`
|
||||
`influxdb.resources.limits.cpu` | CPU limit | `500m`
|
||||
`influxdb.config.http.bind_address` | API Port| `8086`
|
||||
`influxdb.config.data.cache_max_memory_size` | CPU limit | `1073741824`
|
||||
|
||||
|
||||
### Influxdb Init Job
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`influx_init.enabled` | Influxdb initialization job enabled | `true`
|
||||
`influx_init.image.repository` | docker repository for influx init | `monasca/influxdb-init`
|
||||
`influx_init.image.tag` | Docker image tag | `1.0.0`
|
||||
`influx_init.image.pullPolicy` | Kubernetes pull policy for image | `IfNotPresent`
|
||||
`influx_init.shard_duration` | Influxdb shard duration | `1d`
|
||||
`influx_init.default_retention` | Influxdb retention | `INF`
|
||||
|
||||
### MySQL
|
||||
|
||||
Parameter | Description | Default
|
||||
----------|-------------|--------
|
||||
`mysql.enabled` | MySQL enabled | `true`
|
||||
`mysql.imageTag` | Tag to use from `library/mysql` | `5.6`
|
||||
`mysql.imagePullPolicy` | K8s pull policy for mysql image | `IfNotPresent`
|
||||
`mysql.persistence.enabled` | If `true`, enable persistent storage | `false`
|
||||
`mysql.persistence.storageClass` | K8s storage class to use for persistence | `default`
|
||||
`mysql.persistence.accessMode` | PVC access mode | `ReadWriteOnce`
|
||||
`mysql.persistence.size` | PVC request size | `10Gi`
|
||||
`mysql.resources.requests.memory` | Memory request | `256Mi`
|
||||
`mysql.resources.requests.cpu` | CPU request | `100m`
|
||||
`mysql.resources.limits.memory` | Memory limit | `1Gi`
|
||||
`mysql.resources.limits.cpu` | CPU limit | `500m`
|
||||
`mysql.users.keystone.username` | Keystone MySQL username | `keystone`
|
||||
`mysql.users.keystone.password` | Keystone MySQL password | `keystone`
|
||||
`mysql.users.api.username` | API MySQL username | `monapi`
|
||||
`mysql.users.api.password` | API MySQL password | `password`
|
||||
`mysql.users.notification.username` | Notification MySQL username | `notification`
|
||||
`mysql.users.notification.password` | Notification MySQL password | `password`
|
||||
`mysql.users.thresh.username` | Thresh MySQL username | `thresh`
|
||||
`mysql.users.thresh.password` | Thresh MySQL password | `password`
|
||||
`mysql.users.grafana.username` | Grafana MySQL username | `grafana`
|
||||
`mysql.users.grafana.password` | Grafana MySQL password | `password`
|
||||
|
||||
### MySQL Init Job
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`mysql_init.enabled` | MySQL initialization job enabled | `true`
|
||||
`mysql_init.image.repository` | docker repository for mysql-init | `monasca/mysql-init`
|
||||
`mysql_init.image.tag` | Docker image tag | `1.2.0`
|
||||
`mysql_init.image.pullPolicy` | Kubernetes pull polify for image | `IfNotPresent`
|
||||
`mysql_init.disable_remote_root` | If `true`, disable root account after init finishes successfully | `true`
|
||||
`mysql_init.keystone_db_enabled` | Setup Keystone Database. Use `false` with an external Keystone | `true`
|
||||
`mysql_init.create_mon_users` | Create the Database users for Monasca | `true`
|
||||
`mysql_init.grafana_db_enabled` | Setup Grafana Database | `true`
|
||||
|
||||
### Notification
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`notification.name` | Notification container name | `notification`
|
||||
`notification.enabled` | Notification engine enabled flag | `true`
|
||||
`notification.image.repository` | Notification container image repository | `monasca/notification`
|
||||
`notification.image.tag` | Notification container image tag | `master`
|
||||
`notification.image.pullPolicy` | Notification container image pull policy | `IfNotPresent`
|
||||
`notification.replicaCount` | Notification pod replica count | `1`
|
||||
`notification.log_level` | Notification log level | `WARN`
|
||||
`notification.plugins` | Notification plugins enabled | `pagerduty,webhook`
|
||||
`notification.plugin_config.email.defined` | Notification email plugin configuration is defined | `false`
|
||||
`notification.plugin_config.email.server` | SMTP server address | ``
|
||||
`notification.plugin_config.email.port` | SMTP server port | ``
|
||||
`notification.plugin_config.email.user` | SMTP username | ``
|
||||
`notification.plugin_config.email.password` | SMTP password | ``
|
||||
`notification.plugin_config.email.from_addr` | "from" field for emails sent, e.g. "Name" <name@example.com> | ``
|
||||
`notification.plugin_config.webhook.timeout` | Webhook timeout | `5`
|
||||
`notification.plugin_config.hipchat.ssl_certs` | Path to SSL certs | ``
|
||||
`notification.plugin_config.hipchat.timeout` | Hipchat timeout | `5`
|
||||
`notification.plugin_config.hipchat.insecure` | Insecure when sending to Hipchat | ``
|
||||
`notification.plugin_config.hipchat.proxy` | if set, use the given HTTP(S) proxy server to send Hipchat notifications | ``
|
||||
`notification.plugin_config.slack.timeout` | Notification slack timeout | `5`
|
||||
`notification.plugin_config.slack.certs` | Path to Slack certs | ``
|
||||
`notification.plugin_config.slack.insecure` | Insecure when sending to Slack | ``
|
||||
`notification.plugin_config.slack.proxy` | if set, use the given HTTP(S) proxy server to send Slack notifications | ``
|
||||
`notification.resources.requests.memory` | Memory request per notification pod | `128Mi`
|
||||
`notification.resources.requests.cpu` | CPU request per notification pod | `50m`
|
||||
`notification.resources.limits.memory` | Memory limit per notification pod | `256Mi`
|
||||
`notification.resources.limits.cpu` | Memory limit per notification pod | `100m`
|
||||
|
||||
### Persister
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`persister.name` | Persister container name | `persister`
|
||||
`persister.image.repository` | Persister container image repository | `monasca/persister`
|
||||
`persister.image.tag` | Persister container image tag | `master`
|
||||
`persister.image.pullPolicy` | Persister container image pull policy | `IfNotPresent`
|
||||
`persister.replicaCount` | Persister pod replica count | `1`
|
||||
`persister.influxdb.user` | Persister influx username | `mon_persister`
|
||||
`persister.influxdb.password` | Persister influx password | `password`
|
||||
`persister.influxdb.database` | Persister influx database | `mon`
|
||||
`persister.logging.debug` | Persister debug logging enabled | `false`
|
||||
`persister.logging.verbose` | Persister verbose logging enabled | `true`
|
||||
`persister.resources.requests.memory` | Memory request per persister pod | `128Mi`
|
||||
`persister.resources.requests.cpu` | CPU request per persister pod | `50m`
|
||||
`persister.resources.limits.memory` | Memory limit per persister pod | `256Mi`
|
||||
`persister.resources.limits.cpu` | Memory limit per persister pod | `100m`
|
||||
|
||||
### Threshold Engine
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`thresh.name` | Thresh container name | `thresh`
|
||||
`thresh.image.repository` | Thresh container image repository | `monasca/thresh`
|
||||
`thresh.image.tag` | Thresh container image tag | `master`
|
||||
`thresh.image.pullPolicy` | Thresh container image pull policy | `IfNotPresent`
|
||||
`thresh.use_local` | Run in local mode | `true`
|
||||
`thresh.secretSuffix` | MySQL secret suffix | `mysql-thresh-secret`
|
||||
`thresh.spout.metricSpoutThreads` | Amount of metric spout threads | `2`
|
||||
`thresh.spout.metricSpoutTasks` | Amount of metric spout tasks | `2`
|
||||
`thresh.wait.retries` | Number of startup connection attempts to make before giving up | `24`
|
||||
`thresh.wait.delay` | Seconds to wait between retries | `5`
|
||||
`thresh.wait.timeout` | Attempt connection timeout in seconds | `10`
|
||||
`thresh.memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
|
||||
`thresh.stack_size` | JVM stack size | `1024k`
|
||||
|
||||
Storm-specific options are documented in the
|
||||
[Storm chart](https://github.com/hpcloud-mon/monasca-helm/tree/master/storm).
|
||||
|
||||
Storm is disabled and the Threshold Engine is run without Storm by default. To run the Threshold
|
||||
Engine with Storm, set storm.enabled to true and thresh.enabled to false.
|
||||
|
||||
### Tempest Tests
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`tempest_test.name` | Tempest Test container name | `tempest-tests`
|
||||
`tempest_test.enabled` | If True, run Tempest Tests | `False`
|
||||
`tempest_tests.image.repository` | Tempest Test container image repository | `monasca/tempest-tests`
|
||||
`tempest_tests.image.tag` | Tempest Test container image tag | `1.0.0`
|
||||
`tempest_tests.image.pullPolicy` | Tempest Test container image pull policy | `IfNotPresent`
|
||||
`tempest_test.wait.enabled`| Enable Monasca API available checks | `True`
|
||||
`tempest_test.wait.retries`| Retries for Monasca API available checks | `24`
|
||||
`tempest_test.wait.delay` | Sleep time between Monasca API retries | `5`
|
||||
`tempest_test.keystone.os_password` Password for Keystone User | `password`
|
||||
`tempest_test.keystone.os_project_domain_name` | User Project Domain Name | `Default`
|
||||
`tempest_test.keystone.os_project_name` | User Project Name | `mini-mon`
|
||||
`tempest_test.keystone.os_username` | Keystone User Name | `mini-mon`
|
||||
`tempest_test.keystone.os_tenant_name` | Keystone User Tenant(Project) Name | `mini-mon`
|
||||
`tempest_test.keystone.os_domain_name` | Keystone User Domain Name | `Default`
|
||||
`tempest_test.keystone.alt_username` | Alternate User Name | `mini-mon`
|
||||
`tempest_test.keystone.alt_password` | Alternate User Password | `password`
|
||||
`tempest_test.keystone.auth_use_ssl` | Use https for keystone Auth URI | `False`
|
||||
`tempest_test.keystone.keystone_server` | Keystone Server Name | `keystone`
|
||||
`tempest_test.keystone.keystone_port` | Keystone Server Port | `35357`
|
||||
`tempest_test.keystone.use_dynamic_creds` | Whether to recreate creds for each test run | `True`
|
||||
`tempest_test.keystone.admin_username` | Keystone Admin Domain Name | `mini-mon`
|
||||
`tempest_test.keystone.admin_password` | Keystone Admin Domain Name | `password`
|
||||
`tempest_test.keystone.admin_domain_name` | Keystone Admin Domain Name | `Default`
|
||||
`tempest_test.keystone.ostestr_regex` | Selects which tests to run | `monasca_tempest_tests`
|
||||
`tempest_test.keystone.stay_alive_on_failure` | If true, container runs 2 hours after tests fail | False
|
||||
|
||||
### Smoke Tests
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`smoke_tests.name` | Smoke Test container name | `smoke-tests`
|
||||
`smoke_tests.enabled` | If True, run Smoke Test when using helm test | `True`
|
||||
`smoke_tests.image.repository` | Smoke Test container image repository | `monasca/smoke-tests`
|
||||
`smoke_tests.image.tag` | Smoke Test container image tag | `1.0.0`
|
||||
`smoke_tests.image.pullPolicy` | Smoke Test container image pull policy | `IfNotPresent`
|
||||
`smoke_tests.keystone.username`| Keystone User Name | `mini-mon`
|
||||
`smoke_tests.keystone.password`| Keystone User Tenant Name | `mini-mon`
|
||||
`smoke_tests.keystone.tenant_name` | Keystone Domain name | `Default`
|
||||
|
||||
### Alarm Definition Controller
|
||||
|
||||
Parameter | Description | Default
|
||||
--------- | ----------- | -------
|
||||
`alarm_definition_controller.name` | Alarm Definition Controller container name | `alarm-definition-controller`
|
||||
`alarm_definition_controller.resource_enabled` | If True, create Alarm Definition third party resource | `True`
|
||||
`alarm_definition_controller.controller_enabled` | If True, create Alarm Definition Controller | `True`
|
||||
`alarm_definition_controller.image.repository` | Alarm Definition Controller container image repository | `monasca/alarm-definition-controller`
|
||||
`alarm_definition_controller.image.tag` | Alarm Definition Controller container image tag | `1.0.0`
|
||||
`alarm_definition_controller.image.pullPolicy` | Alarm Definition Controller container image pull policy | `IfNotPresent`
|
||||
`alarm_definition_controller.version` | Alarm Definition Controller version | `v1`
|
|
@ -0,0 +1,21 @@
|
|||
dependencies:
|
||||
- name: influxdb
|
||||
version: 0.6.2-0.0.2
|
||||
condition: 'influxdb.enabled, global.influxdb.enabled'
|
||||
repository: 'http://monasca.io/monasca-helm/'
|
||||
- name: mysql
|
||||
version: 0.2.4
|
||||
condition: 'mysql.enabled, global.mysql.enabled'
|
||||
repository: 'https://kubernetes-charts.storage.googleapis.com/'
|
||||
- name: kafka
|
||||
version: 0.4.2
|
||||
condition: 'kafka.enabled, global.kafka.enabled'
|
||||
repository: 'http://monasca.io/monasca-helm/'
|
||||
- name: storm
|
||||
version: 0.5.3
|
||||
condition: 'storm.enabled, global.storm.enabled'
|
||||
repository: 'http://monasca.io/monasca-helm/'
|
||||
- name: zookeeper
|
||||
version: 0.3.8
|
||||
condition: 'zookeeper.enabled, global.zookeeper.enabled'
|
||||
repository: 'http://monasca.io/monasca-helm/'
|
|
@ -0,0 +1,160 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "fullname" -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified agent name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "agent.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "agent" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified agent name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "aggregator.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "aggregator" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified api name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "api.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "api" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified forwarder name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "forwarder.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "forwarder" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified grafana name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "grafana.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "grafana" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified kafka name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "kafka.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "kafka" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified keystone name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "keystone.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "keystone" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified notification name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "notification.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "notification" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified persister name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "persister.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "persister" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified storm-supervisor name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "thresh.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "thresh" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified zookeeper name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "zookeeper.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "zookeeper" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified client name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "client.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "client" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified cleanup name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "cleanup.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified alarms name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "alarms.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "alarms" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified tempest test name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "tempest_tests.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "tempest-tests" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified smoke tests name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "smoke_tests.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "smoke-tests" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified memcached name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "memcached.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "memcached" | trunc 63 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a fully qualified alarm definition controller name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "alarm_definition_controller.fullname" -}}
|
||||
{{- printf "%s-%s" .Release.Name "adc" | trunc 63 -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,155 @@
|
|||
{{- /*
|
||||
Read a single optional secret or string from values into an `env` `value:` or
|
||||
`valueFrom:`, depending on the user-defined content of the value.
|
||||
|
||||
Example:
|
||||
- name: OS_AUTH_URL
|
||||
{{ template "monasca_secret_env" .Values.auth.url }}
|
||||
|
||||
Note that unlike monasca_keystone_env, secret_key can not have any default
|
||||
values.
|
||||
|
||||
Make sure to change the name of this template when copying to keep it unique,
|
||||
e.g. chart_name_secret_env.
|
||||
*/}}
|
||||
{{- define "monasca_secret_env" }}
|
||||
{{- if eq (kindOf .) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .secret_name }}"
|
||||
key: "{{ .secret_key }}"
|
||||
{{- else }}
|
||||
value: "{{ . }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- /*
|
||||
Generate a list of environment vars for Keystone Auth
|
||||
|
||||
Example:
|
||||
env:
|
||||
{{ include "monasca_keystone_env" .Values.my_pod.auth | indent 4 }}
|
||||
|
||||
(indent level should be adjusted as necessary)
|
||||
|
||||
Make sure to change the name of this template when copying to keep it unique,
|
||||
e.g. chart_name_keystone_env.
|
||||
|
||||
Note that monasca_secret_env is not used here because we want to provide
|
||||
default key names.
|
||||
|
||||
Note: this template does NOT set OS_AUTH_URL, since we may need to reference our
|
||||
internal Keystone URL and Helm cannot pass more than one variable at once.
|
||||
*/}}
|
||||
{{- define "monasca_keystone_env" -}}
|
||||
{{- if .api_version }}
|
||||
- name: OS_IDENTITY_API_VERSION
|
||||
value: "{{ .api_version }}"
|
||||
{{- end }}
|
||||
{{- if .domain_name }}
|
||||
- name: OS_DOMAIN_NAME
|
||||
{{- if eq (kindOf .domain_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .domain_name.secret_name }}"
|
||||
key: "{{ .domain_name.secret_key | default "OS_DOMAIN_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .domain_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- name: OS_USERNAME
|
||||
{{- if eq (kindOf .username) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .username.secret_name }}"
|
||||
key: "{{ .username.secret_key | default "OS_USERNAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .username }}"
|
||||
{{- end }}
|
||||
- name: OS_PASSWORD
|
||||
{{- if eq (kindOf .password) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .password.secret_name }}"
|
||||
key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
|
||||
{{- else }}
|
||||
value: "{{ .password }}"
|
||||
{{- end }}
|
||||
{{- if .user_domain_name }}
|
||||
- name: OS_USER_DOMAIN_NAME
|
||||
{{- if eq (kindOf .user_domain_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .user_domain_name.secret_name }}"
|
||||
key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .user_domain_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .project_name }}
|
||||
- name: OS_PROJECT_NAME
|
||||
{{- if eq (kindOf .project_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .project_name.secret_name }}"
|
||||
key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .project_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .project_domain_name }}
|
||||
- name: OS_PROJECT_DOMAIN_NAME
|
||||
{{- if eq (kindOf .project_domain_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .project_domain_name.secret_name }}"
|
||||
key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .project_domain_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .tenant_name }}
|
||||
- name: OS_TENANT_NAME
|
||||
{{- if eq (kindOf .tenant_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .tenant_name.secret_name }}"
|
||||
key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .tenant_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .tenant_id }}
|
||||
- name: OS_TENANT_ID
|
||||
{{- if eq (kindOf .tenant_id) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .tenant_id.secret_name }}"
|
||||
key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
|
||||
{{- else }}
|
||||
value: "{{ .tenant_id }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .region_name }}
|
||||
- name: OS_REGION_NAME
|
||||
{{- if eq (kindOf .region_name) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .region_name.secret_name }}"
|
||||
key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
|
||||
{{- else }}
|
||||
value: "{{ .region_name }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .auth_type }}
|
||||
- name: OS_AUTH_TYPE
|
||||
{{- if eq (kindOf .auth_type) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .auth_type.secret_name }}"
|
||||
key: "{{ .auth_type.secret_key | default "OS_AUTH_TYPE" }}"
|
||||
{{- else }}
|
||||
value: "{{ .auth_type }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,30 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
|
||||
kind: ClusterRole
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
metadata:
|
||||
name: "{{ template "agent.fullname" . }}"
|
||||
rules:
|
||||
- apiGroups: ["", "extensions", "storage.k8s.io"]
|
||||
verbs: ["get", "list"]
|
||||
resources:
|
||||
- namespaces
|
||||
- pods
|
||||
- replicasets
|
||||
- deployments
|
||||
- replicationcontrollers
|
||||
- nodes
|
||||
- services
|
||||
- componentstatuses
|
||||
- storageclasses
|
||||
- apiGroups: ["", "batch", "extensions", "storage.k8s.io"]
|
||||
verbs: ["get", "list", "delete"]
|
||||
resources:
|
||||
- jobs
|
||||
- pods
|
||||
{{- end }}
|
|
@ -0,0 +1,20 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
|
||||
kind: ClusterRoleBinding
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
metadata:
|
||||
name: "{{ template "agent.fullname" . }}"
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: "{{ template "agent.fullname" . }}"
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: "{{ template "agent.fullname" . }}"
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if .Values.agent.plugins.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "agent.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.agent.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
{{ toYaml .Values.agent.plugins.config_files | indent 2 }}
|
||||
{{- end}}
|
|
@ -0,0 +1,159 @@
|
|||
{{- if .Values.agent.daemonset_enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ template "agent.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.agent.name }}-daemonset"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
updateStrategy:
|
||||
type: RollingUpdate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: "{{ .Values.agent.name }}-daemonset"
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
{{- if .Values.agent.daemonset_toleration.enabled }}
|
||||
tolerations:
|
||||
- operator: "{{ .Values.agent.daemonset_toleration.operator }}"
|
||||
effect: "{{ .Values.agent.daemonset_toleration.effect }}"
|
||||
{{- end }}
|
||||
terminationGracePeriodSeconds: {{ .Values.agent.termination_grace_period }}
|
||||
containers:
|
||||
- name: collector
|
||||
image: "{{ .Values.agent.collector.image.repository }}:{{ .Values.agent.collector.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.agent.collector.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.agent.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_DEFAULTS_ENABLED
|
||||
value: "{{ .Values.agent.keystone.defaults_enabled }}"
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.agent.keystone.url }}
|
||||
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.agent.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.agent.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: KUBERNETES
|
||||
value: "true"
|
||||
- name: KUBERNETES_TIMEOUT
|
||||
value: {{ .Values.agent.kubernetes.timeout | quote }}
|
||||
- name: KUBERNETES_LABELS
|
||||
value: {{ .Values.agent.kubernetes.kubernetes_labels | quote }}
|
||||
- name: PROMETHEUS
|
||||
value: {{ .Values.agent.prometheus.auto_detect_pod_endpoints | quote }}
|
||||
- name: PROMETHEUS_TIMEOUT
|
||||
value: {{ .Values.agent.prometheus.timeout | quote }}
|
||||
- name: PROMETHEUS_DETECT_METHOD
|
||||
value: pod
|
||||
- name: PROMETHEUS_KUBERNETES_LABELS
|
||||
value: {{ .Values.agent.prometheus.kubernetes_labels | quote }}
|
||||
- name: CADVISOR
|
||||
value: {{ .Values.agent.cadvisor.enabled | quote }}
|
||||
- name: CADVISOR_TIMEOUT
|
||||
value: {{ .Values.agent.cadvisor.timeout | quote }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.agent.log_level | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
{{- if .Values.agent.namespace_annotations }}
|
||||
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
|
||||
value: {{ .Values.agent.namespace_annotations | quote}}
|
||||
{{- end}}
|
||||
{{- if .Values.agent.dimensions }}
|
||||
- name: DIMENSIONS
|
||||
value: {{ .Values.agent.dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: CHECK_FREQ
|
||||
value: {{ .Values.agent.collector.check_freq | quote }}
|
||||
- name: NUM_COLLECTOR_THREADS
|
||||
value: {{ .Values.agent.collector.num_collector_threads | quote }}
|
||||
- name: POOL_FULL_MAX_TRIES
|
||||
value: {{ .Values.agent.collector.pool_full_max_retries | quote }}
|
||||
- name: SUB_COLLECTION_WARN
|
||||
value: {{ .Values.agent.collector.sub_collection_warn | quote }}
|
||||
{{- if .Values.agent.cadvisor.enable_minimum_whitelist }}
|
||||
- name: CADVISOR_MINIMUM_WHITELIST
|
||||
value: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.agent.kubernetes.enable_minimum_whitelist }}
|
||||
- name: KUBERNETES_MINIMUM_WHITELIST
|
||||
value: "true"
|
||||
{{- end }}
|
||||
- name: forwarder
|
||||
image: "{{ .Values.agent.forwarder.image.repository }}:{{ .Values.agent.forwarder.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.agent.forwarder.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.agent.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_DEFAULTS_ENABLED
|
||||
value: "{{ .Values.agent.keystone.defaults_enabled }}"
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.agent.keystone.url }}
|
||||
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.agent.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.agent.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: MONASCA_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.agent.log_level | quote }}
|
||||
- name: INSECURE
|
||||
value: {{ .Values.agent.insecure | quote }}
|
||||
- name: MAX_BATCH_SIZE
|
||||
value: {{ .Values.agent.forwarder.max_batch_size | quote }}
|
||||
- name: MAX_MEASUREMENT_BUFFER_SIZE
|
||||
value: {{ .Values.agent.forwarder.max_measurement_buffer_size | quote }}
|
||||
- name: BACKLOG_SEND_RATE
|
||||
value: {{ .Values.agent.forwarder.backlog_send_rate | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
- name: NON_LOCAL_TRAFFIC
|
||||
value: {{ .Values.agent.forwarder.non_local_traffic | quote }}
|
||||
{{- if .Values.agent.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.agent.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "agent.fullname" . }}"
|
||||
{{- end }}
|
||||
{{- end}}
|
|
@ -0,0 +1,157 @@
|
|||
{{- if .Values.agent.deployment_enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "agent.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.agent.name }}-deployment"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: "{{ .Values.agent.name }}-deployment"
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
terminationGracePeriodSeconds: {{ .Values.agent.termination_grace_period }}
|
||||
containers:
|
||||
- name: collector
|
||||
image: "{{ .Values.agent.collector.image.repository }}:{{ .Values.agent.collector.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.agent.collector.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.agent.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_DEFAULTS_ENABLED
|
||||
value: "{{ .Values.agent.keystone.defaults_enabled }}"
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.agent.keystone.url }}
|
||||
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.agent.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.agent.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: KUBERNETES_API
|
||||
value: "true"
|
||||
- name: KUBERNETES_API_TIMEOUT
|
||||
value: {{ .Values.agent.kubernetes_api.timeout | quote }}
|
||||
- name: KUBERNETES_API_LABELS
|
||||
value: {{ .Values.agent.kubernetes_api.kubernetes_labels | quote }}
|
||||
- name: PROMETHEUS
|
||||
value: {{ .Values.agent.prometheus.auto_detect_service_endpoints | quote }}
|
||||
- name: PROMETHEUS_TIMEOUT
|
||||
value: {{ .Values.agent.prometheus.timeout | quote }}
|
||||
- name: PROMETHEUS_DETECT_METHOD
|
||||
value: service
|
||||
- name: PROMETHEUS_KUBERNETES_LABELS
|
||||
value: {{ .Values.agent.prometheus.kubernetes_labels | quote }}
|
||||
- name: MONASCA_API_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.agent.log_level | quote }}
|
||||
- name: HOSTNAME_FROM_KUBERNETES
|
||||
value: "true"
|
||||
{{- if .Values.agent.namespace_annotations }}
|
||||
- name: KUBERNETES_NAMESPACE_ANNOTATIONS
|
||||
value: {{ .Values.agent.namespace_annotations | quote}}
|
||||
{{- end}}
|
||||
{{- if .Values.agent.kubernetes_api.storage.parameter_dimensions }}
|
||||
- name: STORAGE_PARAMETERS_DIMENSIONS
|
||||
value: {{ .Values.agent.kubernetes_api.storage.parameter_dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: REPORT_PERSISTENT_STORAGE
|
||||
value: {{ .Values.agent.kubernetes_api.storage.report | quote }}
|
||||
{{- if .Values.agent.dimensions }}
|
||||
- name: DIMENSIONS
|
||||
value: {{ .Values.agent.dimensions | quote}}
|
||||
{{- end}}
|
||||
- name: CHECK_FREQ
|
||||
value: {{ .Values.agent.collector.check_freq | quote }}
|
||||
- name: NUM_COLLECTOR_THREADS
|
||||
value: {{ .Values.agent.collector.num_collector_threads | quote }}
|
||||
- name: POOL_FULL_MAX_TRIES
|
||||
value: {{ .Values.agent.collector.pool_full_max_retries | quote }}
|
||||
- name: SUB_COLLECTION_WARN
|
||||
value: {{ .Values.agent.collector.sub_collection_warn | quote }}
|
||||
{{- if .Values.agent.plugins.enabled }}
|
||||
volumeMounts:
|
||||
- name: agent-config
|
||||
mountPath: /plugins.d
|
||||
{{- end}}
|
||||
- name: forwarder
|
||||
image: "{{ .Values.agent.forwarder.image.repository }}:{{ .Values.agent.forwarder.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.agent.forwarder.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.agent.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_DEFAULTS_ENABLED
|
||||
value: "{{ .Values.agent.keystone.defaults_enabled }}"
|
||||
- name: AGENT_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: AGENT_POD_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.agent.keystone.url }}
|
||||
{{- if eq (kindOf .Values.agent.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.agent.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.agent.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.agent.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.agent.keystone | indent 12 }}
|
||||
- name: MONASCA_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.agent.log_level | quote }}
|
||||
- name: INSECURE
|
||||
value: {{ .Values.agent.insecure | quote }}
|
||||
- name: MAX_BATCH_SIZE
|
||||
value: {{ .Values.agent.forwarder.max_batch_size | quote }}
|
||||
- name: MAX_MEASUREMENT_BUFFER_SIZE
|
||||
value: {{ .Values.agent.forwarder.max_measurement_buffer_size | quote }}
|
||||
- name: BACKLOG_SEND_RATE
|
||||
value: {{ .Values.agent.forwarder.backlog_send_rate | quote }}
|
||||
- name: NON_LOCAL_TRAFFIC
|
||||
value: {{ .Values.agent.forwarder.non_local_traffic | quote }}
|
||||
{{- if .Values.agent.plugins.enabled }}
|
||||
volumes:
|
||||
- name: agent-config
|
||||
configMap:
|
||||
name: {{ template "agent.fullname" . }}
|
||||
{{- end}}
|
||||
{{- if .Values.agent.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.agent.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "agent.fullname" . }}"
|
||||
{{- end }}
|
||||
{{- end}}
|
|
@ -0,0 +1,12 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.agent.serviceAccount) }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: "{{ template "agent.fullname" . }}"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.agent.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if .Values.aggregator.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "aggregator.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.aggregator.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
{{ toYaml .Values.aggregator.metric_configuration | indent 2 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,52 @@
|
|||
{{- if .Values.aggregator.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "aggregator.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.aggregator.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: {{ .Values.aggregator.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.aggregator.name }}"
|
||||
annotations:
|
||||
checksum/metric_config: {{ toYaml .Values.aggregator.metric_configuration | sha256sum }}
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/metrics"
|
||||
prometheus.io/port: "8080"
|
||||
spec:
|
||||
containers:
|
||||
- name: aggregator
|
||||
image: "{{ .Values.aggregator.image.repository }}:{{ .Values.aggregator.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.aggregator.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.aggregator.resources | indent 10 }}
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: metrics
|
||||
env:
|
||||
- name: AGGREGATION_WINDOW_SIZE
|
||||
value: {{ .Values.aggregator.window_size | quote }}
|
||||
- name: AGGREGATION_WINDOW_LAG
|
||||
value: {{ .Values.aggregator.window_lag | quote }}
|
||||
- name: KAFKA_URI
|
||||
{{- if .Values.kafka.overrideUri }}
|
||||
value: "{{ .Values.kafka.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "kafka.fullname" . }}:9092"
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: aggregator-config
|
||||
mountPath: /specs
|
||||
volumes:
|
||||
- name: aggregator-config
|
||||
configMap:
|
||||
name: {{ template "aggregator.fullname" . }}
|
||||
{{- end }}
|
|
@ -0,0 +1,59 @@
|
|||
{{- if .Values.alarm_definition_controller.controller_enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "alarm_definition_controller.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.alarm_definition_controller.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.alarm_definition_controller.name }}"
|
||||
spec:
|
||||
containers:
|
||||
- name: adc
|
||||
image: "{{ .Values.alarm_definition_controller.image.repository }}:{{ .Values.alarm_definition_controller.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.alarm_definition_controller.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.alarm_definition_controller.resources | indent 12 }}
|
||||
env:
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.alarm_definition_controller.keystone.url }}
|
||||
{{- if eq (kindOf .Values.alarm_definition_controller.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.alarm_definition_controller.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.alarm_definition_controller.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.alarm_definition_controller.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.alarm_definition_controller.keystone | indent 12 }}
|
||||
- name: MONASCA_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
{{- if .Values.alarm_definition_controller.default_notification_name }}
|
||||
- name: DEFAULT_NOTIFICATION
|
||||
value: "{{ .Values.alarm_definition_controller.default_notification_name }}"
|
||||
{{- end }}
|
||||
- name: NAMESPACE
|
||||
{{- if .Values.alarm_definition_controller.namespace }}
|
||||
value: "{{ .Values.alarm_definition_controller.namespace }}"
|
||||
{{- else }}
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
{{- end }}
|
||||
- name: VERSION
|
||||
value: "{{ .Values.alarm_definition_controller.version }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,9 @@
|
|||
{{- if .Values.alarm_definition_controller.resource_enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: ThirdPartyResource
|
||||
metadata:
|
||||
name: alarm-definition.monasca.io
|
||||
description: "A specification to create a Monasca alarm definition"
|
||||
versions:
|
||||
- name: {{ .Values.alarm_definition_controller.version }}
|
||||
{{- end }}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if .Values.alarms.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "alarms.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.alarms.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
{{ toYaml .Values.alarms.definitions_configuration | indent 2 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,82 @@
|
|||
{{- if .Values.alarms.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ template "alarms.fullname" . }}-init-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.alarms.name }}-init-job"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.alarms.name }}-init-job"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: alarms-init-job
|
||||
image: "{{ .Values.alarms.image.repository }}:{{ .Values.alarms.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.alarms.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.alarms.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_DEFAULTS_ENABLED
|
||||
value: "{{ .Values.alarms.keystone.defaults_enabled }}"
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.alarms.keystone.url }}
|
||||
{{- if eq (kindOf .Values.alarms.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.alarms.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.alarms.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.alarms.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.alarms.keystone | indent 12 }}
|
||||
- name: MONASCA_API_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
- name: MONASCA_WAIT_FOR_API
|
||||
value: "{{ .Values.alarms.wait.enabled }}"
|
||||
- name: MONASCA_API_WAIT_RETRIES
|
||||
value: "{{ .Values.alarms.wait.retries }}"
|
||||
- name: MONASCA_API_WAIT_DELAY
|
||||
value: "{{ .Values.alarms.wait.delay }}"
|
||||
{{- if .Values.alarms.notification_name }}
|
||||
- name: NOTIFICATION_NAME
|
||||
value: "{{ .Values.alarms.notification_name }}"
|
||||
{{- end }}
|
||||
{{- if .Values.alarms.notification_type }}
|
||||
- name: NOTIFICATION_TYPE
|
||||
value: "{{ .Values.alarms.notification_type }}"
|
||||
{{- end }}
|
||||
{{- if .Values.alarms.notification_address_secret }}
|
||||
- name: NOTIFICATION_ADDRESS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.alarms.notification_address_secret }}"
|
||||
key: "{{ .Values.alarms.notification_address_secret_key | default .Values.alarms.notification_address_secret }}"
|
||||
{{- else if .Values.alarms.notification_address }}
|
||||
- name: NOTIFICATION_ADDRESS
|
||||
value: "{{ .Values.alarms.notification_address }}"
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: alarms-config
|
||||
mountPath: /config/definitions.yml.j2
|
||||
subPath: definitions.yml.j2
|
||||
volumes:
|
||||
- name: alarms-config
|
||||
configMap:
|
||||
name: {{ template "alarms.fullname" . }}
|
||||
items:
|
||||
- key: definitions.yml.j2
|
||||
path: definitions.yml.j2
|
||||
{{- end }}
|
|
@ -0,0 +1,167 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "api.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.api.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: {{ .Values.api.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.api.name }}"
|
||||
{{- if .Values.api.side_container.enabled }}
|
||||
annotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/metrics"
|
||||
prometheus.io/port: "4888"
|
||||
{{- end }}
|
||||
spec:
|
||||
containers:
|
||||
- name: api
|
||||
image: "{{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.api.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.api.resources | indent 10 }}
|
||||
ports:
|
||||
- containerPort: 8070
|
||||
name: client
|
||||
env:
|
||||
- name: LOG_LEVEL_ROOT
|
||||
value: {{ .Values.api.logging.log_level_root | quote }}
|
||||
- name: LOG_LEVEL_CONSOLE
|
||||
value: {{ .Values.api.logging.log_level_console | quote }}
|
||||
- name: KAFKA_URI
|
||||
{{- if .Values.kafka.overrideUri }}
|
||||
value: "{{ .Values.kafka.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "kafka.fullname" . }}:9092"
|
||||
{{- end }}
|
||||
- name: INFLUX_HOST
|
||||
value: "{{ .Release.Name }}-influxdb"
|
||||
- name: INFLUX_PORT
|
||||
value: {{ .Values.influxdb.config.http.bind_address | quote }}
|
||||
- name: INFLUX_USER
|
||||
value: {{ .Values.api.influxdb.user | quote }}
|
||||
- name: INFLUX_PASSWORD
|
||||
value: {{ .Values.api.influxdb.password | quote }}
|
||||
- name: INFLUX_DB
|
||||
value: {{ .Values.api.influxdb.database | quote }}
|
||||
{{- if .Values.api.mysql_disabled }}
|
||||
- name: API_MYSQL_DISABLED
|
||||
value: {{ .Values.api.mysql_disabled | quote }}
|
||||
{{- end}}
|
||||
{{- if .Values.api.mysql_disabled }}
|
||||
- name: MYSQL_WAIT_RETRIES
|
||||
value: {{ .Values.api.mysql_wait_retries | quote }}
|
||||
{{- end}}
|
||||
- name: MYSQL_HOST
|
||||
{{- if .Values.api.mysql.host }}
|
||||
{{- if eq (kindOf .Values.api.mysql.host) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.api.mysql.host.secret_name }}"
|
||||
key: "{{ .Values.api.mysql.host.secret_key | default "host" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.api.mysql.host }}"
|
||||
{{- end}}
|
||||
{{- else }}
|
||||
value: "{{ .Release.Name }}-mysql"
|
||||
{{- end}}
|
||||
- name: MYSQL_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.api.mysql.username.secret_name }}
|
||||
name: "{{ .Values.api.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-api-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.api.mysql.username.secret_key | default "username" }}"
|
||||
- name: MYSQL_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.api.mysql.password.secret_name }}
|
||||
name: "{{ .Values.api.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-api-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.api.mysql.password.secret_key | default "password" }}"
|
||||
- name: MYSQL_DB
|
||||
value: "mon"
|
||||
- name: MEMCACHED_URI
|
||||
{{- if .Values.api.memcachedUri }}
|
||||
value: "{{ .Values.api.memcachedUri }}"
|
||||
{{- else if .Values.memcached.enabled }}
|
||||
value: "{{ template "memcached.fullname" . }}:{{ .Values.memcached.service.port | default "11211" }}"
|
||||
{{- else }}
|
||||
value: ""
|
||||
{{- end }}
|
||||
- name: KEYSTONE_IDENTITY_URI
|
||||
{{- if .Values.api.keystone.identity_url }}
|
||||
{{- include "monasca_secret_env" .Values.api.keystone.identity_url | indent 14 }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}"
|
||||
{{- end }}
|
||||
- name: KEYSTONE_AUTH_URI
|
||||
{{- if .Values.api.keystone.auth_url }}
|
||||
{{- include "monasca_secret_env" .Values.api.keystone.auth_url | indent 14 }}
|
||||
{{- else if .Values.keystone.override.admin_url }}
|
||||
value: "{{ .Values.keystone.override.admin_url }}"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.admin_port }}"
|
||||
{{- end }}
|
||||
- name: KEYSTONE_ADMIN_USER
|
||||
{{- include "monasca_secret_env" .Values.api.keystone.username | indent 14 }}
|
||||
- name: KEYSTONE_ADMIN_PASSWORD
|
||||
{{- include "monasca_secret_env" .Values.api.keystone.password | indent 14 }}
|
||||
- name: KEYSTONE_ADMIN_TENANT
|
||||
{{- include "monasca_secret_env" .Values.api.keystone.tenant_name | indent 14 }}
|
||||
{{- if .Values.api.auth_disabled }}
|
||||
- name: API_AUTH_DISABLED
|
||||
value: "true"
|
||||
{{- end}}
|
||||
{{- if .Values.api.authorized_roles }}
|
||||
- name: AUTHORIZED_ROLES
|
||||
value: {{ .Values.api.authorized_roles | quote }}
|
||||
{{- end}}
|
||||
{{- if .Values.api.http_proxy }}
|
||||
- name: http_proxy
|
||||
value: {{ .Values.api.http_proxy | quote }}
|
||||
- name: HTTP_PROXY
|
||||
value: {{ .Values.api.http_proxy | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.api.https_proxy }}
|
||||
- name: https_proxy
|
||||
value: {{ .Values.api.https_proxy | quote }}
|
||||
- name: HTTPS_PROXY
|
||||
value: {{ .Values.api.https_proxy | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.api.no_proxy }}
|
||||
- name: no_proxy
|
||||
value: {{ .Values.api.no_proxy | quote }}
|
||||
- name: NO_PROXY
|
||||
value: {{ .Values.api.no_proxy | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.api.side_container.enabled }}
|
||||
- name: SIDECAR_URL
|
||||
value: http://localhost:4888/v1/ingest
|
||||
{{- end }}
|
||||
- name: GUNICORN_WORKERS
|
||||
value: {{ .Values.api.gunicorn_workers | quote }}
|
||||
{{- if .Values.api.side_container.enabled }}
|
||||
- name: sidecar
|
||||
image: "{{ .Values.api.side_container.image.repository }}:{{ .Values.api.side_container.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.api.side_container.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.api.side_container.resources | indent 10 }}
|
||||
ports:
|
||||
- containerPort: 4888
|
||||
name: scrape
|
||||
{{- end }}
|
|
@ -0,0 +1,21 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.api.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "api.fullname" . }}
|
||||
spec:
|
||||
type: {{ .Values.api.service.type }}
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.api.service.port}}
|
||||
{{- if .Values.api.service.node_port }}
|
||||
nodePort: {{ .Values.api.service.node_port }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.api.name }}"
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
# while not recommended, we add a random sequence to the end of the job name
|
||||
# this job will attempt to delete itself when finished, but should it fail for
|
||||
# some reason we don't want future upgrades to fail because of a name conflict
|
||||
# (plus the future runs of this job will delete any previous iterations that
|
||||
# failed to clean themselves up)
|
||||
name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}-job"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
annotations:
|
||||
"helm.sh/hook": pre-upgrade,post-delete
|
||||
"helm.sh/hook-weight": "-5"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.cleanup.name }}-job"
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
|
||||
image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.cleanup.resources | indent 12 }}
|
||||
env:
|
||||
- name: "WAIT_RETRIES"
|
||||
value: "{{ .Values.cleanup.wait.retries }}"
|
||||
- name: "WAIT_DELAY"
|
||||
value: "{{ .Values.cleanup.wait.delay }}"
|
||||
- name: "WAIT_TIMEOUT"
|
||||
value: "{{ .Values.cleanup.wait.timeout }}"
|
||||
{{- if .Values.cleanup.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
|
||||
{{- else if .Values.rbac.create }}
|
||||
serviceAccountName: "{{ template "cleanup.fullname" . }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["get", "list", "delete", "patch"]
|
||||
- apiGroups: ["batch"]
|
||||
resources: ["jobs"]
|
||||
verbs: ["get", "list", "delete"]
|
||||
{{- end }}
|
|
@ -0,0 +1,26 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||
{{- end }}
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
namespace: "{{ .Release.Namespace }}"
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "cleanup.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
|
||||
component: "{{ .Values.cleanup.name }}"
|
||||
heritage: {{ .Release.Service }}
|
||||
release: {{ .Release.Name }}
|
||||
{{- end }}
|
|
@ -0,0 +1,48 @@
|
|||
{{- if .Values.client.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "client.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.client.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
component: "{{ .Values.client.name }}-deployment"
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
containers:
|
||||
- name: client
|
||||
image: "{{ .Values.client.image.repository }}:{{ .Values.client.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.client.image.pullPolicy }}
|
||||
command:
|
||||
- "sh"
|
||||
- "-c"
|
||||
- "while true; do sleep 86400; done"
|
||||
resources:
|
||||
{{ toYaml .Values.client.resources | indent 12 }}
|
||||
env:
|
||||
- name: OS_AUTH_URL
|
||||
{{- if .Values.client.keystone.url }}
|
||||
{{- if eq (kindOf .Values.client.keystone.url) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.client.keystone.url.secret_name }}"
|
||||
key: "{{ .Values.client.keystone.url.secret_key | default "OS_AUTH_URL" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.client.keystone.url }}"
|
||||
{{- end }}
|
||||
{{- else if .Values.keystone.override.public_url }}
|
||||
value: "{{ .Values.keystone.override.public_url }}/v3"
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.port }}/v3"
|
||||
{{- end }}
|
||||
{{ include "monasca_keystone_env" .Values.client.keystone | indent 12 }}
|
||||
- name: MONASCA_API_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0"
|
||||
{{- end }}
|
|
@ -0,0 +1,14 @@
|
|||
{{- if .Values.forwarder.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "forwarder.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.forwarder.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
{{ toYaml .Values.forwarder.metric_configuration | indent 2 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,68 @@
|
|||
{{- if .Values.forwarder.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "forwarder.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.forwarder.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: {{ .Values.forwarder.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.forwarder.name }}"
|
||||
annotations:
|
||||
checksum/metric_config: {{ toYaml .Values.forwarder.metric_configuration | sha256sum }}
|
||||
spec:
|
||||
containers:
|
||||
- name: forwarder
|
||||
image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.forwarder.resources | indent 10 }}
|
||||
env:
|
||||
- name: MONASCA_PROJECT_ID
|
||||
value: {{ .Values.forwarder.config.monasca_project_id | quote }}
|
||||
- name: REMOTE_API_URL
|
||||
value: {{ .Values.forwarder.config.remote_api_url | quote }}
|
||||
- name: DEBUG
|
||||
value: {{ .Values.forwarder.logging.debug | quote }}
|
||||
- name: VERBOSE
|
||||
value: {{ .Values.forwarder.logging.verbose | quote }}
|
||||
- name: ZOOKEEPER_URL
|
||||
{{- if .Values.zookeeper.overrideUri }}
|
||||
value: "{{ .Values.zookeeper.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "zookeeper.fullname" . }}:2181"
|
||||
{{- end }}
|
||||
- name: KAFKA_URI
|
||||
{{- if .Values.kafka.overrideUri }}
|
||||
value: "{{ .Values.kafka.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "kafka.fullname" . }}:9092"
|
||||
{{- end }}
|
||||
- name: USE_INSECURE
|
||||
value: {{ .Values.forwarder.config.use_insecure | quote}}
|
||||
- name: MONASCA_ROLE
|
||||
value: {{ .Values.forwarder.config.monasca_role | quote }}
|
||||
{{- if .Values.forwarder.metric_project_id }}
|
||||
- name: METRIC_PROJECT_ID
|
||||
value: {{ .Values.forwarder.config.metric_project_id | quote }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: forwarder-config
|
||||
mountPath: /config/forwarder_metric_match.yml.j2
|
||||
subPath: forwarder_metric_match.yml.j2
|
||||
volumes:
|
||||
- name: forwarder-config
|
||||
configMap:
|
||||
name: {{ template "forwarder.fullname" . }}
|
||||
items:
|
||||
- key: forwarder_metric_match.yml
|
||||
path: forwarder_metric_match.yml.j2
|
||||
{{- end }}
|
|
@ -0,0 +1,37 @@
|
|||
{{- if .Values.grafana.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "grafana.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.grafana.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
data:
|
||||
grafana.ini: |
|
||||
[paths]
|
||||
plugins = /var/lib/grafana/plugins
|
||||
|
||||
[auth.basic]
|
||||
enabled = false
|
||||
|
||||
[users]
|
||||
allow_sign_up = true
|
||||
allow_org_create = true
|
||||
|
||||
[auth.keystone]
|
||||
enabled = true
|
||||
verify_ssl_cert = false
|
||||
v3 = true
|
||||
default_domain = Default
|
||||
|
||||
[log.console]
|
||||
level = trace
|
||||
|
||||
[database]
|
||||
type = mysql
|
||||
name = grafana
|
||||
ssl_mode = disable
|
||||
{{- end}}
|
|
@ -0,0 +1,76 @@
|
|||
{{- if .Values.grafana.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "grafana.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.grafana.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.grafana.name }}"
|
||||
spec:
|
||||
containers:
|
||||
- name: grafana
|
||||
image: "{{ .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.grafana.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.grafana.resources | indent 12 }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 3000
|
||||
volumeMounts:
|
||||
- name: grafana-config
|
||||
mountPath: /etc/grafana
|
||||
env:
|
||||
- name: GF_AUTH_KEYSTONE_AUTH_URL
|
||||
{{- if .Values.grafana.keystone_url }}
|
||||
{{- include "monasca_secret_env" .Values.grafana.keystone_url | indent 14 }}
|
||||
{{- else }}
|
||||
value: "http://{{ template "keystone.fullname" . }}:{{ .Values.keystone.service.admin_port }}"
|
||||
{{- end }}
|
||||
- name: GF_DATABASE_HOST
|
||||
{{- if .Values.grafana.mysql.host }}
|
||||
{{- if eq (kindOf .Values.grafana.mysql.host) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.grafana.mysql.host.secret_name }}"
|
||||
key: "{{ .Values.grafana.mysql.host.secret_key | default "host" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.grafana.mysql.host }}"
|
||||
{{- end}}
|
||||
{{- else }}
|
||||
value: "{{ .Release.Name }}-mysql"
|
||||
{{- end}}
|
||||
- name: GF_DATABASE_PORT
|
||||
{{- include "monasca_secret_env" .Values.grafana.mysql.port | indent 14 }}
|
||||
- name: GF_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.grafana.mysql.password.secret_name}}
|
||||
name: "{{ .Values.grafana.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-grafana-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.grafana.mysql.password.secret_key | default "password" }}"
|
||||
- name: GF_DATABASE_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.grafana.mysql.username.secret_name}}
|
||||
name: "{{ .Values.grafana.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-grafana-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.grafana.mysql.username.secret_key | default "username" }}"
|
||||
volumes:
|
||||
- name: grafana-config
|
||||
configMap:
|
||||
name: {{ template "grafana.fullname" . }}
|
||||
{{- end}}
|
|
@ -0,0 +1,41 @@
|
|||
{{- if .Values.grafana.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ template "grafana.fullname" . }}-init-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.grafana.name }}-init-job"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.grafana.name }}-init-job"
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: grafana-init-job
|
||||
image: "{{ .Values.grafana_init.image.repository }}:{{ .Values.grafana_init.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.grafana_init.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.grafana_init.resources | indent 12 }}
|
||||
env:
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.grafana_init.log_level }}
|
||||
- name: GRAFANA_URL
|
||||
{{- if $.Values.grafana.simple_name }}
|
||||
value: "http://{{ $.Values.grafana.name}}:{{ .Values.grafana.service.port }}"
|
||||
{{- else }}
|
||||
value: "http://{{ template "grafana.fullname" . }}:{{ .Values.grafana.service.port }}"
|
||||
{{- end }}
|
||||
- name: GRAFANA_USERNAME
|
||||
{{- include "monasca_secret_env" .Values.grafana_init.username | indent 14 }}
|
||||
- name: GRAFANA_PASSWORD
|
||||
{{- include "monasca_secret_env" .Values.grafana_init.password | indent 14 }}
|
||||
- name: DATASOURCE_URL
|
||||
value: "http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}"
|
||||
{{- end}}
|
|
@ -0,0 +1,24 @@
|
|||
{{- if .Values.grafana.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
{{- if $.Values.grafana.simple_name }}
|
||||
name: {{ $.Values.grafana.name }}
|
||||
{{- else }}
|
||||
name: {{ template "grafana.fullname" . }}
|
||||
{{- end }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.grafana.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
type: {{ .Values.grafana.service.type }}
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.grafana.service.port }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.grafana.name }}"
|
||||
{{- end}}
|
|
@ -0,0 +1,31 @@
|
|||
{{- if .Values.influx_init.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-influx-init-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: influx-init-job
|
||||
image: "{{ .Values.influx_init.image.repository }}:{{ .Values.influx_init.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.influx_init.image.pullPolicy }}
|
||||
env:
|
||||
- name: INFLUXDB_URL
|
||||
value: "http://{{ .Release.Name }}-influxdb:{{ .Values.influxdb.config.http.bind_address }}"
|
||||
- name: INFLUXDB_SHARD_DURATION
|
||||
value: {{ .Values.influx_init.shard_duration | quote }}
|
||||
- name: INFLUXDB_DEFAULT_RETENTION
|
||||
value: {{ .Values.influx_init.default_retention | quote }}
|
||||
resources:
|
||||
{{ toYaml .Values.influx_init.resources | indent 12 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,63 @@
|
|||
{{- if .Values.keystone.enabled }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.keystone.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "keystone.fullname" . }}
|
||||
data:
|
||||
preload.yml: |
|
||||
users:
|
||||
- username: mini-mon
|
||||
password: {{ .Values.keystone.users.mini_mon.password }}
|
||||
project: mini-mon
|
||||
role: monasca-user
|
||||
|
||||
- username: monasca-agent
|
||||
password: {{ .Values.keystone.users.monasca_agent.password }}
|
||||
project: mini-mon
|
||||
role: monasca-agent
|
||||
|
||||
- username: mini-mon
|
||||
password: {{ .Values.keystone.users.mini_mon.password }}
|
||||
project: mini-mon
|
||||
role: admin
|
||||
|
||||
- username: admin
|
||||
password: {{ .Values.keystone.users.admin.password }}
|
||||
project: admin
|
||||
role: monasca-user
|
||||
|
||||
- username: demo
|
||||
password: {{ .Values.keystone.users.demo.password }}
|
||||
project: demo
|
||||
role: monasca-user
|
||||
|
||||
- username: monasca-read-only-user
|
||||
password: {{ .Values.keystone.users.monasca_read_only.password }}
|
||||
project: mini-mon
|
||||
role: monasca-read-only-user
|
||||
|
||||
endpoints:
|
||||
- name: monasca
|
||||
description: Monasca monitoring service
|
||||
type: monitoring
|
||||
region: RegionOne
|
||||
interfaces:
|
||||
- name: internal
|
||||
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
|
||||
- name: public
|
||||
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
|
||||
{{- if .Values.api.service.node_port }}
|
||||
resolve: true
|
||||
{{- end }}
|
||||
- name: admin
|
||||
url: http://{{ template "api.fullname" . }}:{{ .Values.api.service.port }}/v2.0
|
||||
{{- if .Values.api.service.node_port }}
|
||||
resolve: true
|
||||
{{- end }}
|
||||
{{- end}}
|
|
@ -0,0 +1,85 @@
|
|||
{{- if .Values.keystone.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.keystone.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "keystone.fullname" . }}
|
||||
spec:
|
||||
replicas: {{ .Values.keystone.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.keystone.name }}"
|
||||
spec:
|
||||
volumes:
|
||||
- name: preload-config
|
||||
configMap:
|
||||
name: {{ template "keystone.fullname" . }}
|
||||
items:
|
||||
- key: preload.yml
|
||||
path: preload.yml
|
||||
containers:
|
||||
- name: keystone
|
||||
image: "{{ .Values.keystone.image.repository }}:{{ .Values.keystone.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.keystone.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.keystone.resources | indent 12 }}
|
||||
env:
|
||||
- name: KEYSTONE_HOST
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.podIP
|
||||
- name: KEYSTONE_USERNAME
|
||||
value: {{ .Values.keystone.bootstrap.user | quote }}
|
||||
- name: KEYSTONE_PASSWORD
|
||||
value: {{ .Values.keystone.bootstrap.password | quote }}
|
||||
- name: KEYSTONE_PROJECT
|
||||
value: {{ .Values.keystone.bootstrap.project | quote }}
|
||||
- name: KEYSTONE_ROLE
|
||||
value: {{ .Values.keystone.bootstrap.role | quote }}
|
||||
- name: KEYSTONE_SERVICE
|
||||
value: {{ .Values.keystone.bootstrap.service | quote }}
|
||||
- name: KEYSTONE_REGION
|
||||
value: {{ .Values.keystone.bootstrap.region | quote }}
|
||||
- name: KEYSTONE_DATABASE_BACKEND
|
||||
value: {{ .Values.keystone.database_backend | quote }}
|
||||
- name: KEYSTONE_MYSQL_HOST
|
||||
value: "{{ .Release.Name }}-mysql"
|
||||
- name: KEYSTONE_MYSQL_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Release.Name }}-mysql-keystone-secret"
|
||||
key: username
|
||||
- name: KEYSTONE_MYSQL_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Release.Name }}-mysql-keystone-secret"
|
||||
key: password
|
||||
- name: KEYSTONE_MYSQL_DATABASE
|
||||
value: {{ .Values.keystone.mysql.database | quote }}
|
||||
- name: KEYSTONE_MYSQL_TCP_PORT
|
||||
value: "3306"
|
||||
{{- if .Values.keystone.service.node_port }}
|
||||
{{- if .Values.keystone.service.admin_node_port }}
|
||||
- name: KUBERNETES_RESOLVE_PUBLIC_ENDPOINTS
|
||||
value: "true"
|
||||
- name: KEYSTONE_SERVICE_NAME
|
||||
value: "{{ template "keystone.fullname" . }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 5000
|
||||
- name: admin
|
||||
containerPort: 35357
|
||||
volumeMounts:
|
||||
- name: preload-config
|
||||
mountPath: /preload.yml
|
||||
subPath: preload.yml
|
||||
{{- end}}
|
|
@ -0,0 +1,30 @@
|
|||
{{- if .Values.keystone.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.keystone.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "keystone.fullname" . }}
|
||||
spec:
|
||||
type: {{ .Values.keystone.service.type }}
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.keystone.service.port }}
|
||||
targetPort: http
|
||||
{{- if .Values.keystone.service.node_port }}
|
||||
nodePort: {{ .Values.keystone.service.node_port }}
|
||||
{{- end }}
|
||||
- name: admin
|
||||
port: {{ .Values.keystone.service.admin_port }}
|
||||
targetPort: admin
|
||||
{{- if .Values.keystone.service.admin_node_port }}
|
||||
nodePort: {{ .Values.keystone.service.admin_node_port }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.keystone.name }}"
|
||||
{{- end}}
|
|
@ -0,0 +1,29 @@
|
|||
{{- if .Values.memcached.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "memcached.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.memcached.name }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
replicas: {{ .Values.memcached.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.memcached.name }}"
|
||||
spec:
|
||||
containers:
|
||||
- name: memcached
|
||||
image: "{{ .Values.memcached.image.repository }}:{{ .Values.memcached.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.memcached.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.memcached.resources | indent 10 }}
|
||||
ports:
|
||||
- containerPort: 11211
|
||||
name: memcached
|
||||
{{- end }}
|
|
@ -0,0 +1,24 @@
|
|||
{{- if .Values.memcached.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.memcached.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "memcached.fullname" . }}
|
||||
spec:
|
||||
type: {{ .Values.memcached.service.type | default "ClusterIP" }}
|
||||
ports:
|
||||
- name: memcached
|
||||
port: {{ .Values.memcached.service.port | default "11211" }}
|
||||
targetPort: memcached
|
||||
{{- if .Values.memcached.service.node_port }}
|
||||
nodePort: {{ .Values.memcached.service.node_port }}
|
||||
{{- end }}
|
||||
selector:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.memcached.name }}"
|
||||
{{- end}}
|
|
@ -0,0 +1,13 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-mysql-api-secret"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
type: Opaque
|
||||
data:
|
||||
username: {{ b64enc .Values.mysql.users.api.username | quote }}
|
||||
password: {{ b64enc .Values.mysql.users.api.password | quote }}
|
|
@ -0,0 +1,17 @@
|
|||
{{- if .Values.grafana.enabled }}
|
||||
{{- if .Values.grafana.local_mysql_enabled }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-mysql-grafana-secret"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
type: Opaque
|
||||
data:
|
||||
username: {{ b64enc .Values.mysql.users.grafana.username | quote }}
|
||||
password: {{ b64enc .Values.mysql.users.grafana.password | quote }}
|
||||
{{- end}}
|
||||
{{- end}}
|
|
@ -0,0 +1,128 @@
|
|||
{{- if .Values.mysql_init.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-mysql-init-job
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: mysql-init-job
|
||||
image: "{{ .Values.mysql_init.image.repository }}:{{ .Values.mysql_init.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.mysql_init.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.mysql_init.resources | indent 12 }}
|
||||
env:
|
||||
- name: MYSQL_INIT_DISABLE_REMOTE_ROOT
|
||||
value: {{ .Values.mysql_init.disable_remote_root | quote }}
|
||||
- name: MYSQL_INIT_RANDOM_PASSWORD
|
||||
value: "false"
|
||||
- name: MYSQL_INIT_HOST
|
||||
{{- if .Values.mysql_init.host }}
|
||||
{{- if eq (kindOf .Values.mysql_init.host) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.mysql_init.host.secret_name }}"
|
||||
key: "{{ .Values.mysql_init.host.secret_key }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.mysql_init.host }}"
|
||||
{{- end}}
|
||||
{{- else }}
|
||||
value: "{{ .Release.Name }}-mysql"
|
||||
{{- end}}
|
||||
- name: MYSQL_INIT_USERNAME
|
||||
{{- include "monasca_secret_env" .Values.mysql_init.username | indent 14 }}
|
||||
- name: MYSQL_INIT_PASSWORD
|
||||
{{- include "monasca_secret_env" .Values.mysql_init.password | indent 14 }}
|
||||
- name: MYSQL_INIT_PORT
|
||||
{{- include "monasca_secret_env" .Values.mysql_init.port | indent 14 }}
|
||||
- name: CREATE_MON_USERS
|
||||
value: {{ .Values.mysql_init.create_mon_users | quote }}
|
||||
- name: GRAFANA_DB_ENABLED
|
||||
value: {{ .Values.mysql_init.grafana_db_enabled | quote }}
|
||||
- name: KEYSTONE_DB_ENABLED
|
||||
value: {{ .Values.mysql_init.keystone_db_enabled | quote }}
|
||||
{{- if .Values.mysql_init.keystone_db_enabled }}
|
||||
- name: KEYSTONE_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.keystone.mysql.username.secret_name }}
|
||||
name: "{{ .Values.keystone.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-keystone-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.keystone.mysql.username.secret_key | default "username" }}"
|
||||
- name: KEYSTONE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.keystone.mysql.password.secret_name }}
|
||||
name: "{{ .Values.keystone.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-keystone-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.keystone.mysql.password.secret_key | default "password" }}"
|
||||
{{- end}}
|
||||
- name: API_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.api.mysql.username.secert_key }}
|
||||
name: "{{ .Values.api.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-api-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.api.mysql.username.secret_key | default "username" }}"
|
||||
- name: API_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.api.mysql.password.secert_key }}
|
||||
name: "{{ .Values.api.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-api-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.api.mysql.password.secret_key | default "password" }}"
|
||||
- name: NOTIFICATION_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.notification.mysql.username.secret_name }}
|
||||
name: "{{ .Values.notification.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-notification-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.notification.mysql.username.secret_key | default "username" }}"
|
||||
- name: NOTIFICATION_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.notification.mysql.password.secret_name }}
|
||||
name: "{{ .Values.notification.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-notification-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.notification.mysql.password.secret_key | default "password" }}"
|
||||
- name: THRESH_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.thresh.mysql.username.secret_name }}
|
||||
name: "{{ .Values.thresh.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-thresh-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.thresh.mysql.username.secret_key | default "username" }}"
|
||||
- name: THRESH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.thresh.mysql.password.secret_name }}
|
||||
name: "{{ .Values.thresh.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-thresh-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.thresh.mysql.password.secret_key | default "password" }}"
|
||||
{{- end }}
|
|
@ -0,0 +1,13 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-mysql-keystone-secret"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
type: Opaque
|
||||
data:
|
||||
username: {{ b64enc .Values.mysql.users.keystone.username | quote }}
|
||||
password: {{ b64enc .Values.mysql.users.keystone.password | quote }}
|
|
@ -0,0 +1,13 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-mysql-notification-secret"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
type: Opaque
|
||||
data:
|
||||
username: {{ b64enc .Values.mysql.users.notification.username | quote }}
|
||||
password: {{ b64enc .Values.mysql.users.notification.password | quote }}
|
|
@ -0,0 +1,13 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-mysql-thresh-secret"
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
type: Opaque
|
||||
data:
|
||||
username: {{ b64enc .Values.mysql.users.thresh.username | quote }}
|
||||
password: {{ b64enc .Values.mysql.users.thresh.password | quote }}
|
|
@ -0,0 +1,141 @@
|
|||
{{- if .Values.notification.enabled }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Values.notification.name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
name: {{ template "notification.fullname" . }}
|
||||
spec:
|
||||
replicas: {{ .Values.notification.replicaCount }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "fullname" . }}
|
||||
component: "{{ .Values.notification.name }}"
|
||||
spec:
|
||||
containers:
|
||||
- name: notification
|
||||
image: "{{ .Values.notification.image.repository }}:{{ .Values.notification.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.notification.image.pullPolicy }}
|
||||
resources:
|
||||
{{ toYaml .Values.notification.resources | indent 12 }}
|
||||
env:
|
||||
- name: MYSQL_DB_HOST
|
||||
{{- if .Values.notification.mysql.host }}
|
||||
{{- if eq (kindOf .Values.notification.mysql.host) "map" }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.notification.mysql.host.secret_name }}"
|
||||
key: "{{ .Values.notification.mysql.host.secret_key | default "host" }}"
|
||||
{{- else }}
|
||||
value: "{{ .Values.notification.mysql.host }}"
|
||||
{{- end}}
|
||||
{{- else }}
|
||||
value: "{{ .Release.Name }}-mysql"
|
||||
{{- end}}
|
||||
- name: MYSQL_DB_PORT
|
||||
{{- include "monasca_secret_env" .Values.notification.mysql.port | indent 14 }}
|
||||
- name: MYSQL_DB_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.notification.mysql.username.secret_name }}
|
||||
name: "{{ .Values.notification.mysql.username.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-notification-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.notification.mysql.username.secret_key | default "username" }}"
|
||||
- name: MYSQL_DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
{{- if .Values.notification.mysql.password.secret_name }}
|
||||
name: "{{ .Values.notification.mysql.password.secret_name }}"
|
||||
{{- else }}
|
||||
name: "{{ .Release.Name }}-mysql-notification-secret"
|
||||
{{- end}}
|
||||
key: "{{ .Values.notification.mysql.password.secret_key | default "password" }}"
|
||||
- name: MYSQL_DB_DATABASE
|
||||
value: "mon"
|
||||
- name: KAFKA_URI
|
||||
{{- if .Values.kafka.overrideUri }}
|
||||
value: "{{ .Values.kafka.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "kafka.fullname" . }}:9092"
|
||||
{{- end }}
|
||||
- name: ZOOKEEPER_URL
|
||||
{{- if .Values.zookeeper.overrideUri }}
|
||||
value: "{{ .Values.zookeeper.overrideUri }}"
|
||||
{{- else }}
|
||||
value: "{{ template "zookeeper.fullname" . }}:2181"
|
||||
{{- end }}
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.notification.log_level | quote }}
|
||||
- name: NF_PLUGINS
|
||||
value: {{ .Values.notification.plugins | quote }}
|
||||
{{- if .Values.notification.plugin_config.email.defined }}
|
||||
- name: NF_EMAIL_SERVER
|
||||
value: {{ .Values.notification.plugin_config.email.server | quote }}
|
||||
- name: NF_EMAIL_PORT
|
||||
value: {{ .Values.notification.plugin_config.email.port | quote }}
|
||||
{{- if .Values.notification.plugin_config.email.user }}
|
||||
- name: NF_EMAIL_USER
|
||||
value: {{ .Values.notification.plugin_config.email.user | quote }}
|
||||
- name: NF_EMAIL_PASSWORD
|
||||
value: {{ .Values.notification.plugin_config.email.password | quote }}
|
||||
{{- end }}
|
||||
- name: NF_EMAIL_FROM_ADDR
|
||||
value: {{ .Values.notification.plugin_config.email.from_addr | quote }}
|
||||
{{- end }}
|
||||
- name: NF_WEBHOOK_TIMEOUT
|
||||
value: {{ .Values.notification.plugin_config.webhook.timeout | quote }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.ssl_certs }}
|
||||
- name: NF_HIPCHAT_SSL_CERTS
|
||||
value: {{ .Values.notification.plugin_config.hipchat.ssl_certs | quote }}
|
||||
{{- end }}
|
||||
- name: NF_HIPCHAT_TIMEOUT
|
||||
value: {{ .Values.notification.plugin_config.hipchat.timeout | quote }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.insecure }}
|
||||
- name: NF_HIPCHAT_INSECURE
|
||||
value: {{ .Values.notification.plugin_config.hipchat.insecure | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.proxy }}
|
||||
- name: NF_HIPCHAT_PROXY
|
||||
value: {{ .Values.notification.plugin_config.hipchat.proxy | quote }}
|
||||
{{- end }}
|
||||
- name: NF_SLACK_TIMEOUT
|
||||
value: {{ .Values.notification.plugin_config.slack.timeout | quote }}
|
||||
{{- if .Values.notification.plugin_config.slack.certs }}
|
||||
- name: NF_SLACK_CERTS
|
||||
value: {{ .Values.notification.plugin_config.slack.certs | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.slack.insecure }}
|
||||
- name: NF_SLACK_INSECURE
|
||||
value: {{ .Values.notification.plugin_config.slack.insecure | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.slack.proxy }}
|
||||
- name: NF_SLACK_PROXY
|
||||
value: {{ .Values.notification.plugin_config.slack.proxy | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.template }}
|
||||
- name: NF_HIPCHAT_TEMPLATE
|
||||
value: "/hipchat-template.yml.j2"
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.template }}
|
||||
volumeMounts:
|
||||
- name: hipchat-template
|
||||
mountPath: /hipchat-template.yml.j2
|
||||
subPath: hipchat-template.yml.j2
|
||||
{{- end }}
|
||||
{{- if .Values.notification.plugin_config.hipchat.template }}
|
||||
volumes:
|
||||
- name: hipchat-template
|
||||
configMap:
|
||||
name: "{{ template "notification.fullname" . }}-hipchat-template"
|
||||
items:
|
||||
- key: hipchat-template.yml.j2
|
||||
path: hipchat-template.yml.j2
|
||||
{{- end }}
|
||||
{{- end}}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue