Skip to content

C
charts
Commit dba458cb by Guangbo Chen
Options

Bump mongodb chart to v7.2.6

parent 5d3dbc6d
Showing with 947 additions and 216 deletions
charts/mongodb/v7.2.6/Chart.yaml
apiVersion: v1
name: mongodb
version: 5.0.0
appVersion: 4.0.3
version: 7.2.6
appVersion: 4.0.12
description: NoSQL document-oriented database that stores JSON-like documents with dynamic schemas, simplifying the integration of data in content-driven applications.
keywords:
- mongodb
......@@ -10,7 +11,7 @@ keywords:
- replicaset
- replication
home: https://mongodb.org
icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png
icon: file://../mongodb-stack-220x234.png
sources:
- https://github.com/bitnami/bitnami-docker-mongodb
maintainers:
......
charts/mongodb/v7.2.6/OWNERS
......@@ -3,10 +3,12 @@ approvers:
- tompizmor
- sameersbn
- carrodher
- javsalgar
- juan131
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
- javsalgar
- juan131
charts/mongodb/v7.2.6/README.md
......@@ -8,74 +8,130 @@
The following table lists the configurable parameters of the MongoDB chart and their default values.
| Parameter | Description | Default |
| --------------------------------------- | -------------------------------------------------------------------------------------------- | ------------------------------------------- |
| -------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------- |
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `global.storageClass` | Global storage class for dynamic provisioning | `nil` |
| `image.registry` | MongoDB image registry | `docker.io` |
| `image.repository` | MongoDB Image name | `bitnami/mongodb` |
| `image.tag` | MongoDB Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `image.tag` | MongoDB Image tag | `{TAG_NAME}` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `nameOverride` | String to partially override mongodb.fullname template with a string (will prepend the release name) | `nil` |
| `fullnameOverride` | String to fully override mongodb.fullname template with a string | `nil` |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `stretch` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` |
| `volumePermissions.resources` | Init container resource requests/limit | `nil` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `usePassword` | Enable password authentication | `true` |
| `existingSecret` | Existing secret with MongoDB credentials | `nil` |
| `mongodbRootPassword` | MongoDB admin password | `random alhpanumeric string (10)` |
| `mongodbUsername` | MongoDB custom user | `nil` |
| `mongodbPassword` | MongoDB custom user password | `random alhpanumeric string (10)` |
| `mongodbRootPassword` | MongoDB admin password | `random alphanumeric string (10)` |
| `mongodbUsername` | MongoDB custom user (mandatory if `mongodbDatabase` is set) | `nil` |
| `mongodbPassword` | MongoDB custom user password | `random alphanumeric string (10)` |
| `mongodbDatabase` | Database to create | `nil` |
| `mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB | `true` |
| `mongodbExtraFlags` | MongoDB additional command line flags | [] |
| `mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB | `false` |
| `mongodbDirectoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB | `false` |
| `mongodbSystemLogVerbosity` | MongoDB systen log verbosity level | `0` |
| `mongodbDisableSystemLog` | Whether to disable MongoDB system log or not | `false` |
| `mongodbExtraFlags` | MongoDB additional command line flags | `[]` |
| `service.annotations` | Kubernetes service annotations | `{}` |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.clusterIP` | Static clusterIP or None for headless services | `nil` |
| `service.port` | MongoDB service port | `27017` |
| `service.nodePort` | Port to bind to for NodePort service type | `nil` |
| `port` | MongoDB service port | `27017` |
| `service.loadBalancerIP` | Static IP Address to use for LoadBalancer service type | `nil` |
| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` |
| `service.loadBalancerSourceRanges` | List of IP ranges allowed access to load balancer (if supported) | `[]` (does not add IP range restrictions to the service) |
| `replicaSet.enabled` | Switch to enable/disable replica set configuration | `false` |
| `replicaSet.name` | Name of the replica set | `rs0` |
| `replicaSet.useHostnames` | Enable DNS hostnames in the replica set config | `true` |
| `replicaSet.key` | Key used for authentication in the replica set | `nil` |
| `replicaSet.key` | Key used for authentication in the replica set | `random alphanumeric string (10)` |
| `replicaSet.replicas.secondary` | Number of secondary nodes in the replica set | `1` |
| `replicaSet.replicas.arbiter` | Number of arbiter nodes in the replica set | `1` |
| `replicaSet.pdb.minAvailable.primary` | PDB for the MongoDB Primary nodes | `1` |
| `replicaSet.pdb.minAvailable.secondary` | PDB for the MongoDB Secondary nodes | `1` |
| `replicaSet.pdb.minAvailable.arbiter` | PDB for the MongoDB Arbiter nodes | `1` |
| `podAnnotations` | Annotations to be added to pods | {} |
| `podLabels` | Additional labels for the pod(s). | {} |
| `resources` | Pod resources | {} |
| `nodeSelector` | Node labels for pod assignment | {} |
| `affinity` | Affinity for pod assignment | {} |
| `tolerations` | Toleration labels for pod assignment | {} |
| `replicaSet.pdb.enabled` | Switch to enable/disable Pod Disruption Budget | `true` |
| `replicaSet.pdb.minAvailable.secondary` | PDB (min available) for the MongoDB Secondary nodes | `1` |
| `replicaSet.pdb.minAvailable.arbiter` | PDB (min available) for the MongoDB Arbiter nodes | `1` |
| `replicaSet.pdb.maxUnavailable.secondary` | PDB (max unavailable) for the MongoDB Secondary nodes | `nil` |
| `replicaSet.pdb.maxUnavailable.arbiter` | PDB (max unavailable) for the MongoDB Arbiter nodes | `nil` |
| `podAnnotations` | Annotations to be added to pods | `{}` |
| `podLabels` | Additional labels for the pod(s). | `{}` |
| `resources` | Pod resources | `{}` |
| `resourcesArbiter` | Pod resources for arbiter when replica set is enabled | `{}` |
| `priorityClassName` | Pod priority class name | `` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `affinity` | Affinity for pod assignment | `{}` |
| `affinityArbiter` | Affinity for arbiter pod assignment | `{}` |
| `tolerations` | Toleration labels for pod assignment | `{}` |
| `updateStrategy` | Statefulsets update strategy policy | `RollingUpdate` |
| `securityContext.enabled` | Enable security context | `true` |
| `securityContext.fsGroup` | Group ID for the container | `1001` |
| `securityContext.runAsUser` | User ID for the container | `1001` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` |
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mongodb` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.accessModes` | Use volume as ReadOnly or ReadWrite | `[ReadWriteOnce]` |
| `persistence.size` | Size of data volume | `8Gi` |
| `persistence.annotations` | Persistent Volume annotations | `{}` |
| `persistence.existingClaim` | Name of an existing PVC to use (avoids creating one if this is given) | `nil` |
| `extraInitContainers` | Additional init containers as a string to be passed to the `tpl` function | `{}` |
| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
| `livenessProbe.periodSeconds` | How often to perform the probe | `10` |
| `livenessProbe.timeoutSeconds` | When the probe times out | `5` |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` |
| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` |
| `readinessProbe.periodSeconds` | How often to perform the probe | `10` |
| `readinessProbe.timeoutSeconds` | When the probe times out | `5` |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` |
| `initConfigMap.name` | Custom config map with init scripts | `nil` |
| `configmap` | MongoDB configuration file to be used | `nil` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.certManager` | Add annotations for cert-manager | `false` |
| `ingress.annotations` | Ingress annotations | `[]` |
| `ingress.hosts[0].name` | Hostname to your MongoDB installation | `mongodb.local` |
| `ingress.hosts[0].path` | Path within the url structure | `/` |
| `ingress.tls[0].hosts[0]` | TLS hosts | `mongodb.local` |
| `ingress.tls[0].secretName` | TLS Secret (certificates) | `mongodb.local-tls` |
| `ingress.secrets[0].name` | TLS Secret Name | `nil` |
| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` |
| `ingress.secrets[0].key` | TLS Secret Key | `nil` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | MongoDB exporter image registry | `docker.io` |
| `metrics.image.repository` | MongoDB exporter image name | `forekshub/percona-mongodb-exporter` |
| `metrics.image.tag` | MongoDB exporter image tag | `latest` |
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} |
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
| `metrics.image.repository` | MongoDB exporter image name | `bitnami/mongodb-exporter` |
| `metrics.image.tag` | MongoDB exporter image tag | `{TAG_NAME}` |
| `metrics.image.pullPolicy` | Image pull policy | `Always` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `metrics.podAnnotations.prometheus.io/scrape` | Additional annotations for Metrics exporter pod | `true` |
| `metrics.podAnnotations.prometheus.io/port` | Additional annotations for Metrics exporter pod | `"9216"` |
| `metrics.extraArgs` | String with extra arguments for the MongoDB Exporter | `` |
| `metrics.resources` | Exporter resource requests/limit | `{}` |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` |
| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | {} |
| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` |
| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` |
| `metrics.serviceMonitor.relabellings` | Specify Metric Relabellings to add to the scrape endpoint | `nil` |
| `metrics.serviceMonitor.alerting.rules` | Define individual alerting rules as required | {} |
| `metrics.serviceMonitor.alerting.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | {} |
| `metrics.serviceMonitor.alerting.rules` | Define individual alerting rules as required | `{}` |
| `metrics.serviceMonitor.alerting.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` |
| `metrics.livenessProbe.enabled` | Enable/disable the Liveness Check of Prometheus metrics exporter | `false` |
| `metrics.livenessProbe.initialDelaySeconds` | Initial Delay for Liveness Check of Prometheus metrics exporter | `15` |
| `metrics.livenessProbe.periodSeconds` | How often to perform Liveness Check of Prometheus metrics exporter | `5` |
| `metrics.livenessProbe.timeoutSeconds` | Timeout for Liveness Check of Prometheus metrics exporter | `5` |
| `metrics.livenessProbe.failureThreshold` | Failure Threshold for Liveness Check of Prometheus metrics exporter | `3` |
| `metrics.livenessProbe.successThreshold` | Success Threshold for Liveness Check of Prometheus metrics exporter | `1` |
| `metrics.readinessProbe.enabled` | Enable/disable the Readiness Check of Prometheus metrics exporter | `false` |
| `metrics.readinessProbe.initialDelaySeconds` | Initial Delay for Readiness Check of Prometheus metrics exporter | `5` |
| `metrics.readinessProbe.periodSeconds` | How often to perform Readiness Check of Prometheus metrics exporter | `5` |
| `metrics.readinessProbe.timeoutSeconds` | Timeout for Readiness Check of Prometheus metrics exporter | `1` |
| `metrics.readinessProbe.failureThreshold` | Failure Threshold for Readiness Check of Prometheus metrics exporter | `3` |
| `metrics.readinessProbe.successThreshold` | Success Threshold for Readiness Check of Prometheus metrics exporter | `1` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
......@@ -96,21 +152,36 @@ $ helm install --name my-release -f values.yaml stable/mongodb
> **Tip**: You can use the default [values.yaml](values.yaml)
## Replication
### Production configuration
You can start the MongoDB chart in replica set mode with the following command:
This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`.
```bash
$ helm install --name my-release stable/mongodb --set replication.enabled=true
```console
$ helm install --name my-release -f ./values-production.yaml stable/mongodb
```
## Production settings and horizontal scaling
- Switch to enable/disable replica set configuration:
```diff
- replicaSet.enabled: false
+ replicaSet.enabled: true
```
The [values-production.yaml](values-production.yaml) file consists a configuration to deploy a scalable and high-available MongoDB deployment for production environments. We recommend that you base your production configuration on this template and adjust the parameters appropriately.
- Start a side-car prometheus exporter:
```diff
- metrics.enabled: false
+ metrics.enabled: true
```
```console
$ curl -O https://raw.githubusercontent.com/kubernetes/charts/master/stable/mongodb/values-production.yaml
$ helm install --name my-release -f ./values-production.yaml stable/mongodb
- Enable/disable the Liveness Check of Prometheus metrics exporter:
```diff
- metrics.livenessProbe.enabled: false
+ metrics.livenessProbe.enabled: true
```
- Enable/disable the Readiness Check of Prometheus metrics exporter:
```diff
- metrics.readinessProbe.enabled: false
+ metrics.readinessProbe.enabled: true
```
To horizontally scale this chart, run the following command to scale the number of secondary nodes in your MongoDB replica set.
......@@ -119,6 +190,20 @@ To horizontally scale this chart, run the following command to scale the number
$ kubectl scale statefulset my-release-mongodb-secondary --replicas=3
```
### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
## Replication
You can start the MongoDB chart in replica set mode with the following command:
```bash
$ helm install --name my-release stable/mongodb --set replicaSet.enabled=true
```
Some characteristics of this chart are:
- Each of the participants in the replication has a fixed stateful set so you always know where to find the primary, secondary or arbiter nodes.
......@@ -128,6 +213,7 @@ Some characteristics of this chart are:
## Initialize a fresh instance
The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap.
Also you can create a custom config map and give it via `initConfigMap`(check options for more details).
The allowed extensions are `.sh`, and `.js`.
......@@ -137,13 +223,52 @@ The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image s
The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning.
### Adjust permissions of persistent volume mountpoint
As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it.
By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions.
As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination.
You can enable this initContainer by setting `volumePermissions.enabled` to `true`.
## Upgrading
### To 7.0.0
From this version, the way of setting the ingress rules has changed. Instead of using `ingress.paths` and `ingress.hosts` as separate objects, you should now define the rules as objects inside the `ingress.hosts` value, for example:
```yaml
ingress:
hosts:
- name: mongodb.local
path: /
```
### To 6.0.0
From this version, `mongodbEnableIPv6` is set to `false` by default in order to work properly in most k8s clusters, if you want to use IPv6 support, you need to set this variable to `true` by adding `--set mongodbEnableIPv6=true` to your `helm` command.
You can find more information in the [`bitnami/mongodb` image README](https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md).
### To 5.0.0
When enabling replicaset configuration, backwards compatibility is not guaranteed unless you modify the labels used on the chart's statefulsets.
Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is `my-release`:
```consoloe
```console
$ kubectl delete statefulset my-release-mongodb-arbiter my-release-mongodb-primary my-release-mongodb-secondary --cascade=false
```
## Configure Ingress
MongoDB can exposed externally using an Ingress controller. To do so, it's necessary to:
- Install the MongoDB chart setting the parameter `ingress.enabled=true`.
- Create a ConfigMap to map the external port to use and the internal service/port where to redirect the requests (see https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/exposing-tcp-udp-services.md for more information).
For instance, if you installed the MongoDB chart in the `default` namespace, you can install the [stable/nginx-ingress chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress) setting the "tcp" parameter in the **values.yaml** used to install the chart as shown below:
```yaml
...
tcp:
27017: "default/mongodb:27017"
```
charts/mongodb/v7.2.6/app-readme.md
......@@ -2,6 +2,9 @@
[MongoDB](https://www.mongodb.com/) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster.
## Replica Set
By default, a MongoDB replica set will consist of a primary, a secondary and an arbiter mongod instance.
Arbiters do not maintain a data set. The purpose of an arbiter is to maintain a quorum in a replica set by responding to heartbeat and election requests by other replica set members.
## Introduction
This chart bootstraps a [MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This chart has been tested to work with NGINX Ingress, cert-manager, fluentd and Prometheus on top of the [BKPR](https://kubeprod.io/).
charts/mongodb/v7.2.6/questions.yml
categories:
- Database
- NoSQL
questions:
- variable: defaultImage
default: "true"
......@@ -11,23 +10,33 @@ questions:
group: "Container Images"
subquestions:
- variable: image.repository
default: "bitnami/mongodb"
default: "ranchercharts/bitnami-mongodb"
description: "MongoDB image name"
type: string
label: MongoDB Image Name
- variable: image.tag
default: "4.0.3"
default: "4.0.12-debian-9-r5"
description: "MongoDB image tag"
type: string
label: Image Tag
- variable: volumePermissions.image.repository
default: "ranchercharts/bitnami-minideb"
description: "MongoDB image name"
type: string
label: MongoDB Image Name
- variable: volumePermissions.image.tag
default: "stretch"
description: "MongoDB image tag"
type: string
label: Image Tag
- variable: metrics.image.repository
default: "forekshub/percona-mongodb-exporter"
default: "ranchercharts/bitnami-mongodb-exporter"
description: "MongoDB metrics image name"
type: string
label: MongoDB Metrics Image Name
show_if: "defaultImage=false&&metrics.enabled=true"
- variable: metrics.image.tag
default: "latest"
default: "0.8.0-debian-9-r4"
description: "MongoDB metrics image tag"
type: string
label: Image Metrics Tag
......
charts/mongodb/v7.2.6/templates/NOTES.txt
......@@ -17,9 +17,9 @@
** Please be patient while the chart is being deployed **
MongoDB can be accessed via port 27017 on the following DNS name from within your cluster:
MongoDB can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster:
{{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
{{ if .Values.usePassword -}}
......@@ -60,7 +60,16 @@ To connect to your database from outside the cluster execute the following comma
{{- else if contains "ClusterIP" .Values.service.type }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mongodb.fullname" . }} 27017:27017 &
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mongodb.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
mongo --host 127.0.0.1 {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }}
{{- end }}
{{- include "mongodb.validateValues" . -}}
{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
{{- end }}
charts/mongodb/v7.2.6/templates/_helpers.tpl
......@@ -57,6 +57,7 @@ Create the name for the key secret.
Return the proper MongoDB image name
*/}}
{{- define "mongodb.image" -}}
{{- $registryName := .Values.image.registry -}}
{{- $repositoryName := .Values.image.repository -}}
{{- $tag := .Values.image.tag | toString -}}
{{/*
......@@ -68,19 +69,159 @@ Also, we can't use a single if because lazy evaluation is not an option
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
{{- define "metrics.image" -}}
{{- define "mongodb.metrics.image" -}}
{{- $registryName := .Values.metrics.image.registry -}}
{{- $repositoryName := .Values.metrics.image.repository -}}
{{- $tag := .Values.metrics.image.tag | toString -}}
{{- printf "%s:%s" $repositoryName $tag -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker Image Registry Secret Names
*/}}
{{- define "mongodb.imagePullSecrets" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
Also, we can not use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . }}
{{- end }}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.metrics.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- range .Values.volumePermissions.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the init container volume-permissions image)
*/}}
{{- define "mongodb.volumePermissions.image" -}}
{{- $registryName := .Values.volumePermissions.image.registry -}}
{{- $repositoryName := .Values.volumePermissions.image.repository -}}
{{- $tag := .Values.volumePermissions.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Compile all warnings into a single message, and call fail.
*/}}
{{- define "mongodb.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "mongodb.validateValues.mongodbCustomDatabase" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/*
Validate values of MongoDB - both mongodbUsername and mongodbDatabase are necessary
to create a custom user and database during 1st initialization
*/}}
{{- define "mongodb.validateValues.mongodbCustomDatabase" -}}
{{- if or (and .Values.mongodbUsername (not .Values.mongodbDatabase)) (and (not .Values.mongodbUsername) .Values.mongodbDatabase) }}
mongodb: mongodbUsername, mongodbDatabase
Both mongodbUsername and mongodbDatabase must be provided to create
a custom user and database during 1st initialization.
Please set both of them (--set mongodbUsername="xxxx",mongodbDatabase="yyyy")
{{- end -}}
{{- end -}}
{{/*
Return the proper Storage Class
*/}}
{{- define "mongodb.storageClass" -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
*/}}
{{- if .Values.global -}}
{{- if .Values.global.storageClass -}}
{{- if (eq "-" .Values.global.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.global.storageClass -}}
{{- end -}}
{{- else -}}
{{- if .Values.persistence.storageClass -}}
{{- if (eq "-" .Values.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if .Values.persistence.storageClass -}}
{{- if (eq "-" .Values.persistence.storageClass) -}}
{{- printf "storageClassName: \"\"" -}}
{{- else }}
{{- printf "storageClassName: %s" .Values.persistence.storageClass -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
charts/mongodb/v7.2.6/templates/deployment-standalone.yaml
{{- if not .Values.replicaSet.enabled }}
apiVersion: extensions/v1beta1
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "mongodb.fullname" . }}
......@@ -32,10 +32,15 @@ spec:
{{- end }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.affinity }}
affinity:
......@@ -49,43 +54,83 @@ spec:
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }}
volumeMounts:
- name: data
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.fullname" . }}
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
key: mongodb-password
{{- end }}
- name: MONGODB_USERNAME
value: {{ default "" .Values.mongodbUsername | quote }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
- name: MONGODB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-password
key: mongodb-root-password
{{- end }}
{{- if .Values.mongodbUsername }}
- name: MONGODB_USERNAME
value: {{ .Values.mongodbUsername | quote }}
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbDatabase }}
- name: MONGODB_DATABASE
value: {{ default "" .Values.mongodbDatabase | quote }}
value: {{ .Values.mongodbDatabase | quote }}
{{- end }}
- name: MONGODB_ENABLE_IPV6
{{- if .Values.mongodbEnableIPv6 }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ default "" .Values.mongodbExtraFlags | join " " }}
value: {{ .Values.mongodbExtraFlags | join " " }}
{{- end }}
ports:
- name: mongodb
containerPort: 27017
......@@ -117,8 +162,9 @@ spec:
{{- end }}
volumeMounts:
- name: data
mountPath: /bitnami/mongodb
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]") }}
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
......@@ -131,8 +177,13 @@ spec:
{{ toYaml .Values.resources | indent 10 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "metrics.image" . }}
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
......@@ -140,34 +191,49 @@ spec:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }}' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{ toYaml .Values.metrics.resources | indent 10 }}
{{- end }}
volumes:
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]") }}
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.fullname" . }}-init-scripts
{{- end }}
{{- if (.Values.initConfigMap) }}
- name: custom-init-scripts
configMap:
name: {{ .Values.initConfigMap.name }}
{{- end }}
- name: data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
......
charts/mongodb/v7.2.6/templates/headless-svc-rs.yaml
......@@ -9,8 +9,7 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
annotations: {{ toYaml .Values.service.annotations | nindent 4 }}
{{- end }}
spec:
type: ClusterIP
......@@ -18,11 +17,6 @@ spec:
ports:
- name: mongodb
port: {{ .Values.service.port }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9216
targetPort: metrics
{{- end }}
selector:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
......
charts/mongodb/v7.2.6/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "mongodb.fullname" . }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
annotations:
{{- if .Values.ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .name }}
http:
paths:
- path: {{ default "/" .path }}
backend:
serviceName: "{{ template "mongodb.fullname" $ }}"
servicePort: mongodb
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end }}
{{- end }}
\ No newline at end of file
charts/mongodb/v7.2.6/templates/initialization-configmap.yaml
{{ if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]") }}
{{ if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
apiVersion: v1
kind: ConfigMap
metadata:
......@@ -9,5 +9,5 @@ metadata:
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
data:
{{ (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]").AsConfig | indent 2 }}
{{ tpl (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]").AsConfig . | indent 2 }}
{{ end }}
charts/mongodb/v7.2.6/templates/poddisruptionbudget-arbiter-rs.yaml
{{- if .Values.replicaSet.enabled }}
{{- if .Release.IsInstall }}
{{- if and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
......@@ -10,11 +9,19 @@ metadata:
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}-arbiter
spec:
{{- if .Values.replicaSet.pdb.minAvailable }}
{{- if .Values.replicaSet.pdb.minAvailable.arbiter }}
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.arbiter }}
{{- end }}
{{- end }}
{{- if .Values.replicaSet.pdb.maxUnavailable }}
{{- if .Values.replicaSet.pdb.maxUnavailable.arbiter }}
maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.arbiter }}
{{- end }}
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: arbiter
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.arbiter }}
{{- end }}
{{- end }}
\ No newline at end of file
charts/mongodb/v7.2.6/templates/poddisruptionbudget-primary-rs.yaml deleted 100644 → 0
{{- if .Values.replicaSet.enabled }}
{{- if .Release.IsInstall }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}-primary
spec:
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: primary
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.primary }}
{{- end }}
{{- end }}
charts/mongodb/v7.2.6/templates/poddisruptionbudget-secondary-rs.yaml
{{- if .Values.replicaSet.enabled }}
{{- if .Release.IsInstall }}
{{- if and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
......@@ -10,11 +9,19 @@ metadata:
release: {{ .Release.Name }}
name: {{ template "mongodb.fullname" . }}-secondary
spec:
{{- if .Values.replicaSet.pdb.minAvailable }}
{{- if .Values.replicaSet.pdb.minAvailable.secondary }}
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.secondary }}
{{- end }}
{{- end }}
{{- if .Values.replicaSet.pdb.maxUnavailable }}
{{- if .Values.replicaSet.pdb.maxUnavailable.secondary }}
maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.secondary }}
{{- end }}
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
release: {{ .Release.Name }}
component: secondary
minAvailable: {{ .Values.replicaSet.pdb.minAvailable.secondary }}
{{- end }}
{{- end }}
charts/mongodb/v7.2.6/templates/prometheus-service-monitor.yaml
......@@ -3,6 +3,9 @@ apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ template "mongodb.fullname" . }}
{{- if .Values.metrics.serviceMonitor.namespace }}
namespace: {{ .Values.metrics.serviceMonitor.namespace }}
{{- end }}
labels:
app: {{ template "mongodb.name" . }}
chart: {{ template "mongodb.chart" . }}
......
charts/mongodb/v7.2.6/templates/pvc-standalone.yaml
......@@ -16,11 +16,5 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{ include "mongodb.storageClass" . }}
{{- end }}
charts/mongodb/v7.2.6/templates/secrets.yaml
......@@ -10,13 +10,11 @@ metadata:
heritage: "{{ .Release.Service }}"
type: Opaque
data:
{{- if .Values.usePassword }}
{{- if .Values.mongodbRootPassword }}
mongodb-root-password: {{ .Values.mongodbRootPassword | b64enc | quote }}
{{- else }}
mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
{{- if .Values.mongodbPassword }}
mongodb-password: {{ .Values.mongodbPassword | b64enc | quote }}
......
charts/mongodb/v7.2.6/templates/statefulset-arbiter-rs.yaml
......@@ -16,6 +16,11 @@ spec:
component: arbiter
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: {{ .Values.replicaSet.replicas.arbiter }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels:
......@@ -31,14 +36,19 @@ spec:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.affinity }}
{{- if .Values.affinityArbiter }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{ toYaml .Values.affinityArbiter | indent 8 }}
{{- end -}}
{{- if .Values.nodeSelector }}
nodeSelector:
......@@ -48,20 +58,36 @@ spec:
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
{{- if .Values.extraInitContainers }}
initContainers:
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-arbiter
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
......@@ -94,8 +120,16 @@ spec:
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ default "" .Values.mongodbExtraFlags | join " " }}
value: {{ .Values.mongodbExtraFlags | join " " }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
tcpSocket:
......@@ -123,7 +157,7 @@ spec:
subPath: mongodb.conf
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{ toYaml .Values.resourcesArbiter | indent 12 }}
volumes:
{{- if .Values.configmap }}
- name: config
......
charts/mongodb/v7.2.6/templates/statefulset-primary-rs.yaml
......@@ -11,6 +11,11 @@ metadata:
spec:
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: 1
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
selector:
matchLabels:
app: {{ template "mongodb.name" . }}
......@@ -36,10 +41,15 @@ spec:
{{- end }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.affinity }}
affinity:
......@@ -53,20 +63,48 @@ spec:
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-primary
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
......@@ -79,12 +117,16 @@ spec:
- name: MONGODB_ADVERTISED_HOSTNAME
value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
{{- end }}
{{- if .Values.mongodbUsername }}
- name: MONGODB_USERNAME
value: {{ .Values.mongodbUsername | quote }}
{{- end }}
{{- if .Values.mongodbDatabase }}
- name: MONGODB_DATABASE
value: {{ .Values.mongodbDatabase | quote }}
{{- end }}
{{- if .Values.usePassword }}
{{- if or .Values.mongodbPassword .Values.existingSecret }}
{{- if and .Values.mongodbUsername .Values.mongodbDatabase }}
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
......@@ -108,8 +150,16 @@ spec:
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ default "" .Values.mongodbExtraFlags | join " " }}
value: {{ .Values.mongodbExtraFlags | join " " }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
......@@ -138,8 +188,9 @@ spec:
{{- end }}
volumeMounts:
- name: datadir
mountPath: /bitnami/mongodb
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]") }}
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }}
- name: custom-init-scripts
mountPath: /docker-entrypoint-initdb.d
{{- end }}
......@@ -152,8 +203,13 @@ spec:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "metrics.image" . }}
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
......@@ -161,34 +217,49 @@ spec:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }}' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{ toYaml .Values.metrics.resources | indent 12 }}
{{- end }}
volumes:
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js]") }}
{{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }}
- name: custom-init-scripts
configMap:
name: {{ template "mongodb.fullname" . }}-init-scripts
{{- end }}
{{- if (.Values.initConfigMap) }}
- name: custom-init-scripts
configMap:
name: {{ .Values.initConfigMap.name }}
{{- end }}
{{- if .Values.configmap }}
- name: config
configMap:
......@@ -200,7 +271,7 @@ spec:
name: datadir
annotations:
{{- range $key, $value := .Values.persistence.annotations }}
{{ $key }}: {{ $value }}
{{ $key }}: "{{ $value }}"
{{- end }}
spec:
accessModes:
......@@ -210,13 +281,7 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{ include "mongodb.storageClass" . }}
{{- else }}
- name: datadir
emptyDir: {}
......
charts/mongodb/v7.2.6/templates/statefulset-secondary-rs.yaml
......@@ -17,6 +17,11 @@ spec:
podManagementPolicy: "Parallel"
serviceName: {{ template "mongodb.fullname" . }}-headless
replicas: {{ .Values.replicaSet.replicas.secondary }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if (eq "Recreate" .Values.updateStrategy.type) }}
rollingUpdate: null
{{- end }}
template:
metadata:
labels:
......@@ -37,10 +42,15 @@ spec:
{{- end }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- if .Values.affinity }}
affinity:
......@@ -54,20 +64,48 @@ spec:
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- include "mongodb.imagePullSecrets" . | indent 6 }}
initContainers:
{{- if .Values.extraInitContainers }}
{{ tpl .Values.extraInitContainers . | indent 6}}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ template "mongodb.volumePermissions.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"]
securityContext:
runAsUser: 0
resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }}
volumeMounts:
- name: datadir
mountPath: {{ .Values.persistence.mountPath }}
{{- end }}
containers:
- name: {{ template "mongodb.name" . }}-secondary
image: {{ template "mongodb.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
ports:
- containerPort: {{ .Values.service.port }}
name: mongodb
env:
{{- if .Values.image.debug}}
- name: BITNAMI_DEBUG
value: "true"
{{- end }}
- name: MONGODB_SYSTEM_LOG_VERBOSITY
value: {{ .Values.mongodbSystemLogVerbosity | quote }}
- name: MONGODB_DISABLE_SYSTEM_LOG
{{- if .Values.mongodbDisableSystemLog }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_POD_NAME
valueFrom:
fieldRef:
......@@ -100,8 +138,16 @@ spec:
{{- else }}
value: "no"
{{- end }}
- name: MONGODB_ENABLE_DIRECTORY_PER_DB
{{- if .Values.mongodbDirectoryPerDB }}
value: "yes"
{{- else }}
value: "no"
{{- end }}
{{- if .Values.mongodbExtraFlags }}
- name: MONGODB_EXTRA_FLAGS
value: {{ default "" .Values.mongodbExtraFlags | join " " }}
value: {{ .Values.mongodbExtraFlags | join " " }}
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
exec:
......@@ -130,7 +176,8 @@ spec:
{{- end }}
volumeMounts:
- name: datadir
mountPath: /bitnami/mongodb
mountPath: {{ .Values.persistence.mountPath }}
subPath: {{ .Values.persistence.subPath }}
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/mongodb/conf/mongodb.conf
......@@ -140,8 +187,13 @@ spec:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.metrics.enabled }}
- name: metrics
image: {{ template "metrics.image" . }}
image: {{ template "mongodb.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsNonRoot: true
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
env:
{{- if .Values.usePassword }}
- name: MONGODB_ROOT_PASSWORD
......@@ -149,27 +201,37 @@ spec:
secretKeyRef:
name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }}
key: mongodb-root-password
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ]
{{- else }}
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }}' ]
command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ]
{{- end }}
ports:
- name: metrics
containerPort: 9216
{{- if .Values.metrics.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 15
timeoutSeconds: 5
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
{{- end }}
{{- if .Values.metrics.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /metrics
port: metrics
initialDelaySeconds: 5
timeoutSeconds: 1
initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
{{- end }}
resources:
{{ toYaml .Values.metrics.resources | indent 10 }}
{{ toYaml .Values.metrics.resources | indent 12 }}
{{- end }}
volumes:
{{- if .Values.configmap }}
......@@ -183,7 +245,7 @@ spec:
name: datadir
annotations:
{{- range $key, $value := .Values.persistence.annotations }}
{{ $key }}: {{ $value }}
{{ $key }}: "{{ $value }}"
{{- end }}
spec:
accessModes:
......@@ -193,13 +255,7 @@ spec:
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{ include "mongodb.storageClass" . }}
{{- else }}
- name: datadir
emptyDir: {}
......
charts/mongodb/v7.2.6/templates/svc-primary-rs.yaml
......@@ -9,21 +9,34 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
annotations: {{ toYaml .Values.service.annotations | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mongodb
port: 27017
port: {{ .Values.service.port }}
targetPort: mongodb
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
{{- if .Values.metrics.enabled }}
- name: metrics
port: 9216
targetPort: metrics
{{- end }}
selector:
app: {{ template "mongodb.name" . }}
release: "{{ .Release.Name }}"
......
charts/mongodb/v7.2.6/templates/svc-standalone.yaml
......@@ -9,17 +9,25 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
annotations: {{ toYaml .Values.service.annotations | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if .Values.service.externalIPs }}
externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: mongodb
port: 27017
port: {{ .Values.service.port }}
targetPort: mongodb
{{- if .Values.service.nodePort }}
nodePort: {{ .Values.service.nodePort }}
......
charts/mongodb/v7.2.6/values.yaml
## Global Docker image registry
## Please, note that this will override the image registry for all the images, including dependencies, configured to use the global value
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
# storageClass: myStorageClass
image:
## Bitnami MongoDB registry
##
registry: docker.io
## Bitnami MongoDB image name
##
repository: bitnami/mongodb
repository: ranchercharts/bitnami-mongodb
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.0.3
tag: 4.0.12-debian-9-r5
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
# - myRegistryKeySecretName
## Set to true if you would like to see extra information on logs
## It turns on Bitnami debugging in minideb-extras-base
## ref: https://github.com/bitnami/minideb-extras-base
debug: false
## String to partially override mongodb.fullname template (will maintain the release name)
##
# nameOverride:
## String to fully override mongodb.fullname template
##
# fullnameOverride:
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: ranchercharts/bitnami-minideb
tag: stretch
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secretselatestmust be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
## Enable authentication
## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/
......@@ -45,7 +82,18 @@ usePassword: true
## Whether enable/disable IPv6 on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6
##
mongodbEnableIPv6: true
mongodbEnableIPv6: false
## Whether enable/disable DirectoryPerDB on MongoDB
## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb
##
mongodbDirectoryPerDB: false
## MongoDB System Log configuration
## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level
##
mongodbSystemLogVerbosity: 0
mongodbDisableSystemLog: false
## MongoDB additional command line flags
##
......@@ -78,13 +126,26 @@ service:
##
# nodePort:
## Specify the externalIP value ClusterIP service type.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
# externalIPs: []
## Specify the loadBalancerIP value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
##
# loadBalancerIP:
## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges: []
## Setting up replication
## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication
#
replicaSet:
## Whether to create a MongoDB replica set for high availability or not
enabled: true
enabled: false
useHostnames: true
## Name of the replica set
......@@ -100,13 +161,19 @@ replicaSet:
replicas:
secondary: 1
arbiter: 1
## Pod Disruption Budget
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
pdb:
enabled: true
minAvailable:
primary: 1
secondary: 1
arbiter: 1
# maxUnavailable:
# primary: 1
# secondary: 1
# arbiter: 1
# Annotations to be added to MongoDB pods
podAnnotations: {}
......@@ -114,10 +181,18 @@ podAnnotations: {}
# Additional pod labels to apply
podLabels: {}
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Configure resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# Define separate resources per arbiter, which are less then primary or secondary
# used only when replica set is enabled
resourcesArbiter: {}
# limits:
# cpu: 500m
# memory: 512Mi
......@@ -125,6 +200,10 @@ resources: {}
# cpu: 100m
# memory: 256Mi
## Pod priority
## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
# priorityClassName: ""
## Node selector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
......@@ -132,11 +211,18 @@ nodeSelector: {}
## Affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# Define separate affinity for arbiter pod
affinityArbiter: {}
## Tolerations
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
updateStrategy:
type: RollingUpdate
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
......@@ -145,8 +231,19 @@ persistence:
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
##
# existingClaim:
## The path the volume will be mounted at, useful when using different
## MongoDB images.
##
mountPath: /bitnami/mongodb
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
##
subPath: ""
## mongodb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
......@@ -160,6 +257,62 @@ persistence:
size: 8Gi
annotations: {}
## Configure the ingress resource that allows you to access the
## MongoDB installation. Set up the URL
## ref: http://kubernetes.io/docs/user-guide/ingress/
##
ingress:
## Set to true to enable ingress record generation
enabled: false
## Set this to true in order to add the corresponding annotations for cert-manager
certManager: false
## Ingress annotations done as key:value pairs
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
## The list of hostnames to be covered with this ingress record.
## Most likely this will be just one host, but in the event more hosts are needed, this is an array
hosts:
- name: mongodb.local
path: /
## The tls configuration for the ingress
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls:
- hosts:
- mongodb.local
secretName: mongodb.local-tls
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: airflow.local-tls
# key:
# certificate:
## Configure the options for init containers to be run before the main app containers
## are started. All init containers are run sequentially and must exit without errors
## for the next one to be started.
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
# extraInitContainers: |
# - name: do-something
# image: busybox
# command: ['do', 'something']
## Configure extra options for liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
......@@ -177,6 +330,10 @@ readinessProbe:
failureThreshold: 6
successThreshold: 1
# Define custom config map with init scripts
initConfigMap: {}
# name: "init-config-map"
# Entries for the MongoDB config file
configmap:
# # Where and how to store data.
......@@ -199,8 +356,8 @@ configmap:
# enabled: true
# pathPrefix: /opt/bitnami/mongodb/tmp
# # replica set options
# replication:
# replSetName: replicaset
# #replication:
# # replSetName: replicaset
# # process management options
# processManagement:
# fork: false
......@@ -211,7 +368,7 @@ configmap:
# # security options
# security:
# authorization: enabled
# keyFile: /opt/bitnami/mongodb/conf/keyfile
# #keyFile: /opt/bitnami/mongodb/conf/keyfile
## Prometheus Exporter / Metrics
##
......@@ -219,21 +376,43 @@ metrics:
enabled: true
image:
repository: forekshub/percona-mongodb-exporter
tag: latest
pullPolicy: IfNotPresent
registry: docker.io
repository: ranchercharts/bitnami-mongodb-exporter
tag: 0.8.0-debian-9-r4
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
# - myRegistryKeySecretName
## String with extra arguments to the metrics exporter
## ref: https://github.com/dcu/mongodb_exporter/blob/master/mongodb_exporter.go
extraArgs: ""
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Metrics exporter liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
livenessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
## Metrics exporter pod Annotation
podAnnotations:
prometheus.io/scrape: "true"
......@@ -245,6 +424,10 @@ metrics:
serviceMonitor:
## If the operator is installed in your cluster, set to true to create a Service Monitor Entry
enabled: false
## Specify a namespace if needed
# namespace: monitoring
## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
additionalLabels: {}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment