From e94d6f78d7584b64115905d4d6f7959160dd1936 Mon Sep 17 00:00:00 2001 From: kaiyou Date: Sat, 29 Oct 2022 21:07:02 +0200 Subject: Enable daemonset deployment using the helm chart DaemonSet is a k8s resource that schedules one instance per node, which is useful for some garage deployment use cases, including managing garage nodes using k8s node labels --- script/helm/garage/templates/statefulset.yaml | 116 ---------------------- script/helm/garage/templates/workload.yaml | 133 ++++++++++++++++++++++++++ script/helm/garage/values.yaml | 12 ++- 3 files changed, 143 insertions(+), 118 deletions(-) delete mode 100644 script/helm/garage/templates/statefulset.yaml create mode 100644 script/helm/garage/templates/workload.yaml (limited to 'script/helm') diff --git a/script/helm/garage/templates/statefulset.yaml b/script/helm/garage/templates/statefulset.yaml deleted file mode 100644 index bda40117..00000000 --- a/script/helm/garage/templates/statefulset.yaml +++ /dev/null @@ -1,116 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "garage.fullname" . }} - labels: - {{- include "garage.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "garage.selectorLabels" . | nindent 6 }} - serviceName: {{ include "garage.fullname" . }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "garage.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "garage.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - initContainers: - # Copies garage.toml from configmap to temporary etc volume and replaces RPC secret placeholder - - name: {{ .Chart.Name }}-init - image: busybox:1.28 - command: ["sh", "-c", "sed \"s/__RPC_SECRET_REPLACE__/$RPC_SECRET/\" /mnt/garage.toml > /mnt/etc/garage.toml"] - env: - - name: RPC_SECRET - valueFrom: - secretKeyRef: - name: {{ include "garage.rpcSecretName" . }} - key: rpcSecret - volumeMounts: - - name: configmap - mountPath: /mnt/garage.toml - subPath: garage.toml - - name: etc - mountPath: /mnt/etc - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - containerPort: 3900 - name: s3-api - - containerPort: 3902 - name: web-api - volumeMounts: - - name: meta - mountPath: /mnt/meta - - name: data - mountPath: /mnt/data - - name: etc - mountPath: /etc/garage.toml - subPath: garage.toml - # TODO - # livenessProbe: - # httpGet: - # path: / - # port: 3900 - # readinessProbe: - # httpGet: - # path: / - # port: 3900 - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumes: - - name: configmap - configMap: - name: {{ include "garage.fullname" . }}-config - - name: etc - emptyDir: {} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: meta - spec: - accessModes: [ "ReadWriteOnce" ] - {{- if hasKey .Values.persistence.meta "storageClass" }} - storageClassName: {{ .Values.persistence.meta.storageClass | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.meta.size | quote }} - - metadata: - name: data - spec: - accessModes: [ "ReadWriteOnce" ] - {{- if hasKey .Values.persistence.data "storageClass" }} - storageClassName: {{ .Values.persistence.data.storageClass | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.data.size | quote }} - {{- end }} diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml new file mode 100644 index 00000000..f41eff6f --- /dev/null +++ b/script/helm/garage/templates/workload.yaml @@ -0,0 +1,133 @@ +apiVersion: apps/v1 +kind: {{ .Values.deployment.kind }} +metadata: + name: {{ include "garage.fullname" . }} + labels: + {{- include "garage.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "garage.selectorLabels" . | nindent 6 }} + {{- if eq .Values.deployment.kind "StatefulSet" }} + replicas: {{ .Values.deployment.replicaCount }} + serviceName: {{ include "garage.fullname" . }} + {{- end }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "garage.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "garage.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + # Copies garage.toml from configmap to temporary etc volume and replaces RPC secret placeholder + - name: {{ .Chart.Name }}-init + image: busybox:1.28 + command: ["sh", "-c", "sed \"s/__RPC_SECRET_REPLACE__/$RPC_SECRET/\" /mnt/garage.toml > /mnt/etc/garage.toml"] + env: + - name: RPC_SECRET + valueFrom: + secretKeyRef: + name: {{ include "garage.rpcSecretName" . }} + key: rpcSecret + volumeMounts: + - name: configmap + mountPath: /mnt/garage.toml + subPath: garage.toml + - name: etc + mountPath: /mnt/etc + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: 3900 + name: s3-api + - containerPort: 3902 + name: web-api + volumeMounts: + - name: meta + mountPath: /mnt/meta + - name: data + mountPath: /mnt/data + - name: etc + mountPath: /etc/garage.toml + subPath: garage.toml + # TODO + # livenessProbe: + # httpGet: + # path: / + # port: 3900 + # readinessProbe: + # httpGet: + # path: / + # port: 3900 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: configmap + configMap: + name: {{ include "garage.fullname" . }}-config + - name: etc + emptyDir: {} + {{- if eq .Values.deployment.kind "DaemonSet" }} + {{- if .Values.persistence.enabled }} + - name: meta + hostPath: + path: {{ .Values.persistence.meta.hostPath }} + - name: data + hostPath: + path: {{ .Values.persistence.data.hostPath }} + {{- else }} + {{- end }} + - name: meta + emptyDir: {} + - name: data + emptyDir: {} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if and .Values.persistence.enabled (eq .Values.deployment.kind "StatefulSet") }} + volumeClaimTemplates: + - metadata: + name: meta + spec: + accessModes: [ "ReadWriteOnce" ] + {{- if hasKey .Values.persistence.meta "storageClass" }} + storageClassName: {{ .Values.persistence.meta.storageClass | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.meta.size | quote }} + - metadata: + name: data + spec: + accessModes: [ "ReadWriteOnce" ] + {{- if hasKey .Values.persistence.data "storageClass" }} + storageClassName: {{ .Values.persistence.data.storageClass | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.data.size | quote }} + {{- end }} diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 608ee53c..52f1910a 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -29,12 +29,20 @@ persistence: meta: # storageClass: "fast-storage-class" size: 100Mi + # used only for daemon sets + hostPath: /var/lib/garage/meta data: # storageClass: "slow-storage-class" size: 100Mi + # used only for daemon sets + hostPath: /var/lib/garage/data -# Number of StatefulSet replicas/garage nodes to start -replicaCount: 3 +# Deployment configuration +deployment: + # Switchable to DaemonSet + kind: StatefulSet + # Number of StatefulSet replicas/garage nodes to start + replicaCount: 3 image: repository: dxflrs/amd64_garage -- cgit v1.2.3 From 49a138b670cf820a69b76ed8de1fa3a10d9070ff Mon Sep 17 00:00:00 2001 From: kaiyou Date: Sun, 6 Nov 2022 17:50:06 +0100 Subject: Fix volume handling and persistence flag --- script/helm/garage/templates/workload.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'script/helm') diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index f41eff6f..26ff153f 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -81,16 +81,16 @@ spec: name: {{ include "garage.fullname" . }}-config - name: etc emptyDir: {} - {{- if eq .Values.deployment.kind "DaemonSet" }} {{- if .Values.persistence.enabled }} + {{- if eq .Values.deployment.kind "DaemonSet" }} - name: meta hostPath: path: {{ .Values.persistence.meta.hostPath }} - name: data hostPath: path: {{ .Values.persistence.data.hostPath }} - {{- else }} {{- end }} + {{- else }} - name: meta emptyDir: {} - name: data -- cgit v1.2.3 From e9b0068079923910819e73c76d24c58de528eeb1 Mon Sep 17 00:00:00 2001 From: kaiyou Date: Sun, 6 Nov 2022 21:54:09 +0100 Subject: Set hostPath type for volumes --- script/helm/garage/templates/workload.yaml | 2 ++ 1 file changed, 2 insertions(+) (limited to 'script/helm') diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index 26ff153f..057a9858 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -86,9 +86,11 @@ spec: - name: meta hostPath: path: {{ .Values.persistence.meta.hostPath }} + type: DirectoryOrCreate - name: data hostPath: path: {{ .Values.persistence.data.hostPath }} + type: DirectoryOrCreate {{- end }} {{- else }} - name: meta -- cgit v1.2.3 From 559e924cc2e0887e07886374ca018dd9761c3ba5 Mon Sep 17 00:00:00 2001 From: kaiyou Date: Sun, 25 Dec 2022 13:33:44 +0100 Subject: Bump the helm chart version --- script/helm/garage/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'script/helm') diff --git a/script/helm/garage/Chart.yaml b/script/helm/garage/Chart.yaml index 7fb4c531..f845cfe8 100644 --- a/script/helm/garage/Chart.yaml +++ b/script/helm/garage/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.0 +version: 0.3.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to -- cgit v1.2.3 From 88b66c69a5d596ab967dba192ebf7742152fdfcc Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 16 Nov 2022 20:23:10 +0100 Subject: feat(helm): allow to override the default configuration file Signed-off-by: Patrick Jahns --- script/helm/garage/templates/configmap.yaml | 26 +------------------------- script/helm/garage/values.yaml | 29 +++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 25 deletions(-) (limited to 'script/helm') diff --git a/script/helm/garage/templates/configmap.yaml b/script/helm/garage/templates/configmap.yaml index bfcd5d8c..5cc7a45e 100644 --- a/script/helm/garage/templates/configmap.yaml +++ b/script/helm/garage/templates/configmap.yaml @@ -4,28 +4,4 @@ metadata: name: {{ include "garage.fullname" . }}-config data: garage.toml: |- - metadata_dir = "{{ .Values.garage.metadataDir }}" - data_dir = "{{ .Values.garage.dataDir }}" - - replication_mode = "{{ .Values.garage.replicationMode }}" - - rpc_bind_addr = "{{ .Values.garage.rpcBindAddr }}" - # rpc_secret will be populated by the init container from a k8s secret object - rpc_secret = "__RPC_SECRET_REPLACE__" - - bootstrap_peers = {{ .Values.garage.bootstrapPeers }} - - [kubernetes_discovery] - namespace = "{{ .Release.Namespace }}" - service_name = "{{ include "garage.fullname" . }}" - skip_crd = {{ .Values.garage.kubernetesSkipCrd }} - - [s3_api] - s3_region = "{{ .Values.garage.s3.api.region }}" - api_bind_addr = "[::]:3900" - root_domain = "{{ .Values.garage.s3.api.rootDomain }}" - - [s3_web] - bind_addr = "[::]:3902" - root_domain = "{{ .Values.garage.s3.web.rootDomain }}" - index = "{{ .Values.garage.s3.web.index }}" + {{- tpl (index (index .Values.garage) "garage.toml") $ | nindent 4 }} diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 52f1910a..a60fa569 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -22,6 +22,35 @@ garage: web: rootDomain: ".web.garage.tld" index: "index.html" + # Template for the garage configuration + # Values can be templated + # ref: https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ + garage.toml: |- + metadata_dir = "{{ .Values.garage.metadataDir }}" + data_dir = "{{ .Values.garage.dataDir }}" + + replication_mode = "{{ .Values.garage.replicationMode }}" + + rpc_bind_addr = "{{ .Values.garage.rpcBindAddr }}" + # rpc_secret will be populated by the init container from a k8s secret object + rpc_secret = "__RPC_SECRET_REPLACE__" + + bootstrap_peers = {{ .Values.garage.bootstrapPeers }} + + [kubernetes_discovery] + namespace = "{{ .Release.Namespace }}" + service_name = "{{ include "garage.fullname" . }}" + skip_crd = {{ .Values.garage.kubernetesSkipCrd }} + + [s3_api] + s3_region = "{{ .Values.garage.s3.api.region }}" + api_bind_addr = "[::]:3900" + root_domain = "{{ .Values.garage.s3.api.rootDomain }}" + + [s3_web] + bind_addr = "[::]:3902" + root_domain = "{{ .Values.garage.s3.web.rootDomain }}" + index = "{{ .Values.garage.s3.web.index }}" # Data persistence persistence: -- cgit v1.2.3 From e17970773a14fb455ee945f77586080a11fc3f34 Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 16 Nov 2022 20:36:20 +0100 Subject: refactor(helm): removed metadataDir and dataDir config variable The variables were only templated into the configuration file and did not change the pod mountpaths, so the variables were not necessary --- script/helm/garage/values.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'script/helm') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index a60fa569..d7e7ddbf 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -4,8 +4,6 @@ # Garage configuration. These values go to garage.toml garage: - metadataDir: "/mnt/meta" - dataDir: "/mnt/data" # Default to 3 replicas, see the replication_mode section at # https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ replicationMode: "3" @@ -26,8 +24,8 @@ garage: # Values can be templated # ref: https://garagehq.deuxfleurs.fr/documentation/reference-manual/configuration/ garage.toml: |- - metadata_dir = "{{ .Values.garage.metadataDir }}" - data_dir = "{{ .Values.garage.dataDir }}" + metadata_dir = "/mnt/meta" + data_dir = "/mnt/data" replication_mode = "{{ .Values.garage.replicationMode }}" -- cgit v1.2.3 From da6f7b0dda594fc13c96db481dd0fa6ae4c8857e Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 16 Nov 2022 21:06:11 +0100 Subject: feat(helm): ensure that config changes trigger a pod rollout --- script/helm/garage/templates/workload.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'script/helm') diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index 057a9858..da5d386f 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -14,8 +14,10 @@ spec: {{- end }} template: metadata: - {{- with .Values.podAnnotations }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: -- cgit v1.2.3 From fd03b184b33337e3f1de06a5cadd3c5bcc0a3536 Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 16 Nov 2022 21:46:43 +0100 Subject: fix(helm): file permission issues when running as non-root user Specify the user group for the garage (and init) process and ensure that the persistent storage is mounted with the correct file system group --- script/helm/garage/templates/workload.yaml | 2 ++ script/helm/garage/values.yaml | 11 ++++++----- 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'script/helm') diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index da5d386f..718f7bea 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -41,6 +41,8 @@ spec: secretKeyRef: name: {{ include "garage.rpcSecretName" . }} key: rpcSecret + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} volumeMounts: - name: configmap mountPath: /mnt/garage.toml diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index d7e7ddbf..701a5680 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -92,18 +92,19 @@ serviceAccount: podAnnotations: {} -podSecurityContext: {} - # fsGroup: 2000 +podSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 + runAsNonRoot: true securityContext: # The default security context is heavily restricted # feel free to tune it to your requirements capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 service: # You can rely on any service to expose your cluster -- cgit v1.2.3 From d20e8c92564843e8c9abdf573db5ce7f6c58f482 Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 16 Nov 2022 21:53:28 +0100 Subject: feat(helm): allow to override the init container image --- script/helm/garage/templates/workload.yaml | 3 ++- script/helm/garage/values.yaml | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'script/helm') diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index 718f7bea..b0303869 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -33,7 +33,8 @@ spec: initContainers: # Copies garage.toml from configmap to temporary etc volume and replaces RPC secret placeholder - name: {{ .Chart.Name }}-init - image: busybox:1.28 + image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}" + imagePullPolicy: {{ .Values.initImage.pullPolicy }} command: ["sh", "-c", "sed \"s/__RPC_SECRET_REPLACE__/$RPC_SECRET/\" /mnt/garage.toml > /mnt/etc/garage.toml"] env: - name: RPC_SECRET diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 701a5680..5900033b 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -77,6 +77,11 @@ image: tag: "" pullPolicy: IfNotPresent +initImage: + repository: busybox + tag: 1.28 + pullPolicy: IfNotPresent + imagePullSecrets: [] nameOverride: "" fullnameOverride: "" -- cgit v1.2.3 From b999bb36af59de899c2426c0ad35e4e04abc317d Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Thu, 17 Nov 2022 23:33:00 +0100 Subject: feat(helm): ability to monitor garage via prometheus --- script/helm/garage/templates/service.yaml | 21 +++++++++++ script/helm/garage/templates/servicemonitor.yaml | 44 ++++++++++++++++++++++++ script/helm/garage/templates/workload.yaml | 2 ++ script/helm/garage/values.yaml | 27 +++++++++++++++ 4 files changed, 94 insertions(+) create mode 100644 script/helm/garage/templates/servicemonitor.yaml (limited to 'script/helm') diff --git a/script/helm/garage/templates/service.yaml b/script/helm/garage/templates/service.yaml index 2bfff99d..37218872 100644 --- a/script/helm/garage/templates/service.yaml +++ b/script/helm/garage/templates/service.yaml @@ -17,3 +17,24 @@ spec: name: s3-web selector: {{- include "garage.selectorLabels" . | nindent 4 }} +{{- if .Values.monitoring.metrics.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "garage.fullname" . }}-metrics + labels: + {{- include "garage.labels" . | nindent 4 }} + annotations: + prometheus.io/scrape: "true" +spec: + type: ClusterIP + clusterIP: None + ports: + - port: 3903 + targetPort: 3903 + protocol: TCP + name: metrics + selector: + {{- include "garage.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/script/helm/garage/templates/servicemonitor.yaml b/script/helm/garage/templates/servicemonitor.yaml new file mode 100644 index 00000000..6838d09f --- /dev/null +++ b/script/helm/garage/templates/servicemonitor.yaml @@ -0,0 +1,44 @@ +{{- if .Values.monitoring.metrics.serviceMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "garage.fullname" . }} + {{- if .Values.monitoring.metrics.serviceMonitor.namespace }} + namespace: {{ tpl .Values.monitoring.metrics.serviceMonitor.namespace . }} + {{- else }} + namespace: {{ .Release.Namespace }} + {{- end }} + labels: + {{- include "garage.labels" . | nindent 4 }} + {{- with .Values.monitoring.metrics.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: metrics + {{- with .Values.monitoring.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + {{- with .Values.monitoring.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + honorLabels: true + path: {{ .Values.monitoring.metrics.serviceMonitor.path }} + scheme: {{ .Values.monitoring.metrics.serviceMonitor.scheme }} + {{- with .Values.monitoring.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.monitoring.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "garage.selectorLabels" . | nindent 6 }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/script/helm/garage/templates/workload.yaml b/script/helm/garage/templates/workload.yaml index b0303869..340c0054 100644 --- a/script/helm/garage/templates/workload.yaml +++ b/script/helm/garage/templates/workload.yaml @@ -61,6 +61,8 @@ spec: name: s3-api - containerPort: 3902 name: web-api + - containerPort: 3903 + name: admin volumeMounts: - name: meta mountPath: /mnt/meta diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 5900033b..69999e67 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -49,6 +49,12 @@ garage: bind_addr = "[::]:3902" root_domain = "{{ .Values.garage.s3.web.rootDomain }}" index = "{{ .Values.garage.s3.web.index }}" + + [admin] + api_bind_addr = "[::]:3903" + {{- if .Values.monitoring.tracing.sink }} + trace_sink = "{{ .Values.monitoring.tracing.sink }}" + {{- end }} # Data persistence persistence: @@ -123,6 +129,7 @@ service: web: port: 3902 # NOTE: the admin API is excluded for now as it is not consistent across nodes + ingress: s3: api: @@ -186,3 +193,23 @@ nodeSelector: {} tolerations: [] affinity: {} + +monitoring: + metrics: + # If true, a service for monitoring is created with a prometheus.io/scrape annotation + enabled: false + serviceMonitor: + # If true, a ServiceMonitor CRD is created for a prometheus operator + # https://github.com/coreos/prometheus-operator + # + enabled: false + path: /metrics + # namespace: monitoring (defaults to use the namespace this chart is deployed to) + labels: {} + interval: 15s + scheme: http + tlsConfig: {} + scrapeTimeout: 10s + relabelings: [] + tracing: + sink: "" \ No newline at end of file -- cgit v1.2.3 From ac6751f5099ba1be032665f616951280ced36e09 Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 28 Dec 2022 18:27:07 +0100 Subject: doc(helm): removed extra line --- script/helm/garage/values.yaml | 1 - 1 file changed, 1 deletion(-) (limited to 'script/helm') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index 69999e67..ca77c097 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -201,7 +201,6 @@ monitoring: serviceMonitor: # If true, a ServiceMonitor CRD is created for a prometheus operator # https://github.com/coreos/prometheus-operator - # enabled: false path: /metrics # namespace: monitoring (defaults to use the namespace this chart is deployed to) -- cgit v1.2.3 From 50bce43f25574d168f015f31fb7f8a69dafac072 Mon Sep 17 00:00:00 2001 From: Patrick Jahns Date: Wed, 28 Dec 2022 18:28:03 +0100 Subject: refactor(helm): use stable as image tag for init container --- script/helm/garage/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'script/helm') diff --git a/script/helm/garage/values.yaml b/script/helm/garage/values.yaml index ca77c097..3a1e41b9 100644 --- a/script/helm/garage/values.yaml +++ b/script/helm/garage/values.yaml @@ -85,7 +85,7 @@ image: initImage: repository: busybox - tag: 1.28 + tag: stable pullPolicy: IfNotPresent imagePullSecrets: [] -- cgit v1.2.3 From 66ed0bdd913d973980a53d0517e790da2b870784 Mon Sep 17 00:00:00 2001 From: Kamil Banach Date: Thu, 23 Mar 2023 20:20:46 +0100 Subject: Update Helm chart versions (app + chart) * chart version: 0.4.0 * app version: v0.8.2 --- script/helm/garage/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'script/helm') diff --git a/script/helm/garage/Chart.yaml b/script/helm/garage/Chart.yaml index f845cfe8..82b2e106 100644 --- a/script/helm/garage/Chart.yaml +++ b/script/helm/garage/Chart.yaml @@ -15,10 +15,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v0.7.2.1" +appVersion: "v0.8.2" -- cgit v1.2.3