Skip to content

C
charts
Commit 5a0e217c by Guangbo Chen
Options

update chart questions and folders

parent f390632d
Showing with 4514 additions and 1096 deletions
charts/magento/0/Chart.yaml charts/magento/Chart.yaml
name: magento
version: 0.6.6
version: 1.0.1
appVersion: 2.2.3
description: A feature-rich flexible e-commerce solution. It includes transaction options, multi-store functionality, loyalty programs, product categorization and shopper filtering, promotion rules, and more.
keywords:
......
charts/magento/0/OWNERS charts/magento/OWNERS
......@@ -2,7 +2,9 @@ approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
charts/magento/0/README.md charts/magento/README.md
# Magento
[Magento](https://magento.org/) is a feature-rich flexible e-commerce solution. It includes transaction options, multi-store functionality, loyalty programs, product categorization and shopper filtering, promotion rules, and more.
## TL;DR;
```console
$ helm install stable/magento
```
## Introduction
This chart bootstraps a [Magento](https://github.com/bitnami/bitnami-docker-magento) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [Bitnami MariaDB chart](https://github.com/kubernetes/charts/tree/master/stable/mariadb) which is required for bootstrapping a MariaDB deployment as a database for the Magento application.
## Prerequisites
- Kubernetes 1.4+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm install --name my-release stable/magento
```
The command deploys Magento on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the Magento chart and their default values.
| Parameter | Description | Default |
|------------------------------------|------------------------------------------|----------------------------------------------------------|
| `image` | Magento image | `bitnami/magento:{VERSION}` |
| `imagePullPolicy` | Image pull policy | `Always` if `image` tag is `latest`, else `IfNotPresent` |
| `image.registry` | Magento image registry | `docker.io` |
| `image.repository` | Magento Image name | `bitnami/magento` |
| `image.tag` | Magento Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `magentoHost` | Magento host to create application URLs | `nil` |
| `magentoLoadBalancerIP` | `loadBalancerIP` for the magento Service | `nil` |
| `magentoUsername` | User of the application | `user` |
......
charts/magento/app-readme.md 0 → 100644
# Magento
[Magento](https://magento.org/) is a feature-rich flexible e-commerce solution. It includes transaction options, multi-store functionality, loyalty programs, product categorization and shopper filtering, promotion rules, and more.
## Introduction
This chart bootstraps a [Magento](https://github.com/bitnami/bitnami-docker-magento) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [Bitnami MariaDB chart](https://github.com/kubernetes/charts/tree/master/stable/mariadb) which is required for bootstrapping a MariaDB deployment as a database for the Magento application.
charts/magento/0/questions.yml charts/magento/questions.yml
categories:
- E-commerce
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.registry
default: "docker.io"
description: "Magento image registry "
type: string
label: Magento Image Registry
- variable: image.repository
default: "bitnami/magento"
description: "Magento image name"
type: string
label: Magento Image Name
- variable: image.tag
default: "2.2.3"
description: "Magento image tag"
type: string
label: Image Tag
- variable: magentoHost
default: ""
description: "Magento host to create application URLs"
type: string
label: Magento Host URL
required: true
- variable: magentoUsername
default: "user"
description: "User of the application"
type: string
label: Magento Username
required: true
- variable: magentoPassword
default: ""
description: "Application password(defualt random 10 character long alphanumeric string if not set)"
type: password
label: Magento Password
- variable: magentoEmail
default: "user@example.com"
description: "Admin email"
......@@ -19,22 +57,53 @@ questions:
- "true"
- "false"
required: true
label: MariaDB Enabled
- variable: mariadb.mariadbDatabase
default: "magento"
description: "Database name to create"
label: Install MariaDB
subquestions:
- variable: mariadb.mariadbDatabase
default: "magento"
description: "Database name to create"
type: string
label: MariaDB Database
- variable: mariadb.mariadbUser
default: "magento"
description: "Database user to create"
type: string
label: MariaDB User
- variable: mariadb.mariadbPassword
default: ""
description: "Password for the database(defualt random 10 character long alphanumeric string)"
label: MariaDB Password
type: string
- variable: externalDatabase.host
default: ""
description: "Host of the external database"
type: string
label: MariaDB Database
- variable: mariadb.mariadbUser
default: "magento"
description: "Database user to create"
label: External Database Host
show_if: "mariadb.enabled=false"
- variable: externalDatabase.user
default: ""
description: "Existing username in the external DB"
type: string
label: MariaDB User
- variable: mariadb.mariadbPassword
label: External Database username
show_if: "mariadb.enabled=false"
- variable: externalDatabase.password
default: ""
description: "external database password"
type: password
label: External Database password
show_if: "mariadb.enabled=false"
- variable: externalDatabase.database
default: ""
description: "Password for the database(defualt random 10 character long alphanumeric string)"
label: MariaDB Password
description: "Name of the existing database"
type: string
label: External Database
show_if: "mariadb.enabled=false"
- variable: externalDatabase.port
default: "3306"
description: "External database port number "
type: string
label: External Database Port
show_if: "mariadb.enabled=false"
- variable: mariadb.persistence.enabled
default: "false"
description: "Enable persistence using PVC of MariaDB"
......@@ -44,22 +113,25 @@ questions:
- "false"
required: true
label: MariaDB Persistent Volume Enabled
- variable: mariadb.persistence.size
default: "8Gi"
description: "MariaDB Persistent Volume Size"
type: string
label: MariaDB Volume Size
- variable: mariadb.persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MariaDB
show_if: "mariadb.enabled=true"
show_subquestion_if: true
subquestions:
- variable: mariadb.persistence.size
default: "8Gi"
description: "MariaDB Persistent Volume Size"
type: string
label: MariaDB Volume Size
- variable: mariadb.persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MariaDB
- variable: serviceType
default: "ClusterIP"
default: "LoadBalancer"
description: "Magento Service type"
type: enum
options:
- "ClusterIP"
- "LoadBalancer"
required: true
label: Magento Service Type
- variable: magentoMode
......@@ -80,13 +152,24 @@ questions:
- "false"
required: true
label: Persistent Volume Enabled
- variable: persistence.size
default: "8Gi"
description: "Persistent Volume Size"
type: string
label: Persistent Volume Size
- variable: persistence.magento.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class of Magento
subquestions:
- variable: persistence.magento.size
default: "8Gi"
description: "Persistent Volume Size"
type: string
label: Persistent Volume Size
- variable: persistence.magento.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for Magento
- variable: persistence.apache.size
default: "1Gi"
description: "Persistent Volume Size"
type: string
label: Persistent Volume Size
- variable: persistence.apache.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for Apache
charts/magento/0/templates/deployment.yaml charts/magento/templates/deployment.yaml
......@@ -14,10 +14,16 @@ spec:
labels:
app: {{ template "magento.fullname" . }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end }}
containers:
- name: {{ template "magento.fullname" . }}
image: "{{ .Values.image }}"
imagePullPolicy: {{ .Values.imagePullPolicy | quote }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: MARIADB_HOST
{{- if .Values.mariadb.enabled }}
......
charts/magento/0/values.yaml charts/magento/values.yaml
## Bitnami Magento image version
## ref: https://hub.docker.com/r/bitnami/magento/tags/
##
image: bitnami/magento:2.2.3-r1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
# imagePullPolicy:
image:
registry: docker.io
repository: bitnami/magento
tag: 2.2.3
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Magento host to create application URLs
## ref: https://github.com/bitnami/bitnami-docker-magento#configuration
......@@ -64,103 +71,103 @@ allowEmptyPassword: "yes"
## External database configuration
##
externalDatabase:
## Database host
host:
## Database host
host:
## Database host
port: 3306
## Database host
port: 3306
## Database user
user: bn_magento
## Database user
user: bn_magento
## Database password
password:
## Database password
password:
## Database name
database: bitnami_magento
## Database name
database: bitnami_magento
##
## MariaDB chart configuration
##
mariadb:
## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
enabled: true
## MariaDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mariadbRootPassword:
## Create a database
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run
##
mariadbDatabase: bitnami_magento
## Create a database user
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
mariadbUser: bn_magento
## Password for mariadbUser
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
mariadbPassword: magento_db_password
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
enabled: true
## mariadb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
## MariaDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mariadbRootPassword:
## Create a database
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run
##
mariadbDatabase: bitnami_magento
## Create a database user
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
mariadbUser: bn_magento
## Password for mariadbUser
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
mariadbPassword: magento_db_password
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## mariadb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
## Kubernetes configuration
## For minikube, set this to NodePort, elsewhere use LoadBalancer
##
serviceType: NodePort
serviceType: LoadBalancer
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
apache:
## apache data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 1Gi
magento:
## magento data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
enabled: true
apache:
## apache data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 1Gi
magento:
## magento data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 512Mi
cpu: 300m
requests:
memory: 512Mi
cpu: 300m
charts/mariadb/Chart.yaml 0 → 100644
name: mariadb
version: 3.0.3
appVersion: 10.1.32
description: Fast, reliable, scalable, and easy to use open-source relational database system. MariaDB Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software.
keywords:
- mariadb
- mysql
- database
- sql
- prometheus
home: https://mariadb.org
icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png
sources:
- https://github.com/bitnami/bitnami-docker-mariadb
- https://github.com/prometheus/mysqld_exporter
maintainers:
- name: bitnami-bot
email: containers@bitnami.com
engine: gotpl
charts/redis/0/OWNERS charts/mariadb/OWNERS
......@@ -2,7 +2,9 @@ approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
charts/mariadb/README.md 0 → 100644
## Configuration
The following table lists the configurable parameters of the MariaDB chart and their default values.
| Parameter | Description | Default |
| ---------------------------- | ------------------------------------------ | ------------------------------------------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB Image name | `bitnami/mariadb` |
| `image.tag` | MariaDB Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `service.type` | Kubernetes service type to expose | `ClusterIP` |
| `service.nodePort` | Port to bind to for NodePort service type | `nil` |
| `service.annotations` | Additional annotations to add to service | `nil` |
| `usePassword` | Enable password authentication | `true` |
| `mariadbRootPassword` | Password for the `root` user. | Randomly generated |
| `mariadbUser` | Username of new user to create. | `nil` |
| `mariadbPassword` | Password for the new user. | `nil` |
| `mariadbDatabase` | Name for new database to create. | `nil` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.existingClaim` | Use an existing PVC | `nil` |
| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.size` | Size of data volume | `8Gi` |
| `resources` | CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `250m` |
| `config` | Multi-line string for my.cnf configuration | `nil` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image` | Exporter image | `prom/mysqld-exporter` |
| `metrics.imageTag` | Exporter image | `v0.10.0` |
| `metrics.imagePullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.resources` | Exporter resource requests/limit | `nil` |
| `securitySettings.runAsUser` | DAC UID for containers in this Deployment | `1001` |
| `securitySettings.fsGroup` | DAC GID for containers in this Deployment | `1001` |
The above parameters map to the env variables defined in [bitnami/mariadb](http://github.com/bitnami/bitnami-docker-mariadb). For more information please refer to the [bitnami/mariadb](http://github.com/bitnami/bitnami-docker-mariadb) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set mariadbRootPassword=secretpassword,mariadbUser=my-user,mariadbPassword=my-password,mariadbDatabase=my-database \
stable/mariadb
```
The above command sets the MariaDB `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/mariadb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
### Custom my.cnf configuration
The Bitnami MariaDB image allows you to provide a custom `my.cnf` file for configuring MariaDB.
This Chart uses the `config` value to mount a custom `my.cnf` using a [ConfigMap](http://kubernetes.io/docs/user-guide/configmap/).
You can configure this by creating a YAML file that defines the `config` property as a multi-line string in the format of a `my.cnf` file.
For example:
```bash
cat > mariadb-values.yaml <<EOF
config: |-
[mysqld]
max_allowed_packet = 64M
sql_mode=STRICT_ALL_TABLES
ft_stopword_file=/etc/mysql/stopwords.txt
ft_min_word_len=3
ft_boolean_syntax=' |-><()~*:""&^'
innodb_buffer_pool_size=2G
EOF
helm install --name my-release -f mariadb-values.yaml stable/mariadb
```
## Consuming credentials
To connect to your database in your application, you can consume the credentials from the secret. For example:
```yaml
apiVersion: v1
kind: Pod
metadata:
name: my-app
spec:
containers:
- name: my-app
image: bitnami/mariadb:latest
env:
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: my-release-mariadb
key: mariadb-root-password
command: ["sh", "-c"]
args:
- mysql -h my-release-mariadb.default.svc.cluster.local -p$MARIADB_ROOT_PASSWORD -e 'show databases;'
restartPolicy: Never
```
## Persistence
The [Bitnami MariaDB](https://github.com/bitnami/bitnami-docker-mariadb) image stores the MariaDB data and configurations at the `/bitnami/mariadb` path of the container.
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning, by default. An existing PersistentVolumeClaim can be defined.
### Existing PersistentVolumeClaims
1. Create the PersistentVolume
1. Create the PersistentVolumeClaim
1. Install the chart
```bash
$ helm install --set persistence.existingClaim=PVC_NAME postgresql
```
## Metrics
The chart can optionally start a metrics exporter endpoint on port `9104` for [prometheus](https://prometheus.io). The data exposed by the endpoint is intended to be consumed by a prometheus chart deployed within the cluster and as such the endpoint is not exposed outside the cluster.
charts/mariadb/app-readme.md 0 → 100644
# MariaDB
[MariaDB](https://mariadb.org) is one of the most popular database servers in the world. It’s made by the original developers of MySQL and guaranteed to stay open source. Notable users include Wikipedia, Facebook and Google.
MariaDB is developed as open source software and as a relational database, it provides an SQL interface for accessing data. The latest versions of MariaDB also include GIS and JSON features.
## Introduction
This chart bootstraps a [MariaDB](https://github.com/bitnami/bitnami-docker-mariadb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
charts/mariadb/questions.yml 0 → 100644
categories:
- Database
- MySQL
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.registry
default: "docker.io"
description: "Docker image registry "
type: string
label: Docker Image Registry
- variable: image.repository
default: "bitnami/mariadb"
description: "Docker image name"
type: string
label: Docker Image Name
- variable: image.tag
default: "10.1.32"
description: "Docker image tag"
type: string
label: Image Tag
- variable: usePassword
default: "true"
description: "Enable password authentication"
type: enum
options:
- "true"
- "false"
required: true
label: Enable Password Authentication
show_subquestion_if: true
subquestions:
- variable: mariadbUser
default: "admin"
description: "Username of new user to create."
type: string
label: MariaDB User
required: true
- variable: mariadbPassword
default: ""
description: "Password for mariadbUser, defaults to a random 10-character alphanumeric string if not set"
type: string
label: MariaDB Password
- variable: mariadbDatabase
default: "mydb"
description: "Database name to create"
type: string
label: MariaDB Database
required: true
- variable: service.type
default: "NodePort"
description: "MariaDB K8s Service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
required: true
label: MariaDB Service Type
- variable: persistence.enabled
default: "false"
description: "Enable persistent volume for MariaDB"
type: enum
options:
- "true"
- "false"
required: true
label: MariaDB Persistent Volume Enabled
show_subquestion_if: true
subquestions:
- variable: persistence.size
default: "8Gi"
description: "MariaDB Persistent Volume Size"
type: string
label: MariaDB Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Storage Class
- variable: metrics.enabled
default: "false"
description: "Start a side-car prometheus exporter"
type: enum
options:
- "true"
- "false"
required: true
label: Enable Metrics
charts/mariadb/templates/NOTES.txt 0 → 100644
{{- if contains .Values.service.type "LoadBalancer" }}
{{- if not .Values.usePassword }}
-------------------------------------------------------------------------------
WARNING
By specifying "service.type=LoadBalancer" and "usePassword=false" you have
most likely exposed the MariaDB service externally without any authentication
mechanism.
For security reasons, we strongly suggest that you switch to "ClusterIP" or
"NodePort". As alternative, you can also switch to "usePassword=true"
providing a valid pasword on "mariadbRootPassword" parameter.
-------------------------------------------------------------------------------
{{- end }}
{{- end }}
** Please be patient while the chart is being deployed **
MariaDB can be accessed via port 3306 on the following DNS name from within your cluster:
{{ template "mariadb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{ if .Values.usePassword -}}
To get the root password run:
export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.fullname" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
{{ if .Values.mariadbUser -}}
To get the password for "{{ .Values.mariadbUser }}" run:
export MARIADB_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.fullname" . }} -o jsonpath="{.data.mariadb-password}" | base64 --decode)
{{- end }}
{{- end -}}
To connect to your database:
1. Run a pod that you can use as a client:
kubectl run {{ template "mariadb.fullname" . }}-client --rm --tty -i {{ if .Values.usePassword }}--env MARIADB_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD{{ end }} --image bitnami/mariadb --command -- bash
2. Connect using the mysql cli, then provide your password:
mysql -h {{ template "mariadb.fullname" . }} -uroot {{- if .Values.usePassword }} -p$MARIADB_ROOT_PASSWORD{{ end }}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mariadb.fullname" . }})
mysql -h $NODE_IP -P $NODE_PORT -uroot {{- if .Values.usePassword }} -p$MARIADB_ROOT_PASSWORD{{ end }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mariadb.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mariadb.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
mysql -h $SERVICE_IP -P {{ .Values.service.nodePort }} -uroot {{- if .Values.usePassword }} -p$MARIADB_ROOT_PASSWORD{{ end }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "mariadb.name" . }}" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME 3306:3306 &
mysql -h 127.0.0.1 -uroot {{- if .Values.usePassword }} -p$MARIADB_ROOT_PASSWORD{{ end }}
{{- end }}
charts/redis/0/templates/_helpers.tpl charts/mariadb/templates/_helpers.tpl
......@@ -2,7 +2,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "redis.name" -}}
{{- define "mariadb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
......@@ -11,7 +11,7 @@ Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "redis.fullname" -}}
{{- define "mariadb.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
......@@ -25,12 +25,8 @@ If release name contains chart name it will be used as a full name.
{{- end -}}
{{/*
Return the appropriate apiVersion for networkpolicy.
Create chart name and version as used by the chart label.
*/}}
{{- define "networkPolicy.apiVersion" -}}
{{- if and (ge .Capabilities.KubeVersion.Minor "4") (le .Capabilities.KubeVersion.Minor "6") -}}
{{- print "extensions/v1beta1" -}}
{{- else if ge .Capabilities.KubeVersion.Minor "7" -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- define "mariadb.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
charts/mariadb/templates/configmap.yaml 0 → 100644
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mariadb.fullname" . }}
labels:
app: {{ template "mariadb.name" . }}
chart: {{ template "mariadb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
data:
my.cnf: |-
{{- if .Values.config }}
{{ .Values.config | indent 4 }}
{{- end -}}
charts/mariadb/templates/deployment.yaml 0 → 100644
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "mariadb.fullname" . }}
labels:
app: {{ template "mariadb.name" . }}
chart: {{ template "mariadb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "mariadb.name" . }}
release: "{{ .Release.Name }}"
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end }}
{{- if .Values.securitySettings.enabled }}
securityContext:
runAsUser: {{ .Values.securitySettings.runAsUser }}
fsGroup: {{ .Values.securitySettings.fsGroup }}
{{- end}}
initContainers:
- name: "copy-custom-config"
image: "busybox"
imagePullPolicy: "{{ .Values.imagePullPolicy }}"
command: ["sh", "-c", "mkdir -p /bitnami/mariadb/conf && cp /bitnami/mariadb_config/my.cnf /bitnami/mariadb/conf/my_custom.cnf"]
volumeMounts:
- name: config
mountPath: /bitnami/mariadb_config
- name: data
mountPath: /bitnami/mariadb
containers:
- name: mariadb
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
{{- if .Values.usePassword }}
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mariadb.fullname" . }}
key: mariadb-root-password
{{- if .Values.mariadbUser }}
- name: MARIADB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mariadb.fullname" . }}
key: mariadb-password
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: MARIADB_USER
value: {{ default "" .Values.mariadbUser | quote }}
- name: MARIADB_DATABASE
value: {{ default "" .Values.mariadbDatabase | quote }}
ports:
- name: mysql
containerPort: 3306
livenessProbe:
exec:
command:
- bash
- -c
- mysqladmin ping{{ if .Values.usePassword }} -uroot -p$MARIADB_ROOT_PASSWORD{{ end }}
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- bash
- -c
- mysqladmin ping{{ if .Values.usePassword }} -uroot -p$MARIADB_ROOT_PASSWORD{{ end }}
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
{{ toYaml .Values.resources | indent 10 }}
volumeMounts:
- name: data
mountPath: /bitnami/mariadb
{{- if .Values.metrics.enabled }}
- name: metrics
image: "{{ .Values.metrics.image }}:{{ .Values.metrics.imageTag }}"
imagePullPolicy: {{ .Values.metrics.imagePullPolicy | quote }}
env:
{{- if .Values.usePassword }}
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mariadb.fullname" . }}
key: mariadb-root-password
{{- end }}
command: [ 'sh', '-c', 'DATA_SOURCE_NAME="root:$MARIADB_ROOT_PASSWORD@(localhost:3306)/" /bin/mysqld_exporter' ]
ports:
- name: metrics
containerPort: 9104
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{- end }}
volumes:
- name: config
configMap:
name: {{ template "mariadb.fullname" . }}
- name: data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "mariadb.fullname" .) }}
{{- else }}
emptyDir: {}
{{- end -}}
charts/redis/0/templates/pvc.yaml charts/mariadb/templates/pvc.yaml
......@@ -2,10 +2,10 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "redis.fullname" . }}
name: {{ template "mariadb.fullname" . }}
labels:
app: {{ template "redis.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: {{ template "mariadb.name" . }}
chart: {{ template "mariadb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
......
charts/mariadb/templates/secrets.yaml 0 → 100644
{{- if .Values.usePassword -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mariadb.fullname" . }}
labels:
app: {{ template "mariadb.name" . }}
chart: {{ template "mariadb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{- if .Values.mariadbRootPassword }}
mariadb-root-password: {{ .Values.mariadbRootPassword | b64enc | quote }}
{{- else }}
mariadb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- if .Values.mariadbPassword }}
mariadb-password: {{ .Values.mariadbPassword | b64enc | quote }}
{{- else }}
mariadb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end -}}
charts/mariadb/templates/svc.yaml 0 → 100644
apiVersion: v1
kind: Service
metadata:
name: {{ template "mariadb.fullname" . }}
labels:
app: {{ template "mariadb.name" . }}
chart: {{ template "mariadb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.service.annotations }}
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.annotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
ports:
- name: mysql
port: 3306
targetPort: mysql
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9104
targetPort: metrics
{{- end }}
selector:
app: {{ template "mariadb.name" . }}
release: "{{ .Release.Name }}"
charts/mariadb/templates/test-runner.yaml 0 → 100644
apiVersion: v1
kind: Pod
metadata:
name: "{{ template "mariadb.fullname" . }}-test-{{ randAlphaNum 5 | lower }}"
annotations:
"helm.sh/hook": test-success
spec:
initContainers:
- name: "test-framework"
image: "dduportal/bats:0.4.0"
command:
- "bash"
- "-c"
- |
set -ex
# copy bats to tools dir
cp -R /usr/local/libexec/ /tools/bats/
volumeMounts:
- mountPath: /tools
name: tools
containers:
- name: mariadb-test
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
command: ["/tools/bats/bats", "-t", "/tests/run.sh"]
{{- if .Values.usePassword }}
env:
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mariadb.fullname" . }}
key: mariadb-root-password
{{- end }}
volumeMounts:
- mountPath: /tests
name: tests
readOnly: true
- mountPath: /tools
name: tools
volumes:
- name: tests
configMap:
name: {{ template "mariadb.fullname" . }}-tests
- name: tools
emptyDir: {}
restartPolicy: Never
charts/mariadb/templates/tests.yaml 0 → 100644
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "mariadb.fullname" . }}-tests
data:
run.sh: |-
@test "Testing MariaDB is accessible" {
mysql -h {{ template "mariadb.fullname" . }} -uroot {{- if .Values.usePassword }} -p$MARIADB_ROOT_PASSWORD{{ end }} -e 'show databases;'
}
charts/mariadb/values.yaml 0 → 100644
## Bitnami MariaDB image version
## ref: https://hub.docker.com/r/bitnami/mariadb/tags/
##
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.1.32
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Use password authentication
usePassword: true
## Specify password for root user
## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
##
mariadbRootPassword:
## Create a database user
## Password defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
mariadbUser:
mariadbPassword:
## Create a database
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run
##
mariadbDatabase:
service:
## Kubernetes service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
# annotations:
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
## mariadb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
storageClass: ""
accessMode: ReadWriteOnce
size: 8Gi
## Configure MariaDB with a custom my.cnf file
## ref: https://mariadb.com/kb/en/mariadb/configuring-mariadb-with-mycnf/#example-of-configuration-file
##
config: |-
# [mysqld]
# innodb_buffer_pool_size=2G
metrics:
enabled: false
image: prom/mysqld-exporter
imageTag: v0.10.0
imagePullPolicy: IfNotPresent
resources: {}
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9104"
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 256Mi
cpu: 250m
## Discretionary Access Controls
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securitySettings:
enabled: true
runAsUser: 1001
fsGroup: 1001
charts/memcached/0/Chart.yaml deleted 100755 → 0
description: Free & open source, high-performance, distributed memory object caching
system.
engine: gotpl
home: http://memcached.org/
icon: https://upload.wikimedia.org/wikipedia/en/thumb/2/27/Memcached.svg/1024px-Memcached.svg.png
keywords:
- memcached
- cache
maintainers:
- email: gtaylor@gc-taylor.com
name: Greg Taylor
name: memcached
sources:
- https://github.com/docker-library/memcached
version: 2.0.2
charts/memcached/0/questions.yml deleted 100644 → 0
questions:
- variable: replicaCount
default: "3"
description: "Replica count"
type: string
required: true
label: Replicas
- variable: AntiAffinity
default: "soft"
description: "Select AnitAffinity as either hard or soft, default is soft"
type: enum
options:
- "soft"
- "hard"
required: true
label: AnitAffinity
charts/memcached/0/values.yaml deleted 100755 → 0
## Memcached image and tag
## ref: https://hub.docker.com/r/library/memcached/tags/
##
image: memcached:1.4.36-alpine
## Specify a imagePullPolicy
## 'Always' if imageTag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
# imagePullPolicy:
#
## Replica count
replicaCount: 3
## Pod disruption budget minAvailable count
pdbMinAvailable: 3
## Select AnitAffinity as either hard or soft, default is hard
AntiAffinity: "hard"
memcached:
## Various values that get set as command-line flags.
## ref: https://github.com/memcached/memcached/wiki/ConfiguringServer#commandline-arguments
##
maxItemMemory: 64
verbosity: v
extendedOptions: modern
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 64Mi
cpu: 50m
charts/memcached/1/README.md deleted 100644 → 0
# Memcached
> [Memcached](https://memcached.org/) is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering.
Based on the [memcached](https://github.com/bitnami/charts/tree/master/incubator/memcached) chart from the [Bitnami Charts](https://github.com/bitnami/charts) repository.
## TL;DR;
```bash
$ helm install stable/memcached
```
## Introduction
This chart bootstraps a [Memcached](https://hub.docker.com/_/memcached/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release stable/memcached
```
The command deploys Memcached on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the Memcached chart and their default values.
| Parameter | Description | Default |
|---------------------------|---------------------------------|---------------------------------------------------------|
| `image` | The image to pull and run | A recent official memcached tag |
| `imagePullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `memcached.verbosity` | Verbosity level (v, vv, or vvv) | Un-set. |
| `memcached.maxItemMemory` | Max memory for items (in MB) | `64` |
The above parameters map to `memcached` params. For more information please refer to the [Memcached documentation](https://github.com/memcached/memcached/wiki/ConfiguringServer).
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set memcached.verbosity=v \
stable/memcached
```
The above command sets the Memcached verbosity to `v`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/memcached
```
> **Tip**: You can use the default [values.yaml](values.yaml)
charts/memcached/1/questions.yml deleted 100644 → 0
questions:
- variable: replicaCount
default: "3"
description: "Replica count"
type: string
required: true
label: Replicas
- variable: AntiAffinity
default: "soft"
description: "Select AnitAffinity as either hard or soft, default is soft"
type: enum
options:
- "soft"
- "hard"
required: true
label: AnitAffinity
charts/memcached/1/templates/NOTES.txt deleted 100644 → 0
Memcached can be accessed via port 11211 on the following DNS name from within your cluster:
{{ template "memcached.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
If you'd like to test your instance, forward the port locally:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "memcached.fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward $POD_NAME 11211
In another tab, attempt to set a key:
$ echo -e 'set mykey 0 60 5\r\nhello\r' | nc localhost 11211
You should see:
STORED
charts/memcached/1/templates/pdb.yaml deleted 100644 → 0
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ template "memcached.fullname" . }}
spec:
selector:
matchLabels:
app: {{ template "memcached.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
minAvailable: {{ .Values.pdbMinAvailable }}
\ No newline at end of file
charts/memcached/1/templates/statefulset.yaml deleted 100644 → 0
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: {{ template "memcached.fullname" . }}
labels:
app: {{ template "memcached.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
serviceName: {{ template "memcached.fullname" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
app: {{ template "memcached.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
affinity:
podAntiAffinity:
{{- if eq .Values.AntiAffinity "hard" }}
requiredDuringSchedulingIgnoredDuringExecution:
- topologyKey: "kubernetes.io/hostname"
labelSelector:
matchLabels:
app: {{ template "memcached.fullname" . }}
release: {{ .Release.Name | quote }}
{{- else if eq .Values.AntiAffinity "soft" }}
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 5
podAffinityTerm:
topologyKey: "kubernetes.io/hostname"
labelSelector:
matchLabels:
app: {{ template "memcached.fullname" . }}
release: {{ .Release.Name | quote }}
{{- end }}
containers:
- name: {{ template "memcached.fullname" . }}
image: {{ .Values.image }}
imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }}
command:
- memcached
- -m {{ .Values.memcached.maxItemMemory }}
{{- if .Values.memcached.extendedOptions }}
- -o
- {{ .Values.memcached.extendedOptions }}
{{- end }}
{{- if .Values.memcached.verbosity }}
- -{{ .Values.memcached.verbosity }}
{{- end }}
ports:
- name: memcache
containerPort: 11211
livenessProbe:
tcpSocket:
port: memcache
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
tcpSocket:
port: memcache
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
{{ toYaml .Values.resources | indent 10 }}
charts/memcached/1/Chart.yaml charts/memcached/Chart.yaml
name: memcached
version: 2.0.3
version: 2.0.4
appVersion: 1.5.6
description: Free & open source, high-performance, distributed memory object caching
system.
keywords:
......
charts/memcached/0/README.md charts/memcached/README.md 100755 → 100644
# Memcached
> [Memcached](https://memcached.org/) is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering.
Based on the [memcached](https://github.com/bitnami/charts/tree/master/incubator/memcached) chart from the [Bitnami Charts](https://github.com/bitnami/charts) repository.
## TL;DR;
```bash
$ helm install stable/memcached
```
## Introduction
This chart bootstraps a [Memcached](https://hub.docker.com/_/memcached/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release stable/memcached
```
The command deploys Memcached on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the Memcached chart and their default values.
......
charts/memcached/app-readme.md 0 → 100644
# Memcached
> [Memcached](https://memcached.org/) is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering.
Based on the [memcached](https://github.com/bitnami/charts/tree/master/incubator/memcached) chart from the [Bitnami Charts](https://github.com/bitnami/charts) repository.
## Introduction
This chart bootstraps a [Memcached](https://hub.docker.com/_/memcached/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
charts/memcached/questions.yml 0 → 100644
categories:
- Cache
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image
default: "memcached:1.5.6-alpine"
description: "memcached Docker image"
type: string
label: Memcached Docker Image
- variable: replicaCount
default: "3"
description: "Memcached pod numbers"
type: string
required: true
label: Memcached Replicas
- variable: AntiAffinity
default: "soft"
description: "Select AnitAffinity as either hard or soft, default is soft"
type: enum
options:
- "soft"
- "hard"
required: true
label: AnitAffinity
- variable: showMemcachedOptions
default: "false"
description: "show memcached configurations(ref: https://github.com/memcached/memcached/wiki/ConfiguringServer#commandline-arguments)"
label: Set Advanced Memcached Configurations
type: enum
options:
- "true"
- "false"
show_subquestion_if: true
subquestions:
- variable: memcached.maxItemMemory
default: "64"
description: "max memory to use for items(in MB), from 1-65535"
type: string
label: max_memory
- variable: memcached.verbosity
default: "v"
description: "Verbosity level (v, vv, or vvv) "
type: enum
label: verbosity level
options:
- "v"
- "vv"
- "vvv"
charts/mongodb-replicaset/.helmignore 0 → 100644
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
install
charts/mongodb-replicaset/Chart.yaml 0 → 100644
name: mongodb-replicaset
home: https://github.com/mongodb/mongo
version: 3.3.0
appVersion: 3.6
description: NoSQL document-oriented database that stores JSON-like documents with
dynamic schemas, simplifying the integration of data in content-driven applications.
icon: https://webassets.mongodb.com/_com_assets/cms/mongodb-logo-rgb-j6w271g1xn.jpg
sources:
- https://github.com/mongodb/mongo
maintainers:
- name: foxish
email: ramanathana@google.com
- name: unguiculus
email: unguiculus@gmail.com
charts/mongodb-replicaset/OWNERS 0 → 100644
approvers:
- foxish
- unguiculus
reviewers:
- foxish
- unguiculus
charts/mongodb-replicaset/README.md 0 → 100644
## Configuration
The following tables lists the configurable parameters of the mongodb chart and their default values.
| Parameter | Description | Default |
| ----------------------------------- | ------------------------------------------------------------------------- | --------------------------------------------------- |
| `replicas` | Number of replicas in the replica set | `3` |
| `replicaSetName` | The name of the replica set | `rs0` |
| `podDisruptionBudget` | Pod disruption budget | `{}` |
| `port` | MongoDB port | `27017` |
| `installImage.repository` | Image name for the install container | `k8s.gcr.io/mongodb-install` |
| `installImage.tag` | Image tag for the install container | `0.5` |
| `installImage.pullPolicy` | Image pull policy for the init container that establishes the replica set | `IfNotPresent` |
| `image.repository` | MongoDB image name | `mongo` |
| `image.tag` | MongoDB image tag | `3.6` |
| `image.pullPolicy` | MongoDB image pull policy | `IfNotPresent` |
| `podAnnotations` | Annotations to be added to MongoDB pods | `{}` |
| `securityContext` | Security context for the pod | `{runAsUser: 999, fsGroup: 999, runAsNonRoot: true}`|
| `resources` | Pod resource requests and limits | `{}` |
| `persistentVolume.enabled` | If `true`, persistent volume claims are created | `true` |
| `persistentVolume.storageClass` | Persistent volume storage class | `` |
| `persistentVolume.accessMode` | Persistent volume access modes | `[ReadWriteOnce]` |
| `persistentVolume.size` | Persistent volume size | `10Gi` |
| `persistentVolume.annotations` | Persistent volume annotations | `{}` |
| `tls.enabled` | Enable MongoDB TLS support including authentication | `false` |
| `tls.cacert` | The CA certificate used for the members | Our self signed CA certificate |
| `tls.cakey` | The CA key used for the members | Our key for the self signed CA certificate |
| `auth.enabled` | If `true`, keyfile access control is enabled | `false` |
| `auth.key` | Key for internal authentication | `` |
| `auth.existingKeySecret` | If set, an existing secret with this name for the key is used | `` |
| `auth.adminUser` | MongoDB admin user | `` |
| `auth.adminPassword` | MongoDB admin password | `` |
| `auth.existingAdminSecret` | If set, and existing secret with this name is used for the admin user | `` |
| `serviceAnnotations` | Annotations to be added to the service | `{}` |
| `configmap` | Content of the MongoDB config file | `` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `affinity` | Node/pod affinities | `{}` |
| `tolerations` | List of node taints to tolerate | `[]` |
| `livenessProbe` | Liveness probe configuration | See below |
| `readinessProbe` | Readiness probe configuration | See below |
| `extraVars` | Set environment variables for the main container | `{}` |
*MongoDB config file*
All options that depended on the chart configuration are supplied as command-line arguments to `mongod`. By default,
the chart creates an empty config file. Entries may be added via the `configmap` configuration value.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install --name my-release -f values.yaml stable/mongodb-replicaset
```
> **Tip**: You can use the default [values.yaml](values.yaml)
Once you have all 3 nodes in running, you can run the "test.sh" script in this directory, which will insert a key into
the primary and check the secondaries for output. This script requires that the `$RELEASE_NAME` environment variable
be set, in order to access the pods.
## Authentication
By default, this chart creates a MongoDB replica set without authentication. Authentication can be
enabled using the parameter `auth.enabled`. Once enabled, keyfile access control is set up and an
admin user with root privileges is created. User credentials and keyfile may be specified directly.
Alternatively, existing secrets may be provided. The secret for the admin user must contain the
keys `user` and `password`, that for the key file must contain `key.txt`. The user is created with
full `root` permissions but is restricted to the `admin` database for security purposes. It can be
used to create additional users with more specific permissions.
## TLS support
To enable full TLS encryption set `tls.enabled` to `true`. It is recommended to create your own CA by executing:
```console
$ openssl genrsa -out ca.key 2048
$ openssl req -x509 -new -nodes -key ca.key -days 10000 -out ca.crt -subj "/CN=mydomain.com"
```
After that paste the base64 encoded (`cat ca.key | base64 -w0`) cert and key into the fields `tls.cacert` and
`tls.cakey`. Adapt the configmap for the replicaset as follows:
```yml
configmap:
storage:
dbPath: /data/db
net:
port: 27017
ssl:
mode: requireSSL
CAFile: /ca/tls.crt
PEMKeyFile: /work-dir/mongo.pem
replication:
replSetName: rs0
security:
authorization: enabled
clusterAuthMode: x509
keyFile: /keydir/key.txt
```
To access the cluster you need one of the certificates generated during cluster setup in `/work-dir/mongo.pem` of the
certain container or you generate your own one via:
```console
$ cat >openssl.cnf <<EOL
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $HOSTNAME1
DNS.1 = $HOSTNAME2
EOL
$ openssl genrsa -out mongo.key 2048
$ openssl req -new -key mongo.key -out mongo.csr -subj "/CN=$HOSTNAME" -config openssl.cnf
$ openssl x509 -req -in mongo.csr \
-CA $MONGOCACRT -CAkey $MONGOCAKEY -CAcreateserial \
-out mongo.crt -days 3650 -extensions v3_req -extfile openssl.cnf
$ rm mongo.csr
$ cat mongo.crt mongo.key > mongo.pem
$ rm mongo.key mongo.crt
```
Please ensure that you exchange the `$HOSTNAME` with your actual hostname and the `$HOSTNAME1`, `$HOSTNAME2`, etc. with
alternative hostnames you want to allow access to the MongoDB replicaset. You should now be able to authenticate to the
mongodb with your `mongo.pem` certificate:
```console
$ mongo --ssl --sslCAFile=ca.crt --sslPEMKeyFile=mongo.pem --eval "db.adminCommand('ping')"
```
## Readiness probe
The default values for the readiness probe are:
```yaml
readinessProbe:
initialDelaySeconds: 5
timeoutSeconds: 1
failureThreshold: 3
periodSeconds: 10
successThreshold: 1
```
## Liveness probe
The default values for the liveness probe are:
```yaml
livenessProbe:
initialDelaySeconds: 30
timeoutSeconds: 5
failureThreshold: 3
periodSeconds: 10
successThreshold: 1
```
## Deep dive
Because the pod names are dependent on the name chosen for it, the following examples use the
environment variable `RELEASENAME`. For example, if the helm release name is `messy-hydra`, one would need to set the
following before proceeding. The example scripts below assume 3 pods only.
```console
export RELEASE_NAME=messy-hydra
```
### Cluster Health
```console
$ for i in 0 1 2; do kubectl exec $RELEASE_NAME-mongodb-replicaset-$i -- sh -c 'mongo --eval="printjson(db.serverStatus())"'; done
```
### Failover
One can check the roles being played by each node by using the following:
```console
$ for i in 0 1 2; do kubectl exec $RELEASE_NAME-mongodb-replicaset-$i -- sh -c 'mongo --eval="printjson(rs.isMaster())"'; done
MongoDB shell version: 3.6.3
connecting to: mongodb://127.0.0.1:27017
MongoDB server version: 3.6.3
{
"hosts" : [
"messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
"messy-hydra-mongodb-1.messy-hydra-mongodb.default.svc.cluster.local:27017",
"messy-hydra-mongodb-2.messy-hydra-mongodb.default.svc.cluster.local:27017"
],
"setName" : "rs0",
"setVersion" : 3,
"ismaster" : true,
"secondary" : false,
"primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
"me" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
"electionId" : ObjectId("7fffffff0000000000000001"),
"maxBsonObjectSize" : 16777216,
"maxMessageSizeBytes" : 48000000,
"maxWriteBatchSize" : 1000,
"localTime" : ISODate("2016-09-13T01:10:12.680Z"),
"maxWireVersion" : 4,
"minWireVersion" : 0,
"ok" : 1
}
```
This lets us see which member is primary.
Let us now test persistence and failover. First, we insert a key (in the below example, we assume pod 0 is the master):
```console
$ kubectl exec $RELEASE_NAME-mongodb-replicaset-0 -- mongo --eval="printjson(db.test.insert({key1: 'value1'}))"
MongoDB shell version: 3.6.3
connecting to: mongodb://127.0.0.1:27017
{ "nInserted" : 1 }
```
Watch existing members:
```console
$ kubectl run --attach bbox --image=mongo:3.6 --restart=Never --env="RELEASE_NAME=$RELEASE_NAME" -- sh -c 'while true; do for i in 0 1 2; do echo $RELEASE_NAME-mongodb-replicaset-$i $(mongo --host=$RELEASE_NAME-mongodb-replicaset-$i.$RELEASE_NAME-mongodb-replicaset --eval="printjson(rs.isMaster())" | grep primary); sleep 1; done; done';
Waiting for pod default/bbox2 to be running, status is Pending, pod ready: false
If you don't see a command prompt, try pressing enter.
messy-hydra-mongodb-2 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-0 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-1 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-2 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-0 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
```
Kill the primary and watch as a new master getting elected.
```console
$ kubectl delete pod $RELEASE_NAME-mongodb-replicaset-0
pod "messy-hydra-mongodb-0" deleted
```
Delete all pods and let the statefulset controller bring it up.
```console
$ kubectl delete po -l "app=mongodb-replicaset,release=$RELEASE_NAME"
$ kubectl get po --watch-only
NAME READY STATUS RESTARTS AGE
messy-hydra-mongodb-0 0/1 Pending 0 0s
messy-hydra-mongodb-0 0/1 Pending 0 0s
messy-hydra-mongodb-0 0/1 Pending 0 7s
messy-hydra-mongodb-0 0/1 Init:0/2 0 7s
messy-hydra-mongodb-0 0/1 Init:1/2 0 27s
messy-hydra-mongodb-0 0/1 Init:1/2 0 28s
messy-hydra-mongodb-0 0/1 PodInitializing 0 31s
messy-hydra-mongodb-0 0/1 Running 0 32s
messy-hydra-mongodb-0 1/1 Running 0 37s
messy-hydra-mongodb-1 0/1 Pending 0 0s
messy-hydra-mongodb-1 0/1 Pending 0 0s
messy-hydra-mongodb-1 0/1 Init:0/2 0 0s
messy-hydra-mongodb-1 0/1 Init:1/2 0 20s
messy-hydra-mongodb-1 0/1 Init:1/2 0 21s
messy-hydra-mongodb-1 0/1 PodInitializing 0 24s
messy-hydra-mongodb-1 0/1 Running 0 25s
messy-hydra-mongodb-1 1/1 Running 0 30s
messy-hydra-mongodb-2 0/1 Pending 0 0s
messy-hydra-mongodb-2 0/1 Pending 0 0s
messy-hydra-mongodb-2 0/1 Init:0/2 0 0s
messy-hydra-mongodb-2 0/1 Init:1/2 0 21s
messy-hydra-mongodb-2 0/1 Init:1/2 0 22s
messy-hydra-mongodb-2 0/1 PodInitializing 0 25s
messy-hydra-mongodb-2 0/1 Running 0 26s
messy-hydra-mongodb-2 1/1 Running 0 30s
...
messy-hydra-mongodb-0 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-1 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
messy-hydra-mongodb-2 "primary" : "messy-hydra-mongodb-0.messy-hydra-mongodb.default.svc.cluster.local:27017",
```
Check the previously inserted key:
```console
$ kubectl exec $RELEASE_NAME-mongodb-replicaset-1 -- mongo --eval="rs.slaveOk(); db.test.find({key1:{\$exists:true}}).forEach(printjson)"
MongoDB shell version: 3.6.3
connecting to: mongodb://127.0.0.1:27017
{ "_id" : ObjectId("57b180b1a7311d08f2bfb617"), "key1" : "value1" }
```
### Scaling
Scaling should be managed by `helm upgrade`, which is the recommended way.
charts/mongodb-replicaset/app-readme.md 0 → 100644
# MongoDB Helm Chart
## Prerequisites Details
* Kubernetes 1.8+ with Beta APIs enabled.
* PV support on the underlying infrastructure.
## Chart Details
This chart implements a dynamically scalable [MongoDB replica set](https://docs.mongodb.com/manual/tutorial/deploy-replica-set/)
using Kubernetes StatefulSets and Init Containers.
charts/mongodb-replicaset/init/on-start.sh 0 → 100644
#!/usr/bin/env bash
# Copyright 2016 The Kubernetes Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
replica_set="$REPLICA_SET"
script_name=${0##*/}
if [[ "$AUTH" == "true" ]]; then
admin_user="$ADMIN_USER"
admin_password="$ADMIN_PASSWORD"
admin_creds=(-u "$admin_user" -p "$admin_password")
auth_args=(--auth --keyFile=/data/configdb/key.txt)
fi
function log() {
local msg="$1"
local timestamp
timestamp=$(date --iso-8601=ns)
echo "[$timestamp] [$script_name] $msg" >> /work-dir/log.txt
}
function shutdown_mongo() {
if [[ $# -eq 1 ]]; then
args="timeoutSecs: $1"
else
args='force: true'
fi
log "Shutting down MongoDB ($args)..."
mongo admin "${admin_creds[@]}" "${ssl_args[@]}" --eval "db.shutdownServer({$args})"
}
my_hostname=$(hostname)
log "Bootstrapping MongoDB replica set member: $my_hostname"
log "Reading standard input..."
while read -ra line; do
if [[ "${line}" == *"${my_hostname}"* ]]; then
service_name="$line"
continue
fi
peers=("${peers[@]}" "$line")
done
# Generate the ca cert
ca_crt=/data/configdb/tls.crt
if [ -f "$ca_crt" ]; then
log "Generating certificate"
ca_key=/data/configdb/tls.key
pem=/work-dir/mongo.pem
ssl_args=(--ssl --sslCAFile "$ca_crt" --sslPEMKeyFile "$pem")
cat >openssl.cnf <<EOL
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $(echo -n "$my_hostname" | sed s/-[0-9]*$//)
DNS.2 = $my_hostname
DNS.3 = $service_name
DNS.4 = localhost
DNS.5 = 127.0.0.1
EOL
# Generate the certs
openssl genrsa -out mongo.key 2048
openssl req -new -key mongo.key -out mongo.csr -subj "/CN=$my_hostname" -config openssl.cnf
openssl x509 -req -in mongo.csr \
-CA "$ca_crt" -CAkey "$ca_key" -CAcreateserial \
-out mongo.crt -days 3650 -extensions v3_req -extfile openssl.cnf
rm mongo.csr
cat mongo.crt mongo.key > $pem
rm mongo.key mongo.crt
fi
log "Peers: ${peers[*]}"
log "Starting a MongoDB instance..."
mongod --config /data/configdb/mongod.conf --dbpath=/data/db --replSet="$replica_set" --port=27017 "${auth_args[@]}" --bind_ip_all >> /work-dir/log.txt 2>&1 &
log "Waiting for MongoDB to be ready..."
until mongo "${ssl_args[@]}" --eval "db.adminCommand('ping')"; do
log "Retrying..."
sleep 2
done
log "Initialized."
# try to find a master and add yourself to its replica set.
for peer in "${peers[@]}"; do
if mongo admin --host "$peer" "${admin_creds[@]}" "${ssl_args[@]}" --eval "rs.isMaster()" | grep '"ismaster" : true'; then
log "Found master: $peer"
log "Adding myself ($service_name) to replica set..."
mongo admin --host "$peer" "${admin_creds[@]}" "${ssl_args[@]}" --eval "rs.add('$service_name')"
sleep 3
log 'Waiting for replica to reach SECONDARY state...'
until printf '.' && [[ $(mongo admin "${admin_creds[@]}" "${ssl_args[@]}" --quiet --eval "rs.status().myState") == '2' ]]; do
sleep 1
done
log '✓ Replica reached SECONDARY state.'
shutdown_mongo "60"
log "Good bye."
exit 0
fi
done
# else initiate a replica set with yourself.
if mongo "${ssl_args[@]}" --eval "rs.status()" | grep "no replset config has been received"; then
log "Initiating a new replica set with myself ($service_name)..."
mongo "${ssl_args[@]}" --eval "rs.initiate({'_id': '$replica_set', 'members': [{'_id': 0, 'host': '$service_name'}]})"
sleep 3
log 'Waiting for replica to reach PRIMARY state...'
until printf '.' && [[ $(mongo "${ssl_args[@]}" --quiet --eval "rs.status().myState") == '1' ]]; do
sleep 1
done
log '✓ Replica reached PRIMARY state.'
if [[ "$AUTH" == "true" ]]; then
log "Creating admin user..."
mongo admin "${ssl_args[@]}" --eval "db.createUser({user: '$admin_user', pwd: '$admin_password', roles: [{role: 'root', db: 'admin'}]})"
fi
log "Done."
fi
shutdown_mongo
log "Good bye."
charts/mongodb-replicaset/install/.dockerignore 0 → 100644
Makefile
\ No newline at end of file
charts/mongodb-replicaset/install/Dockerfile 0 → 100644
# Copyright 2016 The Kubernetes Authors All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM alpine:3.7
MAINTAINER Anirudh Ramanathan <foxish@google.com>
RUN apk update && apk add bash openssl && wget -qO /peer-finder http://storage.googleapis.com/kubernetes-release/pets/peer-finder
ENTRYPOINT ["/install.sh"]
COPY install.sh /
RUN chmod -c 755 /install.sh /peer-finder
charts/mongodb-replicaset/install/Makefile 0 → 100644
# Copyright 2016 The Kubernetes Authors All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
all: push
TAG = 0.6
PREFIX = staging-k8s.gcr.io/mongodb-install
container:
docker build -t $(PREFIX):$(TAG) .
push: container
gcloud docker -- push $(PREFIX):$(TAG)
clean:
docker rmi $(PREFIX):$(TAG)
charts/mongodb-replicaset/install/install.sh 0 → 100644
#!/usr/bin/env bash
# Copyright 2016 The Kubernetes Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This volume is assumed to exist and is shared with the peer-finder
# init container. It contains on-start/change configuration scripts.
WORKDIR_VOLUME="/work-dir"
for i in "$@"; do
case "$i" in
-w=*|--work-dir=*)
WORKDIR_VOLUME="${i#*=}"
shift
;;
*)
# unknown option
;;
esac
done
echo Installing config scripts into "${WORKDIR_VOLUME}"
mkdir -p "${WORKDIR_VOLUME}"
cp /peer-finder "${WORKDIR_VOLUME}"/
charts/mongodb-replicaset/questions.yml 0 → 100644
categories:
- Database
- NoSQL
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: installImage.repository
default: "k8s.gcr.io/mongodb-install"
description: "Image name for the install container"
type: string
label: Init-Container Image Name
- variable: installImage.tag
default: "0.6"
description: "Image tag for the install container"
type: string
label: Init-Container Image Tag
- variable: image.repository
default: "mongo"
description: "MongoDB image name"
type: string
label: MongoDB Image Name
- variable: image.tag
default: "3.6"
description: "MongoDB image tag"
type: string
label: Image Tag
- variable: replicas
default: "3"
description: "Number of replicas in the replica set"
type: string
label: Number of Replicas
required: true
- variable: port
default: "27017"
description: "MongoDB port"
type: string
label: MongoDB port
required: true
- variable: replicaSetName
default: "rs0"
description: "The name of the replica set"
type: string
label: ReplicaSet Name
required: true
- variable: auth.enabled
default: "false"
description: "If true, keyfile access control is enabled"
type: enum
options:
- "true"
- "false"
label: Auth Enabled
required: true
show_subquestion_if: true
subquestions:
- variable: auth.key
default: "my secret key"
description: "Key for internal authentication, https://docs.mongodb.com/v3.0/tutorial/enable-internal-authentication/"
type: string
label: Auth Key
required: true
- variable: auth.adminUser
default: "admin"
description: "MongoDB admin user"
type: string
label: MongoDB Admin User
required: true
- variable: auth.adminPassword
default: ""
description: "MongoDB admin password"
type: password
label: MongoDB Admin Password
required: true
- variable: persistentVolume.enabled
default: "false"
description: "Enable persistent volume for MongoDB"
type: enum
options:
- "true"
- "false"
required: true
label: MongoDB Persistent Volume Enabled
show_subquestion_if: true
subquestions:
- variable: persistentVolume.size
default: "10Gi"
description: "MongoDB Persistent Volume Size"
type: string
label: MongoDB Volume Size
- variable: persistentVolume.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MongoDB
charts/mongodb-replicaset/templates/NOTES.txt 0 → 100644
1. After the statefulset is created completely, one can check which instance is primary by running:
$ for ((i = 0; i < {{ .Values.replicas }}; ++i)); do kubectl exec --namespace {{ .Release.Namespace }} {{ template "mongodb-replicaset.fullname" . }}-$i -- sh -c 'mongo --eval="printjson(rs.isMaster())"'; done
2. One can insert a key into the primary instance of the mongodb replica set by running the following:
MASTER_POD_NAME must be replaced with the name of the master found from the previous step.
$ kubectl exec --namespace {{ .Release.Namespace }} MASTER_POD_NAME -- mongo --eval="printjson(db.test.insert({key1: 'value1'}))"
3. One can fetch the keys stored in the primary or any of the slave nodes in the following manner.
POD_NAME must be replaced by the name of the pod being queried.
$ kubectl exec --namespace {{ .Release.Namespace }} POD_NAME -- mongo --eval="rs.slaveOk(); db.test.find().forEach(printjson)"
charts/mongodb-replicaset/templates/_helpers.tpl 0 → 100644
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mongodb-replicaset.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mongodb-replicaset.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "mongodb-replicaset.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name for the admin secret.
*/}}
{{- define "mongodb-replicaset.adminSecret" -}}
{{- if .Values.auth.existingAdminSecret -}}
{{- .Values.auth.existingAdminSecret -}}
{{- else -}}
{{- template "mongodb-replicaset.fullname" . -}}-admin
{{- end -}}
{{- end -}}
{{/*
Create the name for the key secret.
*/}}
{{- define "mongodb-replicaset.keySecret" -}}
{{- if .Values.auth.existingKeySecret -}}
{{- .Values.auth.existingKeySecret -}}
{{- else -}}
{{- template "mongodb-replicaset.fullname" . -}}-keyfile
{{- end -}}
{{- end -}}
charts/mongodb-replicaset/templates/mongodb-admin-secret.yaml 0 → 100644
{{- if and (.Values.auth.enabled) (not .Values.auth.existingAdminSecret) -}}
apiVersion: v1
kind: Secret
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.adminSecret" . }}
type: Opaque
data:
user: {{ .Values.auth.adminUser | b64enc }}
password: {{ .Values.auth.adminPassword | b64enc }}
{{- end -}}
charts/mongodb-replicaset/templates/mongodb-ca-secret.yaml 0 → 100644
{{- if .Values.tls.enabled -}}
apiVersion: v1
kind: Secret
type: kubernetes.io/tls
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}-ca
data:
tls.key: {{ .Values.tls.cakey }}
tls.crt: {{ .Values.tls.cacert }}
{{- end -}}
charts/mongodb-replicaset/templates/mongodb-init-configmap.yaml 0 → 100644
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}-init
data:
on-start.sh: |
{{ .Files.Get "init/on-start.sh" | indent 4 }}
charts/mongodb-replicaset/templates/mongodb-keyfile-secret.yaml 0 → 100644
{{- if and (.Values.auth.enabled) (not .Values.auth.existingKeySecret) -}}
apiVersion: v1
kind: Secret
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.keySecret" . }}
type: Opaque
data:
key.txt: {{ .Values.auth.key | b64enc }}
{{- end -}}
charts/mongodb-replicaset/templates/mongodb-mongodb-configmap.yaml 0 → 100644
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}-mongodb
data:
mongod.conf: |
{{ toYaml .Values.configmap | indent 4 }}
charts/mongodb-replicaset/templates/mongodb-poddisruptionbudget.yaml 0 → 100644
{{- if .Values.podDisruptionBudget -}}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}
spec:
selector:
matchLabels:
app: {{ template "mongodb-replicaset.name" . }}
release: {{ .Release.Name }}
{{ toYaml .Values.podDisruptionBudget | indent 2 }}
{{- end -}}
charts/mongodb-replicaset/templates/mongodb-service.yaml 0 → 100644
# A headless service to create DNS records
apiVersion: v1
kind: Service
metadata:
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
{{- if .Values.serviceAnnotations }}
{{ toYaml .Values.serviceAnnotations | indent 4 }}
{{- end }}
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}
spec:
type: ClusterIP
clusterIP: None
ports:
- name: peer
port: {{ .Values.port }}
selector:
app: {{ template "mongodb-replicaset.name" . }}
release: {{ .Release.Name }}
charts/mongodb-replicaset/templates/mongodb-statefulset.yaml 0 → 100644
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ template "mongodb-replicaset.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}
spec:
selector:
matchLabels:
app: {{ template "mongodb-replicaset.name" . }}
release: {{ .Release.Name }}
serviceName: {{ template "mongodb-replicaset.fullname" . }}
replicas: {{ .Values.replicas }}
template:
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
release: {{ .Release.Name }}
annotations:
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
securityContext:
{{ toYaml .Values.securityContext | indent 8 }}
initContainers:
- name: copy-config
image: busybox
command:
- "sh"
args:
- "-c"
- |
set -e
set -x
cp /configdb-readonly/mongod.conf /data/configdb/mongod.conf
{{- if .Values.tls.enabled }}
cp /ca-readonly/tls.key /data/configdb/tls.key
cp /ca-readonly/tls.crt /data/configdb/tls.crt
{{- end }}
{{- if .Values.auth.enabled }}
cp /keydir-readonly/key.txt /data/configdb/key.txt
chmod 600 /data/configdb/key.txt
{{- end }}
volumeMounts:
- name: workdir
mountPath: /work-dir
- name: config
mountPath: /configdb-readonly
- name: configdir
mountPath: /data/configdb
{{- if .Values.tls.enabled }}
- name: ca
mountPath: /ca-readonly
{{- end }}
{{- if .Values.auth.enabled }}
- name: keydir
mountPath: /keydir-readonly
{{- end }}
- name: install
image: "{{ .Values.installImage.repository }}:{{ .Values.installImage.tag }}"
args:
- --work-dir=/work-dir
imagePullPolicy: "{{ .Values.installImage.pullPolicy }}"
volumeMounts:
- name: workdir
mountPath: /work-dir
- name: bootstrap
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command:
- /work-dir/peer-finder
args:
- -on-start=/init/on-start.sh
- "-service={{ template "mongodb-replicaset.fullname" . }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: REPLICA_SET
value: {{ .Values.replicaSetName }}
{{- if .Values.auth.enabled }}
- name: AUTH
value: "true"
- name: ADMIN_USER
valueFrom:
secretKeyRef:
name: "{{ template "mongodb-replicaset.adminSecret" . }}"
key: user
- name: ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: "{{ template "mongodb-replicaset.adminSecret" . }}"
key: password
{{- end }}
volumeMounts:
- name: workdir
mountPath: /work-dir
- name: init
mountPath: /init
- name: configdir
mountPath: /data/configdb
- name: datadir
mountPath: /data/db
containers:
- name: {{ template "mongodb-replicaset.name" . }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
{{- if .Values.extraVars }}
env:
{{ toYaml .Values.extraVars | indent 12 }}
{{- end }}
ports:
- name: peer
containerPort: 27017
resources:
{{ toYaml .Values.resources | indent 12 }}
command:
- mongod
args:
- --config=/data/configdb/mongod.conf
- --dbpath=/data/db
- --replSet={{ .Values.replicaSetName }}
- --port=27017
- --bind_ip_all
{{- if .Values.auth.enabled }}
- --auth
- --keyFile=/data/configdb/key.txt
{{- end }}
{{- if .Values.tls.enabled }}
- --ssl
- --sslCAFile=/data/configdb/tls.crt
- --sslPEMKeyFile=/work-dir/mongo.pem
{{- end }}
livenessProbe:
exec:
command:
- mongo
{{- if .Values.tls.enabled }}
- --ssl
- --sslCAFile=/data/configdb/tls.crt
- --sslPEMKeyFile=/work-dir/mongo.pem
{{- end }}
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
readinessProbe:
exec:
command:
- mongo
{{- if .Values.tls.enabled }}
- --ssl
- --sslCAFile=/data/configdb/tls.crt
- --sslPEMKeyFile=/work-dir/mongo.pem
{{- end }}
- --eval
- "db.adminCommand('ping')"
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
volumeMounts:
- name: datadir
mountPath: /data/db
- name: configdir
mountPath: /data/configdb
- name: workdir
mountPath: /work-dir
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
volumes:
- name: config
configMap:
name: {{ template "mongodb-replicaset.fullname" . }}-mongodb
- name: init
configMap:
defaultMode: 0755
name: {{ template "mongodb-replicaset.fullname" . }}-init
{{- if .Values.tls.enabled }}
- name: ca
secret:
defaultMode: 0400
secretName: {{ template "mongodb-replicaset.fullname" . }}-ca
{{- end }}
{{- if .Values.auth.enabled }}
- name: keydir
secret:
defaultMode: 0400
secretName: {{ template "mongodb-replicaset.keySecret" . }}
{{- end }}
- name: workdir
emptyDir: {}
- name: configdir
emptyDir: {}
{{- if .Values.persistentVolume.enabled }}
volumeClaimTemplates:
- metadata:
name: datadir
annotations:
{{- range $key, $value := .Values.persistentVolume.annotations }}
{{ $key }}: {{ $value }}
{{- end }}
spec:
accessModes:
{{- range .Values.persistentVolume.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistentVolume.size | quote }}
{{- if .Values.persistentVolume.storageClass }}
{{- if (eq "-" .Values.persistentVolume.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistentVolume.storageClass }}"
{{- end }}
{{- end }}
{{- else }}
- name: datadir
emptyDir: {}
{{- end }}
charts/mongodb-replicaset/templates/tests/mongodb-up-test-configmap.yaml 0 → 100644
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}-tests
data:
mongodb-up-test.sh: |
{{ .Files.Get "tests/mongodb-up-test.sh" | indent 4 }}
charts/mongodb-replicaset/templates/tests/mongodb-up-test-pod.yaml 0 → 100644
apiVersion: v1
kind: Pod
metadata:
labels:
app: {{ template "mongodb-replicaset.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb-replicaset.fullname" . }}-test
annotations:
"helm.sh/hook": test-success
spec:
initContainers:
- name: test-framework
image: dduportal/bats:0.4.0
command:
- bash
- -c
- |
set -ex
# copy bats to tools dir
cp -R /usr/local/libexec/ /tools/bats/
volumeMounts:
- name: tools
mountPath: /tools
containers:
- name: mongo
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command:
- /tools/bats/bats
- -t
- /tests/mongodb-up-test.sh
env:
- name: FULL_NAME
value: {{ template "mongodb-replicaset.fullname" . }}
- name: REPLICAS
value: "{{ .Values.replicas }}"
volumeMounts:
- name: tools
mountPath: /tools
- name: tests
mountPath: /tests
volumes:
- name: tools
emptyDir: {}
- name: tests
configMap:
name: {{ template "mongodb-replicaset.fullname" . }}-tests
restartPolicy: Never
charts/mongodb-replicaset/test.sh 0 → 100755
#! /bin/bash
# Copyright 2016 The Kubernetes Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
NS="${RELEASE_NAMESPACE:-default}"
POD_NAME="${RELEASE_NAME:-mongo}-mongodb-replicaset"
MONGOCACRT=/ca/tls.crt
MONGOPEM=/work-dir/mongo.pem
if [ -f $MONGOPEM ]; then
MONGOARGS="--ssl --sslCAFile $MONGOCACRT --sslPEMKeyFile $MONGOPEM"
fi
for i in $(seq 0 2); do
pod="${POD_NAME}-$i"
kubectl exec --namespace $NS $pod -- sh -c 'mongo '"$MONGOARGS"' --eval="printjson(rs.isMaster())"' | grep '"ismaster" : true'
if [ $? -eq 0 ]; then
echo "Found master: $pod"
MASTER=$pod
break
fi
done
kubectl exec --namespace $NS $MASTER -- mongo "$MONGOARGS" --eval='printjson(db.test.insert({"status": "success"}))'
# TODO: find maximum duration to wait for slaves to be up-to-date with master.
sleep 2
for i in $(seq 0 2); do
pod="${POD_NAME}-$i"
if [[ $pod != $MASTER ]]; then
echo "Reading from slave: $pod"
kubectl exec --namespace $NS $pod -- mongo "$MONGOARGS" --eval='rs.slaveOk(); db.test.find().forEach(printjson)'
fi
done
charts/mongodb-replicaset/tests/mongodb-up-test.sh 0 → 100644
#!/usr/bin/env bash
MONGOCACRT=/ca/tls.crt
MONGOPEM=/work-dir/mongo.pem
if [ -f "$MONGOPEM" ]; then
MONGOARGS="--ssl --sslCAFile $MONGOCACRT --sslPEMKeyFile $MONGOPEM"
fi
pod_name() {
local full_name="${FULL_NAME?Environment variable FULL_NAME not set}"
local index="$1"
echo "$full_name-$index.$full_name"
}
replicas() {
echo "${REPLICAS?Environment variable REPLICAS not set}"
}
master_pod() {
for ((i = 0; i < $(replicas); ++i)); do
response=$(mongo "$MONGOARGS" "--host=$(pod_name "$i")" "--eval=rs.isMaster().ismaster")
if [[ "$response" =~ "true" ]]; then
pod_name "$i"
break
fi
done
}
setup() {
local ready=0
until [[ "$ready" -eq $(replicas) ]]; do
echo "Waiting for application to become ready" >&2
sleep 1
for ((i = 0; i < $(replicas); ++i)); do
response=$(mongo "$MONGOARGS" "--host=$(pod_name "$i")" "--eval=rs.status()" || true)
if [[ "$response" =~ .*ok.* ]]; then
ready=$((ready + 1))
fi
done
done
}
@test "Testing mongodb client is accessible" {
mongo -h
[ "$?" -eq 0 ]
}
@test "Connect mongodb client to mongodb pods" {
for ((i = 0; i < $(replicas); ++i)); do
response=$(mongo "$MONGOARGS" "--host=$(pod_name "$i")" "--eval=rs.status()")
if [[ ! "$response" =~ .*ok.* ]]; then
exit 1
fi
done
}
@test "Write key to master" {
response=$(mongo "$MONGOARGS" --host=$(master_pod) "--eval=db.test.insert({\"abc\": \"def\"}).nInserted")
if [[ ! "$response" =~ "1" ]]; then
exit 1
fi
}
@test "Read key from slaves" {
# wait for slaves to catch up
sleep 10
for ((i = 0; i < $(replicas); ++i)); do
response=$(mongo "$MONGOARGS" --host=$(pod_name "$i") "--eval=rs.slaveOk(); db.test.find({\"abc\":\"def\"})")
if [[ ! "$response" =~ .*def.* ]]; then
exit 1
fi
done
}
charts/mongodb-replicaset/values.yaml 0 → 100644
replicas: 3
port: 27017
replicaSetName: rs0
podDisruptionBudget: {}
# maxUnavailable: 1
# minAvailable: 2
auth:
enabled: false
# adminUser: username
# adminPassword: password
# key: keycontent
# existingKeySecret:
# existingAdminSecret:
# Specs for the Docker image for the init container that establishes the replica set
installImage:
repository: k8s.gcr.io/mongodb-install
tag: 0.6
pullPolicy: IfNotPresent
# Specs for the MongoDB image
image:
repository: mongo
tag: 3.6
pullPolicy: IfNotPresent
# Additional environment variables to be set in the container
extraVars: {}
# - name: TCMALLOC_AGGRESSIVE_DECOMMIT
# value: "true"
# Annotations to be added to MongoDB pods
podAnnotations: {}
securityContext:
runAsUser: 999
fsGroup: 999
runAsNonRoot: true
resources: {}
# limits:
# cpu: 500m
# memory: 512Mi
# requests:
# cpu: 100m
# memory: 256Mi
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
affinity: {}
tolerations: []
persistentVolume:
enabled: true
## mongodb-replicaset data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 10Gi
annotations: {}
# Annotations to be added to the service
serviceAnnotations: {}
tls:
# Enable or disable MongoDB TLS support
enabled: false
# Please generate your own TLS CA by generating it via:
# $ openssl genrsa -out ca.key 2048
# $ openssl req -x509 -new -nodes -key ca.key -days 10000 -out ca.crt -subj "/CN=mydomain.com"
# After that you can base64 encode it and paste it here:
# $ cat ca.key | base64 -w0
# cacert:
# cakey:
# Entries for the MongoDB config file
configmap:
# Readiness probe
readinessProbe:
initialDelaySeconds: 5
timeoutSeconds: 1
failureThreshold: 3
periodSeconds: 10
successThreshold: 1
# Liveness probe
livenessProbe:
initialDelaySeconds: 30
timeoutSeconds: 5
failureThreshold: 3
periodSeconds: 10
successThreshold: 1
charts/mongodb/Chart.yaml 0 → 100644
name: mongodb
version: 2.0.1
appVersion: 3.7.3
description: NoSQL document-oriented database that stores JSON-like documents with dynamic schemas, simplifying the integration of data in content-driven applications.
keywords:
- mongodb
- database
- nosql
home: https://mongodb.org
icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png
sources:
- https://github.com/bitnami/bitnami-docker-mongodb
maintainers:
- name: Bitnami
email: containers@bitnami.com
engine: gotpl
charts/wordpress/0/OWNERS charts/mongodb/OWNERS
......@@ -2,7 +2,9 @@ approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
charts/mongodb/README.md 0 → 100644
## Prerequisites
- Kubernetes 1.4+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Configuration
The following table lists the configurable parameters of the MongoDB chart and their default values.
| Parameter | Description | Default |
|---------------------------- |------------------------------------- |----------------------------------------------------------|
| `image.registry` | MongoDB image registry | `docker.io` |
| `image.repository` | MongoDB Image name | `bitnami/mongodb` |
| `image.tag` | MongoDB Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `mongodbRootPassword` | MongoDB admin password | `random alhpanumeric string (10)` |
| `mongodbUsername` | MongoDB custom user | `nil` |
| `mongodbPassword` | MongoDB custom user password | `random alhpanumeric string (10)` |
| `mongodbDatabase` | Database to create | `nil` |
| `mongodbExtraFlags` | MongoDB additional command line flags | [] |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.nodePort` | Port to bind to for NodePort service type | `nil` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.size` | Size of data volume | `8Gi` |
| `nodeSelector` | Node labels for pod assignment | {} |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 30 |
| `livenessProbe.periodSeconds` | How often to perform the probe | 10 |
| `livenessProbe.timeoutSeconds` | When the probe times out | 5 |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 6 |
| `readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated | 5 |
| `readinessProbe.periodSeconds` | How often to perform the probe | 10 |
| `readinessProbe.timeoutSeconds` | When the probe times out | 5 |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 6 |
The above parameters map to the env variables defined in [bitnami/mongodb](http://github.com/bitnami/bitnami-docker-mongodb). For more information please refer to the [bitnami/mongodb](http://github.com/bitnami/bitnami-docker-mongodb) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set mongodbRootPassword=secretpassword,mongodbUsername=my-user,mongodbPassword=my-password,mongodbDatabase=my-database \
stable/mongodb
```
The above command sets the MongoDB `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/mongodb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Persistence
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image stores the MongoDB data and configurations at the `/bitnami/mongodb` path of the container.
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
charts/mongodb/app-readme.md 0 → 100644
# MongoDB
[MongoDB](https://www.mongodb.com/) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster.
## Introduction
This chart bootstraps a [MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
charts/mongodb/questions.yml 0 → 100644
categories:
- Database
- NoSQL
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.registry
default: "docker.io"
description: "MongoDB image registry "
type: string
label: MongoDB Image Registry
- variable: image.repository
default: "bitnami/mongodb"
description: "MongoDB image name"
type: string
label: MongoDB Image Name
- variable: image.tag
default: "3.7.3"
description: "MongoDB image tag"
type: string
label: Image Tag
- variable: mongodbRootPassword
default: ""
description: "Password for the root user, defaults to a random 10-character alphanumeric string if not set"
type: password
label: MongoDB Root Password
- variable: mongodbUsername
default: ""
description: "Username of new user to create."
type: string
label: MongoDB User
required: true
- variable: mongodbPassword
default: ""
description: "Password for mongodb user, defaults to a random 10-character alphanumeric string if not set"
type: password
label: MongoDB Password
- variable: mongodbDatabase
default: ""
description: "Database name to create"
type: string
label: MongoDB Database
required: true
- variable: service.type
default: "ClusterIP"
description: "MongoDB K8s Service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
required: true
label: MongoDB Service Type
- variable: service.nodePort
default: "32100"
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: string
show_if: "service.type=NodePort"
label: Service NodePort number
- variable: persistence.enabled
default: "false"
description: "Enable persistent volume for MongoDB"
type: enum
options:
- "true"
- "false"
required: true
label: MongoDB Persistent Volume Enabled
show_subquestion_if: true
subquestions:
- variable: persistence.size
default: "8Gi"
description: "MongoDB Persistent Volume Size"
type: string
label: MongoDB Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MongoDB
charts/mongodb/templates/NOTES.txt 0 → 100644
{{- if contains .Values.service.type "LoadBalancer" }}
{{- if not .Values.mongodbRootPassword }}
-------------------------------------------------------------------------------
WARNING
By specifying "service.type=LoadBalancer" and not specifying "mongodbRootPassword"
you have most likely exposed the MongoDB service externally without any
authentication mechanism.
For security reasons, we strongly suggest that you switch to "ClusterIP" or
"NodePort". As alternative, you can also specify a valid password on the
"mongodbRootPassword" parameter.
-------------------------------------------------------------------------------
{{- end }}
{{- end }}
** Please be patient while the chart is being deployed **
MongoDB can be accessed via port 27017 on the following DNS name from within your cluster:
{{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
To connect to your database run the following command:
kubectl run {{ template "mongodb.fullname" . }}-client --rm --tty -i --image bitnami/mongodb --command -- mongo --host {{ template "mongodb.fullname" . }} {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end }}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mongodb.fullname" . }})
mongo --host $NODE_IP --port $NODE_PORT {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mongodb.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
mongo --host $SERVICE_IP --port {{ .Values.service.nodePort }} {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "mongodb.name" . }}" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME 27017:27017 &
mongo --host 127.0.0.1 {{- if .Values.mongodbRootPassword }} -p {{ .Values.mongodbRootPassword }}{{- end }}
{{- end }}
charts/memcached/1/templates/_helpers.tpl charts/mongodb/templates/_helpers.tpl
......@@ -2,7 +2,7 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "memcached.name" -}}
{{- define "mongodb.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
......@@ -10,7 +10,7 @@ Expand the name of the chart.
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "memcached.fullname" -}}
{{- define "mongodb.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
charts/mongodb/templates/deployment.yaml 0 → 100644
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "mongodb.name" . }}
spec:
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end }}
containers:
- name: {{ template "mongodb.fullname" . }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mongodb.fullname" . }}
key: mongodb-root-password
- name: MONGODB_USERNAME
value: {{ default "" .Values.mongodbUsername | quote }}
{{ if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "mongodb.fullname" . }}
key: mongodb-password
{{ end }}
- name: MONGODB_DATABASE
value: {{ default "" .Values.mongodbDatabase | quote }}
- name: MONGODB_EXTRA_FLAGS
value: {{ default "" .Values.mongodbExtraFlags | join " " }}
ports:
- name: mongodb
containerPort: 27017
livenessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
{{ toYaml .Values.livenessProbe | indent 10 }}
readinessProbe:
exec:
command:
- mongo
- --eval
- "db.adminCommand('ping')"
{{ toYaml .Values.readinessProbe | indent 10 }}
volumeMounts:
- name: data
mountPath: /bitnami/mongodb
resources:
{{ toYaml .Values.resources | indent 10 }}
volumes:
- name: data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
{{- else }}
emptyDir: {}
{{- end -}}
charts/mongodb/templates/pvc.yaml 0 → 100644
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "mongodb.fullname" . }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
charts/mongodb/templates/secrets.yaml 0 → 100644
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{ if .Values.mongodbRootPassword }}
mongodb-root-password: {{ .Values.mongodbRootPassword | b64enc | quote }}
{{ else }}
mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ end }}
{{ if and .Values.mongodbUsername .Values.mongodbDatabase }}
{{ if .Values.mongodbPassword }}
mongodb-password: {{ .Values.mongodbPassword | b64enc | quote }}
{{ else }}
mongodb-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ end }}
{{ end }}
charts/memcached/1/templates/svc.yaml charts/mongodb/templates/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ template "memcached.fullname" . }}
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "memcached.fullname" . }}
app: {{ template "mongodb.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
clusterIP: None
type: {{ .Values.service.type }}
ports:
- name: memcache
port: 11211
targetPort: memcache
- name: mongodb
port: 27017
targetPort: mongodb
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
selector:
app: {{ template "memcached.fullname" . }}
app: {{ template "mongodb.name" . }}
charts/mongodb/values.yaml 0 → 100644
## Bitnami MongoDB image version
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
image:
registry: docker.io
repository: bitnami/mongodb
tag: 3.7.3
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## MongoDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mongodbRootPassword:
## MongoDB custom user and database
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run
##
# mongodbUsername:
# mongodbPassword:
# mongodbDatabase:
## MongoDB additional command line flags
##
## Can be used to specify command line flags, for example:
##
## mongodbExtraFlags:
## - "--wiredTigerCacheSizeGB=2"
mongodbExtraFlags: []
service:
## Kubernetes service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
## mongodb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 256Mi
cpu: 100m
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
charts/mysql/0/Chart.yaml charts/mysql/Chart.yaml
name: mysql
version: 0.3.6
version: 0.3.7
appVersion: 5.7.14
description: Fast, reliable, scalable, and easy to use open-source relational database
system.
keywords:
......
charts/mysql/0/README.md charts/mysql/README.md
# MySQL
[MySQL](https://MySQL.org) is one of the most popular database servers in the world. Notable users include Wikipedia, Facebook and Google.
## Introduction
This chart bootstraps a single node MySQL deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes 1.6+ with Beta APIs enabled
......@@ -13,14 +5,6 @@ This chart bootstraps a single node MySQL deployment on a [Kubernetes](http://ku
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release stable/mysql
```
The command deploys MySQL on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
By default a random password will be generated for the root user. If you'd like to set your own password change the mysqlRootPassword
in the values.yaml.
......@@ -30,16 +14,6 @@ You can retrieve your root password by running the following command. Make sure
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the MySQL chart and their default values.
......@@ -64,6 +38,7 @@ The following table lists the configurable parameters of the MySQL chart and the
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 |
| `persistence.enabled` | Create a volume to store data | true |
| `persistence.size` | Size of persistent volume claim | 8Gi RW |
| `nodeSelector` | Node labels for pod assignment | {} |
| `persistence.storageClass` | Type of persistent volume claim | nil (uses alpha storage class annotation) |
| `persistence.accessMode` | ReadWriteOnce or ReadOnly | ReadWriteOnce |
| `persistence.existingClaim` | Name of existing persistent volume | `nil` |
......
charts/mysql/app-readme.md 0 → 100644
# MySQL
[MySQL](https://MySQL.org) is one of the most popular database servers in the world. Notable users include Wikipedia, Facebook and Google.
## Introduction
This chart bootstraps a single node MySQL deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
charts/mysql/0/questions.yml charts/mysql/questions.yml
categories:
- Database
- MySQL
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.repository
default: "mysql"
description: "Docker image name"
type: string
label: Image Name
- variable: image.tag
default: "5.7.14"
description: "Docker image tag"
type: string
label: Image Tag
- variable: mysqlDatabase
default: ""
description: "Name for new database to create"
type: string
required: true
label: MySQL Database
- variable: mysqlUser
default: "admin"
default: ""
description: "Username of new user to create."
type: string
required: true
label: MySQL Username
- variable: mysqlPassword
default: "changeme"
description: "MySQL Password for the new user."
type: string
required: true
default: ""
description: "MySQL Password for the new user, defaults to a random 10-character alphanumeric string if not set"
type: password
label: MySQL Password
- variable: mysqlDatabase
default: "database"
description: "Name for new database to create"
type: string
required: true
label: MySQL Database
- variable: mysqlRootPassword
default: ""
description: "Password for the root user, defaults to a random 10-character alphanumeric string if not set"
type: string
type: password
label: MySQL Root Password
- variable: persistence.enabled
default: "false"
......@@ -31,13 +53,36 @@ questions:
- "false"
required: true
label: Persistent Volume Enabled
- variable: persistence.size
default: "8Gi"
description: "Volume Size"
show_subquestion_if: true
subquestions:
- variable: persistence.size
default: "8Gi"
description: "Volume Size"
type: string
label: Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default storageClass
- variable: service.port
default: "3306"
description: "Service port for access to MySQL"
type: string
label: Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
label: MySQL NodePort number
required: true
- variable: service.type
default: "NodePort"
description: "MySQL K8s Service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
required: true
label: MySQL Service Type
- variable: service.nodePort
default: "32000"
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: string
label: Default storageClass
show_if: "service.type=NodePort"
label: Service NodePort number
charts/mysql/0/templates/NOTES.txt charts/mysql/templates/NOTES.txt
......@@ -34,3 +34,4 @@ To connect to your database directly from outside the K8s cluster:
{{- end }}
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
charts/mysql/0/templates/deployment.yaml charts/mysql/templates/deployment.yaml
......@@ -24,6 +24,10 @@ spec:
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
containers:
- name: {{ template "mysql.fullname" . }}
image: "{{ .Values.image }}:{{ .Values.imageTag }}"
......
charts/mysql/0/values.yaml charts/mysql/values.yaml
......@@ -28,6 +28,10 @@ imageTag: "5.7.14"
##
imagePullPolicy: IfNotPresent
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
......
charts/redis-ha/0/README.md charts/redis-ha/README.md
# Redis
[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.
## TL;DR;
```bash
$ helm install stable/redis-ha
```
By default this chart install one master pod containing redis master container and sentinel container, 2 sentinels and 1 redis slave.
## Introduction
This chart bootstraps a [Redis](https://github.com/bitnami/bitnami-docker-redis) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes 1.5+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart
```bash
$ helm install stable/redis-ha
```
The command deploys Redis on the Kubernetes cluster in the default configuration. By default this chart install one master pod containing redis master container and sentinel container, 2 sentinels and 1 redis slave. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the deployment:
```bash
$ helm delete <chart-name>
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Appliance mode
This chart can be used to launch Redis in a black box appliance mode that you can think of like a managed service. To run as an appliance, change the service type for the master and slave LBs to enable local access from within the K8S cluster.
......
charts/redis-ha/app-readme.md 0 → 100644
# Redis
[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.
## Introduction
This chart bootstraps a [Redis](https://github.com/bitnami/bitnami-docker-redis) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
By default this chart install one master pod containing redis master container and sentinel container, 2 sentinels and 1 redis slave.
charts/redis-ha/0/questions.yml charts/redis-ha/questions.yml
categories:
- KeyValue
- Database
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image
default: "quay.io/smile/redis:4.0.8r0"
description: "Redis Docker image"
type: string
label: Redis Docker Image
- variable: replicas.servers
default: "3"
description: "Number of redis master/slave pods"
......@@ -13,16 +31,25 @@ questions:
required: true
- variable: auth
default: "false"
description: "Configures redis with AUTH (requirepass & masterauth conf params)"
description: "Configures redis with Auth"
type: enum
options:
- "true"
- "false"
required: true
label: Redis AUTH Enabled
- variable: redisPassword
default: ""
description: "Redis password, Defaults to a random 10-character alphanumeric string if not set and auth is true"
type: string
label: Redis Password
label: Redis Auth Enabled
show_subquestion_if: true
subquestions:
- variable: redisPassword
default: ""
description: "Redis password, defaults to a random 10-character alphanumeric string if not set and auth is true"
type: password
label: Redis Password
- variable: servers.serviceType
default: "ClusterIP"
description: "Service type for Redis servers"
type: enum
options:
- "ClusterIP"
- "LoadBalancer"
label: Service type for Redis servers
charts/redis/0/README.md deleted 100644 → 0
# Redis
[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.
## TL;DR;
```bash
$ helm install stable/redis
```
## Introduction
This chart bootstraps a [Redis](https://github.com/bitnami/bitnami-docker-redis) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes 1.4+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install --name my-release stable/redis
```
The command deploys Redis on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the Redis chart and their default values.
| Parameter | Description | Default |
|-------------------------------|-------------------------------------------------- |------------------------------|
| `image` | Redis image | `bitnami/redis:{VERSION}` |
| `imagePullPolicy` | Image pull policy | `IfNotPresent` |
| `serviceType` | Kubernetes Service type | `ClusterIP` |
| `usePassword` | Use password | `true` |
| `redisPassword` | Redis password | Randomly generated |
| `redisDisableCommands` | Comma-separated list of Redis commands to disable | `FLUSHDB,FLUSHALL` |
| `args` | Redis command-line args | [] |
| `redisExtraFlags` | Redis additional command line flags | [] |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.path` | Path to mount the volume at, to use other images | `/bitnami` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` |
| `persistence.storageClass` | Storage class of backing PVC | `generic` |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.size` | Size of data volume | `8Gi` |
| `resources` | CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image` | Exporter image | `oliver006/redis_exporter` |
| `metrics.imageTag` | Exporter image | `v0.11` |
| `metrics.imagePullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
| `nodeSelector` | Node labels for pod assignment | {} |
| `tolerations` | Toleration labels for pod assignment | [] |
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `service.annotations` | annotations for redis service | {} |
| `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `` |
| `securityContext.enabled` | Enable security context | `true` |
The above parameters map to the env variables defined in [bitnami/redis](http://github.com/bitnami/bitnami-docker-redis). For more information please refer to the [bitnami/redis](http://github.com/bitnami/bitnami-docker-redis) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set redisPassword=secretpassword \
stable/redis
```
The above command sets the Redis server password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/redis
```
> **Tip**: You can use the default [values.yaml](values.yaml)
> **Note for minikube users**: Current versions of minikube (v0.24.1 at the time of writing) provision `hostPath` persistent volumes that are only writable by root. Using chart defaults cause pod failure for the Redis pod as it attempts to write to the `/bitnami` directory. Consider installing Redis with `--set persistence.enabled=false`. See minikube issue [1990](https://github.com/kubernetes/minikube/issues/1990) for more information.
## NetworkPolicy
To enable network policy for Redis, install
[a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin),
and set `networkPolicy.enabled` to `true`.
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting
the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
With NetworkPolicy enabled, only pods with the generated client label will be
able to connect to Redis. This label will be displayed in the output
after a successful install.
## Persistence
The [Bitnami Redis](https://github.com/bitnami/bitnami-docker-redis) image stores the Redis data and configurations at the `/bitnami` path of the container.
By default, the chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning. If a Persistent Volume Claim already exists, specify it during installation.
### Existing PersistentVolumeClaim
1. Create the PersistentVolume
1. Create the PersistentVolumeClaim
1. Install the chart
```bash
$ helm install --set persistence.existingClaim=PVC_NAME redis
```
## Metrics
The chart optionally can start a metrics exporter for [prometheus](https://prometheus.io). The metrics endpoint (port 9121) is exposed in the service. Metrics can be scraped from within the cluster using something similar as the described in the [example Prometheus scrape configuration](https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml). If metrics are to be scraped from outside the cluster, the Kubernetes API proxy can be utilized to access the endpoint.
charts/redis/0/templates/NOTES.txt deleted 100644 → 0
Redis can be accessed via port 6379 on the following DNS name from within your cluster:
{{ template "redis.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{- if .Values.usePassword }}
To get your password run:
REDIS_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "redis.fullname" . }} -o jsonpath="{.data.redis-password}" | base64 --decode)
{{- end }}
To connect to your Redis server:
1. Run a Redis pod that you can use as a client:
kubectl run --namespace {{ .Release.Namespace }} {{ template "redis.fullname" . }}-client --rm --tty -i \
{{ if .Values.usePassword }} --env REDIS_PASSWORD=$REDIS_PASSWORD \{{ end }}
{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ template "redis.fullname" . }}-client=true" \{{- end }}
--image {{ .Values.image }} -- bash
2. Connect using the Redis CLI:
redis-cli -h {{ template "redis.fullname" . }}{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}
Note: Since NetworkPolicy is enabled, only pods with label
{{ template "redis.fullname" . }}-client=true"
will be able to connect to redis.
{{- end }}
charts/redis/0/templates/deployment.yaml deleted 100644 → 0
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "redis.fullname" . }}
labels:
app: {{ template "redis.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
app: {{ template "redis.fullname" . }}
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
containers:
- name: {{ template "redis.fullname" . }}
image: "{{ .Values.image }}"
imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }}
{{- if .Values.args }}
args:
{{ toYaml .Values.args | indent 10 }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.fullname" . }}
key: redis-password
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: REDIS_DISABLE_COMMANDS
value: {{ .Values.redisDisableCommands }}
{{- if .Values.redisExtraFlags }}
- name: REDIS_EXTRA_FLAGS
value: {{ .Values.redisExtraFlags | join " " }}
{{- end }}
ports:
- name: redis
containerPort: 6379
livenessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- redis-cli
- ping
initialDelaySeconds: 5
timeoutSeconds: 1
resources:
{{ toYaml .Values.resources | indent 10 }}
volumeMounts:
- name: redis-data
mountPath: {{ .Values.persistence.path }}
subPath: {{ .Values.persistence.subPath }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: "{{ .Values.metrics.image }}:{{ .Values.metrics.imageTag }}"
imagePullPolicy: {{ .Values.metrics.imagePullPolicy | quote }}
env:
- name: REDIS_ALIAS
value: {{ template "redis.fullname" . }}
{{- if .Values.usePassword }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.fullname" . }}
key: redis-password
{{- end }}
ports:
- name: metrics
containerPort: 9121
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{- end }}
volumes:
- name: redis-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "redis.fullname" .) }}
{{- else }}
emptyDir: {}
{{- end -}}
charts/redis/0/values.yaml deleted 100644 → 0
## Bitnami Redis image version
## ref: https://hub.docker.com/r/bitnami/redis/tags/
##
image: bitnami/redis:4.0.9-r0
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
imagePullPolicy: IfNotPresent
## Kubernetes service type
serviceType: ClusterIP
## Pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Use password authentication
usePassword: true
## Redis password
## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-redis#setting-the-server-password-on-first-run
##
# redisPassword:
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
##
## args:
## - "redis-server"
## - "--maxmemory-policy volatile-ttl"
args:
## Redis additional command line flags
##
## Can be used to specify command line flags, for example:
##
## redisExtraFlags:
## - "--maxmemory-policy volatile-ttl"
## - "--repl-backlog-size 1024mb"
redisExtraFlags:
## Comma-separated list of Redis commands to disable
##
## Can be used to disable Redis commands for security reasons.
## ref: https://github.com/bitnami/bitnami-docker-redis#disabling-redis-commands
##
redisDisableCommands: "FLUSHDB,FLUSHALL"
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /bitnami
## The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services.
subPath: ""
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
metrics:
enabled: false
image: oliver006/redis_exporter
imageTag: v0.11
imagePullPolicy: IfNotPresent
resources: {}
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9121"
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources:
requests:
memory: 256Mi
cpu: 100m
## Node labels and tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
nodeSelector: {}
tolerations: []
## Additional pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
## annotations for redis pods
podAnnotations: {}
networkPolicy:
## Enable creation of NetworkPolicy resources.
##
enabled: false
## The Policy model to apply. When set to false, only pods with the correct
## client label will have network access to the port Redis is listening
## on. When true, Redis will accept connections from any source
## (with the correct destination port).
##
allowExternal: true
service:
annotations: {}
loadBalancerIP:
charts/redis/0/Chart.yaml charts/redis/Chart.yaml
name: redis
version: 1.1.21
version: 3.0.2
appVersion: 4.0.9
description: Open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.
keywords:
......
charts/redis/OWNERS 0 → 100644
approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
charts/redis/README.md 0 → 100644
## Configuration
The following table lists the configurable parameters of the Redis chart and their default values.
| Parameter | Description | Default |
|--------------------------------------------|----------------------------------------------------------------------------------------------------------------|--------------------------------------|
| `image.registry` | Redis Image registry | `docker.io` |
| `image.repository` | Redis Image name | `bitnami/redis` |
| `image.tag` | Redis Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` |
| `image.pullSecrets` | Specify docker-ragistry secret names as an array | `nil` |
| `cluster.enabled` | Use master-slave topology | `true` |
| `cluster.slaveCount` | Number of slaves | 1 |
| `existingSecret` | Name of existing secret object (for password authentication) | `nil` |
| `usePassword` | Use password | `true` |
| `password` | Redis password (ignored if existingSecret set) | Randomly generated |
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Redis Image registry | `docker.io` |
| `metrics.image.repository` | Redis Image name | `bitnami/redis` |
| `metrics.image.tag` | Redis Image tag | `{VERSION}` |
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
| `metrics.podLabels` | Additional labels for Metrics exporter pod | {} |
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} |
| `metrics.targetServiceAnnotations` | Annotations for the services to monitor (redis master and redis slave service) | {} |
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
| `master.persistence.enabled` | Use a PVC to persist data (master node) | `true` |
| `master.persistence.path` | Path to mount the volume at, to use other images | `/bitnami` |
| `master.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `master.persistence.storageClass` | Storage class of backing PVC | `generic` |
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `master.persistence.size` | Size of data volume | `8Gi` |
| `master.podLabels` | Additional labels for Redis master pod | {} |
| `master.podAnnotations` | Additional annotations for Redis master pod | {} |
| `master.port` | Redis master port | 6379 |
| `master.args` | Redis master command-line args | [] |
| `master.disableCommands` | Comma-separated list of Redis commands to disable (master) | `FLUSHDB,FLUSHALL` |
| `master.extraFlags` | Redis master additional command line flags | [] |
| `master.nodeSelector` | Redis master Node labels for pod assignment | {"beta.kubernetes.io/arch": "amd64"} |
| `master.tolerations` | Toleration labels for Redis master pod assignment | [] |
| `master.service.type` | Kubernetes Service type (redis master) | `LoadBalancer` |
| `master.service.annotations` | annotations for redis master service | {} |
| `master.service.loadBalancerIP` | loadBalancerIP if redis master service type is `LoadBalancer` | `nil` |
| `master.securityContext.enabled` | Enable security context (redis master pod) | `true` |
| `master.securityContext.fsGroup` | Group ID for the container (redis master pod) | `1001` |
| `master.securityContext.runAsUser` | User ID for the container (redis master pod) | `1001` |
| `master.resources` | Redis master CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` |
| `master.livenessProbe.enabled` | Turn on and off liveness probe (redis master pod) | `true` |
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis master pod) | `30` |
| `master.livenessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `30` |
| `master.livenessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `5` |
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
| `master.readinessProbe.enabled` | Turn on and off readiness probe (redis master pod) | `true` |
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (redis master pod) | `5` |
| `master.readinessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `10` |
| `master.readinessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `1` |
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
| `slave.serviceType` | Kubernetes Service type (redis slave) | `LoadBalancer` |
| `slave.service.annotations` | annotations for redis slave service | {} |
| `slave.service.loadBalancerIP` | LoadBalancerIP if Redis slave service type is `LoadBalancer` | `nil` |
| `slave.port` | Redis slave port | `master.port` |
| `slave.args` | Redis slave command-line args | `master.args` |
| `slave.disableCommands` | Comma-separated list of Redis commands to disable (slave) | `master.disableCommands` |
| `slave.extraFlags` | Redis slave additional command line flags | `master.extraFlags` |
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (redis slave pod) | `master.livenessProbe.enabled` |
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis slave pod) | `master.livenessProbe.initialDelaySeconds` |
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.livenessProbe.periodSeconds` |
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.livenessProbe.timeoutSeconds` |
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.livenessProbe.successThreshold` |
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `master.livenessProbe.failureThreshold` |
| `slave.readinessProbe.enabled` | Turn on and off slave.readiness probe (redis slave pod) | `master.readinessProbe.enabled` |
| `slave.readinessProbe.initialDelaySeconds` | Delay before slave.readiness probe is initiated (redis slave pod) | `master.readinessProbe.initialDelaySeconds` |
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.readinessProbe.periodSeconds` |
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.readinessProbe.timeoutSeconds` |
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.readinessProbe.successThreshold` |
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis slave pod) | `master.readinessProbe.failureThreshold` |
| `slave.podLabels` | Additional labels for Redis slave pod | `master.podLabels` |
| `slave.podAnnotations` | Additional annotations for Redis slave pod | `master.podAnnotations` |
| `slave.securityContext.enabled` | Enable security context (redis slave pod) | `master.securityContext.enabled` |
| `slave.securityContext.fsGroup` | Group ID for the container (redis slave pod) | `master.securityContext.fsGroup` |
| `slave.securityContext.runAsUser` | User ID for the container (redis slave pod) | `master.securityContext.runAsUser` |
| `slave.resources` | Redis slave CPU/Memory resource requests/limits | `master.resources` |
The above parameters map to the env variables defined in [bitnami/redis](http://github.com/bitnami/bitnami-docker-redis). For more information please refer to the [bitnami/redis](http://github.com/bitnami/bitnami-docker-redis) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set redisPassword=secretpassword \
stable/redis
```
The above command sets the Redis server password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/redis
```
> **Tip**: You can use the default [values.yaml](values.yaml)
> **Note for minikube users**: Current versions of minikube (v0.24.1 at the time of writing) provision `hostPath` persistent volumes that are only writable by root. Using chart defaults cause pod failure for the Redis pod as it attempts to write to the `/bitnami` directory. Consider installing Redis with `--set persistence.enabled=false`. See minikube issue [1990](https://github.com/kubernetes/minikube/issues/1990) for more information.
## NetworkPolicy
To enable network policy for Redis, install
[a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin),
and set `networkPolicy.enabled` to `true`.
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting
the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
With NetworkPolicy enabled, only pods with the generated client label will be
able to connect to Redis. This label will be displayed in the output
after a successful install.
## Persistence
The [Bitnami Redis](https://github.com/bitnami/bitnami-docker-redis) image stores the Redis data and configurations at the `/bitnami` path of the container.
By default, the chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning. If a Persistent Volume Claim already exists, specify it during installation.
By default, the chart persists both data and configuration. If you wish to persist only the data directory set `persistence.path` to `/bitnami/redis/data` and `persistence.subPath` to `redis/data`.
### Existing PersistentVolumeClaim
1. Create the PersistentVolume
1. Create the PersistentVolumeClaim
1. Install the chart
```bash
$ helm install --set persistence.existingClaim=PVC_NAME redis
```
## Metrics
The chart optionally can start a metrics exporter for [prometheus](https://prometheus.io). The metrics endpoint (port 9121) is exposed in the service. Metrics can be scraped from within the cluster using something similar as the described in the [example Prometheus scrape configuration](https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml). If metrics are to be scraped from outside the cluster, the Kubernetes API proxy can be utilized to access the endpoint.
charts/redis/app-readme.md 0 → 100644
# Redis
[Redis](http://redis.io/) is an advanced key-value cache and store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets, sorted sets, bitmaps and hyperloglogs.
## Introduction
This chart bootstraps a [Redis](https://github.com/bitnami/bitnami-docker-redis) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
charts/redis/0/questions.yml charts/redis/questions.yml
categories:
- KeyValue
- Database
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.registry
default: "docker.io"
description: "Docker image registry "
type: string
label: Redis image registry
- variable: image.repository
default: "bitnami/redis"
description: "Docker image name"
type: string
label: Redis image name
- variable: image.tag
default: "4.0.9"
description: "Docker image tag"
type: string
label: Redis image tag
- variable: cluster.enabled
default: "true"
description: "Use master-slave topology"
label: Use master-slave topology
type: enum
options:
- "true"
- "false"
show_subquestion_if: true
subquestions:
- variable: cluster.slaveCount
default: "3"
description: "Number of slaves"
type: string
label: Number of slaves
- variable: usePassword
default: "true"
description: "Use password authentication"
......@@ -8,12 +51,14 @@ questions:
- "false"
required: true
label: Enable Redis Password
- variable: redisPassword
default: ""
description: "Defaults to a random 10-character alphanumeric string if not set and usePassword is true"
type: string
label: Redis Password
- variable: persistence.enabled
show_subquestion_if: true
subquestions:
- variable: redisPassword
default: ""
description: "Redis password, defaults to a random 10-character alphanumeric string if not set"
type: password
label: Redis Password
- variable: master.persistence.enabled
default: "false"
description: "Enable persistence volume for Redis"
type: enum
......@@ -22,13 +67,20 @@ questions:
- "false"
required: true
label: Persistent Volume Enabled
- variable: persistence.size
default: "8Gi"
description: "Persistent volume size"
type: string
label: Persistent Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class
show_subquestion_if: true
subquestions:
- variable: master.persistence.size
default: "8Gi"
description: "Persistent volume size"
type: string
label: Persistent Volume Size
- variable: master.persistence.path
default: "/redis/data"
description: "Persistent volume size"
type: string
label: Persistent Volume Size
- variable: master.persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class
charts/redis/templates/NOTES.txt 0 → 100644
** Please be patient while the chart is being deployed **
{{- if contains .Values.master.service.type "LoadBalancer" }}
{{- if not .Values.usePassword }}
{{ if and (not .Values.networkPolicy.enabled) (.Values.networkPolicy.allowExternal) }}
-------------------------------------------------------------------------------
WARNING
By specifying "master.service.type=LoadBalancer" and "usePassword=false" you have
most likely exposed the Redis service externally without any authentication
mechanism.
For security reasons, we strongly suggest that you switch to "ClusterIP" or
"NodePort". As alternative, you can also switch to "usePassword=true"
providing a valid password on "password" parameter.
-------------------------------------------------------------------------------
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.cluster.enabled }}
Redis can be accessed via port {{ .Values.master.port }} on the following DNS names from within your cluster:
{{ template "redis.fullname" . }}-master.{{ .Release.Namespace }}.svc.cluster.local for read/write operations
{{ template "redis.fullname" . }}-slave.{{ .Release.Namespace }}.svc.cluster.local for read-only operations
{{- else }}
Redis can be accessed via port {{ .Values.master.port }} on the following DNS name from within your cluster:
{{ template "redis.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{- end }}
{{ if .Values.usePassword }}
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "redis.fullname" . }} -o jsonpath="{.data.redis-password}" | base64 --decode)
{{- end }}
To connect to your Redis server:
1. Run a Redis pod that you can use as a client:
kubectl run --namespace {{ .Release.Namespace }} {{ template "redis.fullname" . }}-client --rm --tty -i \
{{ if .Values.usePassword }} --env REDIS_PASSWORD=$REDIS_PASSWORD \{{ end }}
{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ template "redis.name" . }}-client=true" \{{- end }}
--image {{ template "redis.image" . }} -- bash
2. Connect using the Redis CLI:
{{- if .Values.cluster.enabled }}
redis-cli -h {{ template "redis.fullname" . }}-master{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
redis-cli -h {{ template "redis.fullname" . }}-slave{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- else }}
redis-cli -h {{ template "redis.fullname" . }}{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- end }}
{{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}
Note: Since NetworkPolicy is enabled, only pods with label
{{ template "redis.fullname" . }}-client=true"
will be able to connect to redis.
{{- else -}}
To connect to your database from outside the cluster execute the following commands:
{{- if contains "NodePort" .Values.master.service.type }}
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "redis.fullname" . }}-master)
redis-cli -h $NODE_IP -p $NODE_PORT {{- if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- else if contains "LoadBalancer" .Values.master.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "redis.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "redis.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
redis-cli -h $SERVICE_IP -p {{ .Values.master.service.nodePort }} {{- if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- else if contains "ClusterIP" .Values.master.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "redis.name" . }}" -o jsonpath="{.items[0].metadata.name}")
kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME {{ .Values.master.port }}:{{ .Values.master.port }}
redis-cli -h 127.0.0.1 -p {{ .Values.master.port }} {{- if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- end }}
{{- end }}
charts/redis/templates/_helpers.tpl 0 → 100644
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "redis.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Expand the chart plus release name (used by the chart label)
*/}}
{{- define "redis.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "redis.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for networkpolicy.
*/}}
{{- define "networkPolicy.apiVersion" -}}
{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "extensions/v1beta1" -}}
{{- else -}}
{{- print "networking.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name
*/}}
{{- define "redis.image" -}}
{{- $registryName := default .Values.image.registry "docker.io" -}}
{{- $tag := .Values.image.tag | default "latest" -}}
{{- printf "%s/%s:%s" $registryName .Values.image.repository $tag -}}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "metrics.image" -}}
{{- $registryName := default .Values.metrics.image.registry "docker.io" -}}
{{- $tag := .Values.metrics.image.tag | default "latest" -}}
{{- printf "%s/%s:%s" $registryName .Values.metrics.image.repository $tag -}}
{{- end -}}
{{/*
Return slave readiness probe
*/}}
{{- define "redis.slave.readinessProbe" -}}
{{- $readinessProbe := .Values.slave.readinessProbe | default .Values.master.readinessProbe -}}
{{- if $readinessProbe }}
{{- if $readinessProbe.enabled }}
readinessProbe:
initialDelaySeconds: {{ $readinessProbe.initialDelaySeconds | default .Values.master.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ $readinessProbe.periodSeconds | default .Values.master.readinessProbe.periodSeconds }}
timeoutSeconds: {{ $readinessProbe.timeoutSeconds | default .Values.master.readinessProbe.timeoutSeconds }}
successThreshold: {{ $readinessProbe.successThreshold | default .Values.master.readinessProbe.successThreshold }}
failureThreshold: {{ $readinessProbe.failureThreshold | default .Values.master.readinessProbe.failureThreshold }}
exec:
command:
- redis-cli
- ping
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return slave liveness probe
*/}}
{{- define "redis.slave.livenessProbe" -}}
{{- $livenessProbe := .Values.slave.livenessProbe | default .Values.master.livenessProbe -}}
{{- if $livenessProbe }}
{{- if $livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ $livenessProbe.initialDelaySeconds | default .Values.master.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ $livenessProbe.periodSeconds | default .Values.master.livenessProbe.periodSeconds }}
timeoutSeconds: {{ $livenessProbe.timeoutSeconds | default .Values.master.livenessProbe.timeoutSeconds }}
successThreshold: {{ $livenessProbe.successThreshold | default .Values.master.livenessProbe.successThreshold }}
failureThreshold: {{ $livenessProbe.failureThreshold | default .Values.master.livenessProbe.failureThreshold}}
exec:
command:
- redis-cli
- ping
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return slave security context
*/}}
{{- define "redis.slave.securityContext" -}}
{{- $securityContext := .Values.slave.securityContext | default .Values.master.securityContext -}}
{{- if $securityContext }}
{{- if $securityContext.enabled }}
securityContext:
fsGroup: {{ $securityContext.fsGroup | default .Values.master.securityContext.fsGroup }}
runAsUser: {{ $securityContext.runAsUser | default .Values.master.securityContext.runAsUser }}
{{- end }}
{{- end }}
{{- end -}}
charts/redis/templates/metrics-deployment.yaml 0 → 100644
{{- if .Values.metrics.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "redis.fullname" . }}-metrics
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
template:
metadata:
labels:
release: "{{ .Release.Name }}"
role: metrics
app: {{ template "redis.name" . }}
{{- if .Values.metrics.podLabels }}
{{ toYaml .Values.metrics.podLabels | indent 8 }}
{{- end }}
{{- if .Values.metrics.podAnnotations }}
annotations:
{{ toYaml .Values.metrics.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- if .Values.metrics.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end}}
{{- if .Values.metrics.nodeSelector }}
nodeSelector:
{{ toYaml .Values.metrics.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.metrics.tolerations }}
tolerations:
{{ toYaml .Values.metrics.tolerations | indent 8 }}
{{- end }}
containers:
- name: metrics
image: {{ template "metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
env:
- name: REDIS_ADDR
{{- if .Values.cluster.enabled }}
value: {{ printf "%s-master:%d,%s-slave:%d" ( include "redis.fullname" . ) ( int .Values.master.port ) ( include "redis.fullname" . ) ( .Values.slave.port | default .Values.master.port | int ) | quote }}
{{- else }}
value: {{ printf "%s-master:%d" (include "redis.fullname" . ) (int .Values.master.port) | quote }}
{{- end }}
- name: REDIS_ALIAS
value: {{ template "redis.fullname" . }}
{{- if .Values.usePassword }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.fullname" . }}
key: redis-password
{{- end }}
ports:
- name: metrics
containerPort: 9121
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{- end }}
charts/redis/0/templates/networkpolicy.yaml charts/redis/templates/networkpolicy.yaml
......@@ -4,14 +4,14 @@ apiVersion: {{ template "networkPolicy.apiVersion" . }}
metadata:
name: "{{ template "redis.fullname" . }}"
labels:
app: {{ template "redis.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
podSelector:
matchLabels:
app: {{ template "redis.fullname" . }}
app: {{ template "redis.name" . }}
ingress:
# Allow inbound connections
- ports:
......
charts/redis/templates/redis-master-statefulset.yaml 0 → 100644
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: {{ template "redis.fullname" . }}-master
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
selector:
matchLabels:
release: "{{ .Release.Name }}"
role: master
app: {{ template "redis.name" . }}
serviceName: "redis-master"
template:
metadata:
labels:
release: "{{ .Release.Name }}"
role: master
app: {{ template "redis.name" . }}
{{- if .Values.master.podLabels }}
{{ toYaml .Values.master.podLabels | indent 8 }}
{{- end }}
{{- if .Values.master.podAnnotations }}
annotations:
{{ toYaml .Values.master.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end}}
{{- if .Values.master.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.master.securityContext.fsGroup }}
runAsUser: {{ .Values.master.securityContext.runAsUser }}
{{- end }}
{{- if .Values.master.nodeSelector }}
nodeSelector:
{{ toYaml .Values.master.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.master.tolerations }}
tolerations:
{{ toYaml .Values.master.tolerations | indent 8 }}
{{- end }}
containers:
- name: {{ template "redis.fullname" . }}
image: "{{ template "redis.image" . }}"
imagePullPolicy: {{ default "" .Values.image.pullPolicy | quote }}
{{- if .Values.master.args }}
args:
{{ toYaml .Values.master.args | indent 10 }}
{{- end }}
env:
- name: REDIS_REPLICATION_MODE
value: master
{{- if .Values.usePassword }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "redis.fullname" . }}
{{- end }}
key: redis-password
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
- name: REDIS_PORT
value: {{ .Values.master.port | quote }}
{{- end }}
- name: REDIS_DISABLE_COMMANDS
value: {{ .Values.master.disableCommands }}
{{- if .Values.master.extraFlags }}
- name: REDIS_EXTRA_FLAGS
value: {{ .Values.master.extraFlags | join " " }}
{{- end }}
ports:
- name: redis
containerPort: {{ .Values.master.port }}
{{- if .Values.master.livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.master.livenessProbe.failureThreshold }}
exec:
command:
- redis-cli
- ping
{{- end }}
{{- if .Values.master.readinessProbe.enabled}}
readinessProbe:
initialDelaySeconds: {{ .Values.master.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.master.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.master.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.master.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.master.readinessProbe.failureThreshold }}
exec:
command:
- redis-cli
- ping
{{- end }}
resources:
{{ toYaml .Values.master.resources | indent 10 }}
volumeMounts:
- name: redis-data
mountPath: {{ .Values.master.persistence.path }}
subPath: {{ .Values.master.persistence.subPath }}
{{- if not .Values.master.persistence.enabled }}
volumes:
- name: "redis-data"
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
name: redis-data
labels:
app: "{{ template "redis.name" . }}"
chart: {{ template "redis.chart" . }}
component: "master"
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
spec:
accessModes:
{{- range .Values.master.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.master.persistence.size | quote }}
{{- if .Values.master.persistence.storageClass }}
{{- if (eq "-" .Values.master.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: {{ .Values.master.persistence.storageClass | quote }}
{{- end }}
{{- end }}
{{- end }}
charts/redis/0/templates/svc.yaml charts/redis/templates/redis-master-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ template "redis.fullname" . }}
name: {{ template "redis.fullname" . }}-master
labels:
app: {{ template "redis.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.service.annotations }}
{{ toYaml .Values.service.annotations | indent 4 }}
{{- if .Values.master.service.annotations }}
{{ toYaml .Values.master.service.annotations | indent 4 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.annotations | indent 4 }}
{{ toYaml .Values.metrics.targetServiceAnnotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.serviceType }}
{{ if eq .Values.serviceType "LoadBalancer" -}} {{ if .Values.service.loadBalancerIP -}}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
type: {{ .Values.master.service.type }}
{{ if eq .Values.master.service.type "LoadBalancer" -}} {{ if .Values.master.service.loadBalancerIP -}}
loadBalancerIP: {{ .Values.master.service.loadBalancerIP }}
{{ end -}}
{{- end -}}
ports:
......@@ -30,4 +30,8 @@ spec:
targetPort: metrics
{{- end }}
selector:
app: {{ template "redis.fullname" . }}
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"
{{- if .Values.cluster.enabled }}
role: master
{{- end }}
charts/redis/templates/redis-slave-deployment.yaml 0 → 100644
{{- if .Values.cluster.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "redis.fullname" . }}-slave
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.cluster.slaveCount }}
replicas: {{ .Values.cluster.slaveCount }}
{{- end }}
template:
metadata:
labels:
release: "{{ .Release.Name }}"
role: slave
app: {{ template "redis.name" . }}
{{- if (.Values.slave.podLabels | default .Values.master.podLabels) }}
{{ toYaml (.Values.slave.podLabels | default .Values.master.podLabels) | indent 8 }}
{{- end }}
{{- if (.Values.slave.podAnnotations | default .Values.master.podAnnotations) }}
annotations:
{{ toYaml (.Values.slave.podAnnotations | default .Values.master.podAnnotations) | indent 8 }}
{{- end }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end}}
{{- /* Include master securityContext if slave securityContext not defined */ -}}
{{ include "redis.slave.securityContext" . | indent 6 }}
{{- if (.Values.slave.nodeSelector | default .Values.master.nodeSelector) }}
nodeSelector:
{{ toYaml (.Values.slave.nodeSelector | default .Values.master.nodeSelector) | indent 8 }}
{{- end }}
{{- if (.Values.slave.tolerations | default .Values.master.tolerations) }}
tolerations:
{{ toYaml (.Values.slave.tolerations | default .Values.master.tolerations) | indent 8 }}
{{- end }}
containers:
- name: {{ template "redis.fullname" . }}
image: {{ template "redis.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | default "" | quote }}
{{- if (.Values.slave.args | default .Values.master.args) }}
args:
{{ toYaml (.Values.slave.args | default .Values.master.args) | indent 10 }}
{{- end }}
env:
- name: REDIS_REPLICATION_MODE
value: slave
- name: REDIS_MASTER_HOST
value: {{ template "redis.fullname" . }}-master
- name: REDIS_PORT
value: {{ .Values.slave.port | default .Values.master.port | quote }}
- name: REDIS_MASTER_PORT_NUMBER
value: {{ .Values.master.port | quote }}
{{- if .Values.usePassword }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "redis.fullname" . }}
{{- end }}
key: redis-password
- name: REDIS_MASTER_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.existingSecret }}
name: {{ .Values.existingSecret }}
{{- else }}
name: {{ template "redis.fullname" . }}
{{- end }}
key: redis-password
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: REDIS_DISABLE_COMMANDS
value: {{ .Values.slave.disableCommands | default .Values.master.disableCommands }}
{{- if (.Values.slave.extraFlags | default .Values.master.extraFlags) }}
- name: REDIS_EXTRA_FLAGS
value: {{ .Values.slave.extraFlags | default .Values.master.extraFlags | join " " }}
{{- end }}
ports:
- name: redis
containerPort: {{ .Values.slave.port | default .Values.master.port }}
{{- /* Include master livenessProbe if slave livenessProbe not defined */ -}}
{{ include "redis.slave.livenessProbe" . | indent 8 }}
{{- /* Include master readinessProbe if slave readinessProbe not defined */ -}}
{{ include "redis.slave.readinessProbe" . | indent 8 }}
resources:
{{ toYaml (.Values.slave.resources | default .Values.master.resources) | indent 10 }}
{{- end }}
charts/redis/templates/redis-slave-svc.yaml 0 → 100644
{{- if .Values.cluster.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "redis.fullname" . }}-slave
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.master.service.annotations }}
{{ toYaml .Values.master.service.annotations | indent 4 }}
{{- end }}
{{- if .Values.metrics.enabled }}
{{ toYaml .Values.metrics.targetServiceAnnotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.slave.service.type }}
{{ if eq .Values.slave.service.type "LoadBalancer" -}} {{ if .Values.slave.service.loadBalancerIP -}}
loadBalancerIP: {{ .Values.slave.service.loadBalancerIP }}
{{ end -}}
{{- end -}}
ports:
- name: redis
port: 6379
targetPort: redis
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9121
targetPort: metrics
{{- end }}
selector:
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"
role: slave
{{- end}}
charts/redis/0/templates/secrets.yaml charts/redis/templates/secrets.yaml
{{- if .Values.usePassword -}}
{{- if and .Values.usePassword (not .Values.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "redis.fullname" . }}
labels:
app: {{ template "redis.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{- if .Values.redisPassword }}
redis-password: {{ .Values.redisPassword | b64enc | quote }}
{{- if .Values.password }}
redis-password: {{ .Values.password | b64enc | quote }}
{{- else }}
redis-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
......
charts/redis/values-production.yaml 0 → 100644
## Bitnami Redis image version
## ref: https://hub.docker.com/r/bitnami/redis/tags/
##
image:
registry: docker.io
repository: bitnami/redis
tag: 4.0.9
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Cluster settings
cluster:
enabled: true
slaveCount: 3
metrics:
enabled: true
# resources: {}
# podAnnotations: {}
# targetServiceAnnotations:
# prometheus.io/scrape: "true"
# prometheus.io/port: "9121"
image:
registry: docker.io
repository: oliver006/redis_exporter
tag: v0.11
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Metrics exporter labels and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Metrics exporter pod Annotation and Labels
# podLabels: {}
networkPolicy:
## Enable creation of NetworkPolicy resources.
##
enabled: true
## The Policy model to apply. When set to false, only pods with the correct
## client label will have network access to the port Redis is listening
## on. When true, Redis will accept connections from any source
## (with the correct destination port).
##
# allowExternal: true
## Redis password (both master and slave)
## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-redis#setting-the-server-password-on-first-run
##
usePassword: true
password:
## Use existing secret (ignores previous password)
# existingSecret:
##
## Redis Master parameters
##
master:
## Use password authentication
port: 6379
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
##
## args:
## - "redis-server"
## - "--maxmemory-policy volatile-ttl"
args: []
## Redis additional command line flags
##
## Can be used to specify command line flags, for example:
##
## redisExtraFlags:
## - "--maxmemory-policy volatile-ttl"
## - "--repl-backlog-size 1024mb"
extraFlags: []
## Comma-separated list of Redis commands to disable
##
## Can be used to disable Redis commands for security reasons.
## ref: https://github.com/bitnami/bitnami-docker-redis#disabling-redis-commands
##
disableCommands: "FLUSHDB,FLUSHALL"
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
## Redis Master additional pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
## Redis Master resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Master Liveness Probe
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
## Redis Master Readiness Probe
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Master Node labels and tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Redis Master pod annotations
podAnnotations: {}
## Redis Master Service properties
service:
## Redis Master Service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Redis Master Pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /bitnami/redis/data
## The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
##
## Redis Slave properties
## Note: serviceType and service are mandatory parameters
## The rest of the parameters, if undefined, will inherit those declared in Redis Master
##
slave:
## Slave Service properties
service:
## Redis Slave Service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Redis slave optional overrides
## Redis port
# port: 6379
## Redis command arguments
# args: []
## Redis extra flags
# extraFlags: []
## Comma-separated list of Redis commands to disable
# disableCommands: ""
## Redis slave Liveness Probe
# livenessProbe:
# enabled: true
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
## Redis slave Readiness Probe
# readinessProbe:
# enabled: true
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 10
# successThreshold: 1
# failureThreshold: 5
## Redis slave Resource
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis slave labels and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Redis slave pod Annotation and Labels
# podLabels: {}
## annotations for redis pods
# podAnnotations: {}
## Redis slave pod Security Context
# securityContext:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
charts/redis/values.yaml 0 → 100644
## Bitnami Redis image version
## ref: https://hub.docker.com/r/bitnami/redis/tags/
##
image:
registry: docker.io
repository: bitnami/redis
tag: 4.0.9
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Cluster settings
cluster:
enabled: true
slaveCount: 1
metrics:
enabled: false
# resources: {}
# podAnnotations: {}
# targetServiceAnnotations:
# prometheus.io/scrape: "true"
# prometheus.io/port: "9121"
image:
registry: docker.io
repository: oliver006/redis_exporter
tag: v0.11
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## Metrics exporter labels and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Metrics exporter pod Annotation and Labels
# podLabels: {}
networkPolicy:
## Enable creation of NetworkPolicy resources.
##
enabled: false
## The Policy model to apply. When set to false, only pods with the correct
## client label will have network access to the port Redis is listening
## on. When true, Redis will accept connections from any source
## (with the correct destination port).
##
# allowExternal: true
## Redis password (both master and slave)
## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-redis#setting-the-server-password-on-first-run
##
usePassword: true
password:
## Use existing secret (ignores previous password)
# existingSecret:
##
## Redis Master parameters
##
master:
## Use password authentication
port: 6379
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
##
## args:
## - "redis-server"
## - "--maxmemory-policy volatile-ttl"
args: []
## Redis additional command line flags
##
## Can be used to specify command line flags, for example:
##
## redisExtraFlags:
## - "--maxmemory-policy volatile-ttl"
## - "--repl-backlog-size 1024mb"
extraFlags: []
## Comma-separated list of Redis commands to disable
##
## Can be used to disable Redis commands for security reasons.
## ref: https://github.com/bitnami/bitnami-docker-redis#disabling-redis-commands
##
disableCommands: "FLUSHDB,FLUSHALL"
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
## Redis Master additional pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
## Redis Master resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Master Liveness Probe
livenessProbe:
enabled: false
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
## Redis Master Readiness Probe
readinessProbe:
enabled: false
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 1
# successThreshold: 1
# failureThreshold: 5
## Redis Master Node labels and tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Redis Master pod annotations
podAnnotations: {}
## Redis Master Service properties
service:
## Redis Master Service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Redis Master Pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /bitnami/redis/data
## The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
##
## Redis Slave properties
## Note: serviceType and service are mandatory parameters
## The rest of the parameters, if undefined, will inherit those declared in Redis Master
##
slave:
## Slave Service properties
service:
## Redis Slave Service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Redis port
# port: 6379
## Redis command arguments
# args: []
## Redis extra flags
# extraFlags: []
## Comma-separated list of Redis commands to disable
# disableCommands: ""
## Redis slave Liveness Probe
# livenessProbe:
# enabled: true
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
## Redis slave Readiness Probe
# readinessProbe:
# enabled: true
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 10
# successThreshold: 1
# failureThreshold: 5
## Redis slave Resource
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis slave labels and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Redis slave pod Annotation and Labels
# podLabels: {}
## annotations for redis pods
# podAnnotations: {}
## Redis slave pod Security Context
# securityContext:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
charts/wordpress/0/Chart.yaml charts/wordpress/Chart.yaml
name: wordpress
version: 0.8.16
version: 1.0.2
appVersion: 4.9.4
description: Web publishing platform for building blogs and websites.
icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png
......
charts/wordpress/OWNERS 0 → 100644
approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
charts/wordpress/0/README.md charts/wordpress/README.md
......@@ -46,15 +46,19 @@ The command removes all the Kubernetes components associated with the chart and
The following table lists the configurable parameters of the WordPress chart and their default values.
| Parameter | Description | Default |
| ------------------------------- | ------------------------------- | ---------------------------------------------------------- |
| `image` | WordPress image | `bitnami/wordpress:{VERSION}` |
| `imagePullPolicy` | Image pull policy | `IfNotPresent` |
| ------------------------------------ | ------------------------------------------ | ---------------------------------------------------------- |
| `image.registry` | WordPress image registry | `docker.io` |
| `image.repository` | WordPress image name | `bitnami/wordpress` |
| `image.tag` | WordPress image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `wordpressUsername` | User of the application | `user` |
| `wordpressPassword` | Application password | _random 10 character long alphanumeric string_ |
| `wordpressEmail` | Admin email | `user@example.com` |
| `wordpressFirstName` | First name | `FirstName` |
| `wordpressLastName` | Last name | `LastName` |
| `wordpressBlogName` | Blog name | `User's Blog!` |
| `wordpressTablePrefix` | Table prefix | `wp_` |
| `allowEmptyPassword` | Allow DB blank passwords | `yes` |
| `smtpHost` | SMTP host | `nil` |
| `smtpPort` | SMTP port | `nil` |
......@@ -71,7 +75,7 @@ The following table lists the configurable parameters of the WordPress chart and
| `externalDatabase.user` | Existing username in the external db | `bn_wordpress` |
| `externalDatabase.password` | Password for the above username | `nil` |
| `externalDatabase.database` | Name of the existing database | `bitnami_wordpress` |
| `externalDatabase.port` | Database port number | `3306` |
| `externalDatabase.port` | Database port number | `3306` |
| `serviceType` | Kubernetes Service type | `LoadBalancer` |
| `nodePorts.http` | Kubernetes http node port | `""` |
| `nodePorts.https` | Kubernetes https node port | `""` |
......@@ -134,7 +138,7 @@ Note also if you disable MariaDB per above you MUST supply values for the `exter
This chart provides support for ingress resources. If you have an
ingress controller installed on your cluster, such as [nginx-ingress](https://kubeapps.com/charts/stable/nginx-ingress)
or [traefik](https://kubeapps.com/charts/stable/traefik) you can utilize
the ingress controller to service your WordPress application.
the ingress controller to serve your WordPress application.
To enable ingress integration, please set `ingress.enabled` to `true`
......@@ -191,11 +195,11 @@ wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc=
-----END RSA PRIVATE KEY-----
````
If you are going to use helm to manage the certificates, please copy
If you are going to use Helm to manage the certificates, please copy
these values into the `certificate` and `key` values for a given
`ingress.secrets` entry.
If you are going are going to manage TLS secrets outside of helm, please
If you are going are going to manage TLS secrets outside of Helm, please
know that you can create a TLS secret by doing the following:
```
......
charts/wordpress/app-readme.md 0 → 100644
# WordPress
[WordPress](https://wordpress.org/) is one of the most versatile open source content management systems on the market. A publishing platform for building blogs and websites.
## Installing
This chart bootstraps a [WordPress](https://github.com/bitnami/bitnami-docker-wordpress) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [Bitnami MariaDB chart](https://github.com/kubernetes/charts/tree/master/stable/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the WordPress application.
charts/wordpress/0/questions.yml charts/wordpress/questions.yml
categories:
- Blog
- CMS
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.registry
default: "docker.io"
description: "WordPress image registry "
type: string
label: WordPress Image Registry
- variable: image.repository
default: "bitnami/wordpress"
description: "WordPress image name"
type: string
label: WordPress Image Name
- variable: image.tag
default: "4.9.4"
description: "WordPress image tag"
type: string
label: Image Tag
- variable: wordpressUsername
default: "user"
description: "User of the application"
type: string
required: true
label: WordPress Usernname
- variable: wordpressPassword
default: ""
description: "Application Password(defualt random 10 character long alphanumeric string if not set)"
type: password
label: WordPress Password
- variable: wordpressEmail
default: "user@example.com"
description: "Admin email"
......@@ -19,22 +52,54 @@ questions:
- "true"
- "false"
required: true
label: MariaDB Enabled
- variable: mariadb.mariadbDatabase
default: "wordpress"
description: "Database name to create"
label: Install MariaDB
show_subquestion_if: true
subquestions:
- variable: mariadb.mariadbDatabase
default: "wordpress"
description: "Database name to create"
type: string
label: MariaDB Database
- variable: mariadb.mariadbUser
default: "wordpress"
description: "Database user to create"
type: string
label: MariaDB User
- variable: mariadb.mariadbPassword
default: ""
description: "Password for mariadbUser"
type: password
label: MariaDB Password
- variable: externalDatabase.host
default: ""
description: "Host of the external database"
type: string
label: External Database Host
show_if: "mariadb.enabled=false"
- variable: externalDatabase.user
default: ""
description: "Existing username in the external DB"
type: string
label: MariaDB Database
- variable: mariadb.mariadbUser
default: "wordpress"
description: "Database user to create"
label: External Database username
show_if: "mariadb.enabled=false"
- variable: externalDatabase.password
default: ""
description: "external database password"
type: password
label: External Database password
show_if: "mariadb.enabled=false"
- variable: externalDatabase.database
default: ""
description: "Name of the existing database"
type: string
label: MariaDB User
- variable: mariadb.mariadbPassword
default: "changeme"
description: "Password for mariadbUser"
label: External Database
show_if: "mariadb.enabled=false"
- variable: externalDatabase.port
default: "3306"
description: "External database port number "
type: string
label: MariaDB Password
label: External Database Port
show_if: "mariadb.enabled=false"
- variable: mariadb.persistence.enabled
default: "false"
description: "Enable persistent volume for MariaDB"
......@@ -44,16 +109,19 @@ questions:
- "false"
required: true
label: MariaDB Persistent Volume Enabled
- variable: mariadb.persistence.size
default: "8Gi"
description: "MariaDB Persistent Volume Size"
type: string
label: MariaDB Volume Size
- variable: mariadb.persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MariaDB
show_if: "mariadb.enabled=true"
show_subquestion_if: true
subquestions:
- variable: mariadb.persistence.size
default: "8Gi"
description: "MariaDB Persistent Volume Size"
type: string
label: MariaDB Volume Size
- variable: mariadb.persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for MariaDB
- variable: persistence.enabled
default: "false"
description: "Enable persistent volume for Wordpress"
......@@ -63,23 +131,25 @@ questions:
- "false"
required: true
label: Wordpress Persistent Volume Enabled
- variable: persistence.size
default: "10Gi"
description: "WordPress Persistent Volume Size"
type: string
label: WordPress Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for WordPress
show_subquestion_if: true
subquestions:
- variable: persistence.size
default: "10Gi"
description: "WordPress Persistent Volume Size"
type: string
label: WordPress Volume Size
- variable: persistence.storageClass
default: ""
description: "If unndefined or set to null, using the default storageClass. default to null"
type: string
label: Default Storage Class for WordPress
- variable: serviceType
default: "NodePort"
default: "LoadBalancer"
description: "Wordpress Service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
required: true
label: Wordpress Service Type
- variable: nodePorts.http
......@@ -87,8 +157,32 @@ questions:
description: "NodePort http port(to set explicitly, choose port between 30000-32767)"
type: string
label: NodePort Http Port
show_if: "serviceType=NodePort"
- variable: nodePorts.https
default: "32764"
description: "NodePort https port(to set explicitly, choose port between 30000-32767)"
type: string
label: NodePort Https Port
show_if: "serviceType=NodePort"
- variable: ingress.enabled
default: "false"
description: "Enable ingress controller resource"
type: enum
options:
- "true"
- "false"
label: Use External Access
show_subquestion_if: true
subquestions:
- variable: ingress.hosts[0].name
default: "wordpress.local"
description: "Hostname to your WordPress installation"
type: string
required: true
label: Hostname
- variable: ingress.hosts[0].path
default: "/"
description: "Path within the url structure "
type: string
required: true
label: Hostname
charts/wordpress/0/templates/deployment.yaml charts/wordpress/templates/deployment.yaml
......@@ -14,10 +14,16 @@ spec:
labels:
app: {{ template "fullname" . }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end }}
containers:
- name: {{ template "fullname" . }}
image: "{{ .Values.image }}"
imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: ALLOW_EMPTY_PASSWORD
{{- if .Values.allowEmptyPassword }}
......@@ -25,16 +31,6 @@ spec:
{{- else }}
value: "no"
{{- end }}
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
{{- if .Values.mariadb.enabled }}
name: {{ template "mariadb.fullname" . }}
key: mariadb-root-password
{{- else }}
name: {{ printf "%s-%s" .Release.Name "externaldb" }}
key: db-root-password
{{- end }}
- name: MARIADB_HOST
{{- if .Values.mariadb.enabled }}
value: {{ template "mariadb.fullname" . }}
......@@ -70,35 +66,37 @@ spec:
key: db-password
{{- end }}
- name: WORDPRESS_USERNAME
value: {{ default "" .Values.wordpressUsername | quote }}
value: {{ .Values.wordpressUsername | quote }}
- name: WORDPRESS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: wordpress-password
- name: WORDPRESS_EMAIL
value: {{ default "" .Values.wordpressEmail | quote }}
value: {{ .Values.wordpressEmail | quote }}
- name: WORDPRESS_FIRST_NAME
value: {{ default "" .Values.wordpressFirstName | quote }}
value: {{ .Values.wordpressFirstName | quote }}
- name: WORDPRESS_LAST_NAME
value: {{ default "" .Values.wordpressLastName | quote }}
value: {{ .Values.wordpressLastName | quote }}
- name: WORDPRESS_BLOG_NAME
value: {{ default "" .Values.wordpressBlogName | quote }}
value: {{ .Values.wordpressBlogName | quote }}
- name: WORDPRESS_TABLE_PREFIX
value: {{ .Values.wordpressTablePrefix | quote }}
- name: SMTP_HOST
value: {{ default "" .Values.smtpHost | quote }}
value: {{ .Values.smtpHost | quote }}
- name: SMTP_PORT
value: {{ default "" .Values.smtpPort | quote }}
value: {{ .Values.smtpPort | quote }}
- name: SMTP_USER
value: {{ default "" .Values.smtpUser | quote }}
value: {{ .Values.smtpUser | quote }}
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "fullname" . }}
key: smtp-password
- name: SMTP_USERNAME
value: {{ default "" .Values.smtpUsername | quote }}
value: {{ .Values.smtpUsername | quote }}
- name: SMTP_PROTOCOL
value: {{ default "" .Values.smtpProtocol | quote }}
value: {{ .Values.smtpProtocol | quote }}
ports:
- name: http
containerPort: 80
......
charts/wordpress/0/templates/tests/test-mariadb-connection.yaml charts/wordpress/templates/tests/test-mariadb-connection.yaml
......@@ -8,7 +8,8 @@ metadata:
spec:
containers:
- name: {{ .Release.Name }}-credentials-test
image: {{ .Values.image }}
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: MARIADB_HOST
value: {{ template "mariadb.fullname" . }}
......
charts/wordpress/0/values.yaml charts/wordpress/values.yaml
## Bitnami WordPress image version
## ref: https://hub.docker.com/r/bitnami/wordpress/tags/
##
image: bitnami/wordpress:4.9.4-r5
## Specify an imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
imagePullPolicy: IfNotPresent
image:
registry: docker.io
repository: bitnami/wordpress
tag: 4.9.4
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
## User of the application
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
......@@ -39,9 +48,14 @@ wordpressLastName: LastName
##
wordpressBlogName: User's Blog!
## Table prefix
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
##
wordpressTablePrefix: wp_
## Set to `yes` to allow the container to be started with blank passwords
## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
allowEmptyPassword: yes
allowEmptyPassword: "yes"
## SMTP mail delivery configuration
## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-configuration
......
proposed/longhorn/README.md
# Longhorn
Longhorn is a distributed block storage system for Kubernetes. Longhorn is lightweight, reliable, and easy-to-use. You can deploy Longhorn on an existing Kubernetes cluster with one simple command. Once Longhorn is deployed, it adds persistent volume support to the Kubernetes cluster.
Longhorn implements distributed block storage using containers and microservices. Longhorn creates a dedicated storage controller for each block device volume and sychronously replicates the volume across multiple replicas stored on multiple nodes. The storage controller and replicas are themselves orchestrated using Kubernetes. Longhorn supports snapshots, backups, and even allows you to schedule recurring snapshots and backups!
## Source Code
Longhorn is 100% open source software. Project source code is spread across a number of repos:
......
proposed/longhorn/app-readme.md 0 → 100644
# Longhorn
Longhorn is a distributed block storage system for Kubernetes. Longhorn is lightweight, reliable, and easy-to-use. You can deploy Longhorn on an existing Kubernetes cluster with one simple command. Once Longhorn is deployed, it adds persistent volume support to the Kubernetes cluster.
Longhorn implements distributed block storage using containers and microservices. Longhorn creates a dedicated storage controller for each block device volume and sychronously replicates the volume across multiple replicas stored on multiple nodes. The storage controller and replicas are themselves orchestrated using Kubernetes. Longhorn supports snapshots, backups, and even allows you to schedule recurring snapshots and backups!
proposed/longhorn/questions.yml
categories:
- storage
questions:
- variable: service.ui.type
default: "NodePort"
description: "define Longhorn ui service type"
type: enum
options:
- "NodePort"
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
label: Longhorn UI Service
- variable: service.manager.type
......@@ -13,8 +15,8 @@ questions:
description: "define Longhorn manager service type"
type: enum
options:
- "NodePort"
- "ClusterIP"
- "NodePort"
label: Longhorn Manager Service
- variable: persistence.defaultClass
default: "true"
......
proposed/longhorn/values.yaml
......@@ -6,7 +6,7 @@ image:
engine: rancher/longhorn-engine:de88734
manager: rancher/longhorn-manager:1ebf5cb
ui: rancher/longhorn-ui:1455f4f
pullPolicy: Always
pullPolicy: IfNotPresent
service:
ui:
......
proposed/nfs/README.md
# nfs-provisioner
nfs-provisioner is an out-of-tree dynamic provisioner for Kubernetes. You can use it to quickly & easily deploy shared storage that works almost anywhere.
Or it can help you write your own out-of-tree dynamic provisioner by serving as an example implementation of the requirements detailed in the proposal.
## Introduction
It works just like in-tree dynamic provisioners: a `StorageClass` object can specify an instance of nfs-provisioner to be its `provisioner` like it specifies in-tree provisioners such as GCE or AWS. Then, the instance of nfs-provisioner will watch for `PersistentVolumeClaims` that ask for the `StorageClass` and automatically create NFS-backed `PersistentVolumes` for them. For more information on how dynamic provisioning works, see [the docs](http://kubernetes.io/docs/user-guide/persistent-volumes/) or [this blog post](http://blog.kubernetes.io/2016/10/dynamic-provisioning-and-storage-in-kubernetes.html).
## Prerequisites
- Kubernetes 1.5+ with Beta APIs enabled
......
proposed/nfs/app-readme.md 0 → 100644
# nfs-provisioner
nfs-provisioner is an out-of-tree dynamic provisioner for Kubernetes. You can use it to quickly & easily deploy shared storage that works almost anywhere.
Or it can help you write your own out-of-tree dynamic provisioner by serving as an example implementation of the requirements detailed in the proposal.
## Introduction
It works just like in-tree dynamic provisioners: a `StorageClass` object can specify an instance of nfs-provisioner to be its `provisioner` like it specifies in-tree provisioners such as GCE or AWS. Then, the instance of nfs-provisioner will watch for `PersistentVolumeClaims` that ask for the `StorageClass` and automatically create NFS-backed `PersistentVolumes` for them. For more information on how dynamic provisioning works, see [the docs](http://kubernetes.io/docs/user-guide/persistent-volumes/) or [this blog post](http://blog.kubernetes.io/2016/10/dynamic-provisioning-and-storage-in-kubernetes.html).
proposed/nfs/questions.yml
categories:
- storage
questions:
- variable: defaultImage
default: "true"
description: "Use default Docker image"
label: Use Default Image
type: enum
options:
- "true"
- "false"
show_subquestion_if: false
subquestions:
- variable: image.repository
default: "quay.io/kubernetes_incubator/nfs-provisioner"
description: "Docker image name"
type: string
label: NFS Image Name
- variable: image.tag
default: "v1.0.8"
description: "NFS image tag"
type: string
label: Image Tag
- variable: persistence.defaultClass
default: "true"
description: "set as default Storage Class"
......@@ -7,9 +29,9 @@ questions:
- "true"
- "false"
required: true
label: Default Storage Class
label: Set to Default StorageClass
- variable: persistence.hostPath
default: "/home/srv"
default: "/srv"
description: "nfs host path (read and write permission to the configured path is required)"
type: string
label: NFS Host Path
proposed/nfs/templates/daemonset-sa.yaml
apiVersion: {{ template "nfs.apiversion" . }}
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: {{ template "nfs.fullname" . }}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment