From 3d5a3e06530c1250d48f7d838c619f3bfbcd019d Mon Sep 17 00:00:00 2001 From: Dileep Ranganathan Date: Thu, 30 May 2019 12:38:37 -0700 Subject: Refactor Distributed Analytics project structure Modified the project structure to improve maintainability and to add future CI and integration test support. Change-Id: Id30bfb1f83f23785a6b5f99e81f42f752d59c0f8 Issue-ID: ONAPARC-280 Signed-off-by: Dileep Ranganathan --- vnfs/DAaaS/00-init/gloo/.helmignore | 28 - vnfs/DAaaS/00-init/gloo/Chart.yaml | 8 - vnfs/DAaaS/00-init/gloo/templates/0-namespace.yaml | 10 - .../gloo/templates/10-ingress-deployment.yaml | 40 - .../00-init/gloo/templates/100-gloo-crds.yaml | 111 - .../gloo/templates/101-knative-crds-0.5.1.yaml | 343 --- .../templates/11-ingress-proxy-deployment.yaml | 65 - .../gloo/templates/12-ingress-proxy-configmap.yaml | 52 - .../gloo/templates/13-ingress-proxy-service.yaml | 23 - .../14-clusteringress-proxy-deployment.yaml | 58 - .../15-clusteringress-proxy-configmap.yaml | 49 - .../templates/16-clusteringress-proxy-service.yaml | 21 - .../gloo/templates/17-knative-no-istio-0.5.1.yaml | 982 ------ vnfs/DAaaS/00-init/gloo/templates/18-settings.yaml | 30 - .../20-namespace-clusterrole-gateway.yaml | 29 - .../21-namespace-clusterrole-ingress.yaml | 29 - .../22-namespace-clusterrole-knative.yaml | 29 - .../23-namespace-clusterrolebinding-gateway.yaml | 22 - .../24-namespace-clusterrolebinding-ingress.yaml | 22 - .../25-namespace-clusterrolebinding-knative.yaml | 21 - .../00-init/gloo/templates/3-gloo-deployment.yaml | 57 - .../00-init/gloo/templates/4-gloo-service.yaml | 18 - .../gloo/templates/5-discovery-deployment.yaml | 46 - .../gloo/templates/6-gateway-deployment.yaml | 47 - .../gloo/templates/7-gateway-proxy-deployment.yaml | 67 - .../gloo/templates/8-gateway-proxy-service.yaml | 35 - .../gloo/templates/9-gateway-proxy-configmap.yaml | 54 - vnfs/DAaaS/00-init/gloo/values-ingress.yaml | 74 - vnfs/DAaaS/00-init/gloo/values-knative.yaml | 72 - vnfs/DAaaS/00-init/gloo/values.yaml | 56 - vnfs/DAaaS/00-init/istio/README.md | 31 - vnfs/DAaaS/00-init/rook-ceph/Chart.yaml | 7 - vnfs/DAaaS/00-init/rook-ceph/templates/NOTES.txt | 5 - .../DAaaS/00-init/rook-ceph/templates/_helpers.tpl | 16 - vnfs/DAaaS/00-init/rook-ceph/templates/cluster.yml | 180 -- .../00-init/rook-ceph/templates/clusterrole.yaml | 165 - .../rook-ceph/templates/clusterrolebinding.yaml | 38 - .../templates/dashboard-external-http.yaml | 22 - .../00-init/rook-ceph/templates/deployment.yaml | 108 - vnfs/DAaaS/00-init/rook-ceph/templates/psp.yaml | 35 - .../00-init/rook-ceph/templates/resources.yaml | 177 -- vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml | 35 - .../00-init/rook-ceph/templates/rolebinding.yaml | 19 - .../rook-ceph/templates/serviceaccount.yaml | 8 - .../00-init/rook-ceph/templates/storageclass.yml | 28 - .../DAaaS/00-init/rook-ceph/templates/tool-box.yml | 62 - vnfs/DAaaS/00-init/rook-ceph/values.yaml | 75 - vnfs/DAaaS/GoApps/src/hdfs-writer/.gitignore | 40 - vnfs/DAaaS/GoApps/src/hdfs-writer/Makefile | 35 - vnfs/DAaaS/GoApps/src/hdfs-writer/README.md | 14 - vnfs/DAaaS/GoApps/src/hdfs-writer/cmd/main.go | 25 - vnfs/DAaaS/GoApps/src/hdfs-writer/go.mod | 3 - vnfs/DAaaS/README.md | 2 +- vnfs/DAaaS/applications/Chart.yaml | 5 - .../applications/m3db_promql/promql_api/README.md | 50 - .../m3db_promql/promql_api/__init__.py | 0 .../m3db_promql/promql_api/prom_ql_api.py | 83 - .../m3db_promql/sample_promql_query.py | 12 - .../applications/sample-horovod-app/Chart.yaml | 5 - .../applications/sample-horovod-app/Dockerfile | 143 - .../applications/sample-horovod-app/README.md | 162 - .../keras_mnist_advanced_modified.py | 169 -- .../sample-horovod-app/sample_values.yaml | 62 - .../sample-horovod-app/templates/NOTES.txt | 5 - .../sample-horovod-app/templates/_helpers.tpl | 32 - .../sample-horovod-app/templates/config.yaml | 130 - .../sample-horovod-app/templates/job-service.yaml | 19 - .../sample-horovod-app/templates/job.yaml | 140 - .../templates/minio-secrets.yaml | 31 - .../sample-horovod-app/templates/secrets.yaml | 15 - .../templates/statefulset-service.yaml | 19 - .../sample-horovod-app/templates/statefulset.yaml | 115 - .../applications/sample-spark-app/.helmignore | 22 - .../DAaaS/applications/sample-spark-app/Chart.yaml | 5 - .../DAaaS/applications/sample-spark-app/Dockerfile | 133 - .../sample-spark-app/templates/SampleSparkApp.yaml | 43 - .../sample-spark-app/templates/_helpers.tpl | 32 - .../applications/sample-spark-app/values.yaml | 57 - vnfs/DAaaS/applications/values.yaml | 29 - vnfs/DAaaS/build/README.md | 1 + vnfs/DAaaS/collectd-operator/.gitignore | 99 - vnfs/DAaaS/collectd-operator/Makefile | 70 - vnfs/DAaaS/collectd-operator/build/Dockerfile | 15 - vnfs/DAaaS/collectd-operator/cmd/manager/main.go | 125 - .../crds/onap_v1alpha1_collectdplugin_cr.yaml | 10 - .../crds/onap_v1alpha1_collectdplugin_crd.yaml | 65 - vnfs/DAaaS/collectd-operator/deploy/operator.yaml | 31 - vnfs/DAaaS/collectd-operator/deploy/role.yaml | 48 - .../collectd-operator/deploy/role_binding.yaml | 11 - .../collectd-operator/deploy/service_account.yaml | 4 - vnfs/DAaaS/collectd-operator/go.mod | 57 - vnfs/DAaaS/collectd-operator/go.sum | 301 -- .../pkg/apis/addtoscheme_onap_v1alpha1.go | 10 - vnfs/DAaaS/collectd-operator/pkg/apis/apis.go | 13 - .../pkg/apis/onap/v1alpha1/collectdplugin_types.go | 56 - .../pkg/apis/onap/v1alpha1/doc.go | 4 - .../pkg/apis/onap/v1alpha1/register.go | 19 - .../apis/onap/v1alpha1/zz_generated.deepcopy.go | 108 - .../pkg/apis/onap/v1alpha1/zz_generated.openapi.go | 124 - .../pkg/controller/add_collectdplugin.go | 10 - .../collectdplugin/collectdplugin_controller.go | 215 -- .../collectd-operator/pkg/controller/controller.go | 18 - vnfs/DAaaS/collectd-operator/tools.go | 15 - vnfs/DAaaS/collectd-operator/version/version.go | 5 - vnfs/DAaaS/collection/.helmignore | 22 - vnfs/DAaaS/collection/Chart.yaml | 5 - vnfs/DAaaS/collection/charts/cadvisor/.helmignore | 22 - vnfs/DAaaS/collection/charts/cadvisor/Chart.yaml | 19 - .../collection/charts/cadvisor/templates/NOTES.txt | 34 - .../charts/cadvisor/templates/_helpers.tpl | 25 - .../charts/cadvisor/templates/daemonset.yaml | 79 - .../charts/cadvisor/templates/service.yaml | 37 - vnfs/DAaaS/collection/charts/cadvisor/values.yaml | 23 - vnfs/DAaaS/collection/charts/collectd/.helmignore | 21 - vnfs/DAaaS/collection/charts/collectd/Chart.yaml | 19 - .../charts/collectd/resources/config/collectd.conf | 44 - .../collection/charts/collectd/templates/NOTES.txt | 34 - .../charts/collectd/templates/_helpers.tpl | 25 - .../charts/collectd/templates/configmap.yaml | 27 - .../charts/collectd/templates/daemonset.yaml | 83 - .../charts/collectd/templates/service.yaml | 32 - vnfs/DAaaS/collection/charts/collectd/values.yaml | 28 - .../charts/prometheus-node-exporter/.helmignore | 21 - .../charts/prometheus-node-exporter/Chart.yaml | 15 - .../charts/prometheus-node-exporter/OWNERS | 4 - .../charts/prometheus-node-exporter/README.md | 80 - .../prometheus-node-exporter/templates/NOTES.txt | 15 - .../templates/_helpers.tpl | 55 - .../templates/daemonset.yaml | 98 - .../templates/endpoints.yaml | 17 - .../templates/monitor.yaml | 17 - .../templates/psp-clusterrole.yaml | 15 - .../templates/psp-clusterrolebinding.yaml | 17 - .../prometheus-node-exporter/templates/psp.yaml | 51 - .../templates/service.yaml | 22 - .../templates/serviceaccount.yaml | 15 - .../charts/prometheus-node-exporter/values.yaml | 96 - .../DAaaS/collection/charts/prometheus/.helmignore | 22 - vnfs/DAaaS/collection/charts/prometheus/Chart.yaml | 5 - .../charts/prometheus/templates/NOTES.txt | 15 - .../charts/prometheus/templates/_helpers.tpl | 47 - .../charts/prometheus/templates/prometheus.yaml | 47 - .../charts/prometheus/templates/service.yaml | 38 - .../prometheus/templates/servicemonitor.yaml | 30 - .../DAaaS/collection/charts/prometheus/values.yaml | 79 - vnfs/DAaaS/collection/values.yaml | 28 - vnfs/DAaaS/day2_configs/collectd/README.txt | 14 - vnfs/DAaaS/day2_configs/collectd/add_plugins.yaml | 47 - .../DAaaS/day2_configs/collectd/replace_image.yaml | 6 - vnfs/DAaaS/day2_configs/prometheus/README.txt | 7 - .../day2_configs/prometheus/add_remote_write.yaml | 13 - vnfs/DAaaS/deploy/00-init/gloo/.helmignore | 28 + vnfs/DAaaS/deploy/00-init/gloo/Chart.yaml | 8 + .../deploy/00-init/gloo/templates/0-namespace.yaml | 10 + .../gloo/templates/10-ingress-deployment.yaml | 40 + .../00-init/gloo/templates/100-gloo-crds.yaml | 111 + .../gloo/templates/101-knative-crds-0.5.1.yaml | 343 +++ .../templates/11-ingress-proxy-deployment.yaml | 65 + .../gloo/templates/12-ingress-proxy-configmap.yaml | 52 + .../gloo/templates/13-ingress-proxy-service.yaml | 23 + .../14-clusteringress-proxy-deployment.yaml | 58 + .../15-clusteringress-proxy-configmap.yaml | 49 + .../templates/16-clusteringress-proxy-service.yaml | 21 + .../gloo/templates/17-knative-no-istio-0.5.1.yaml | 982 ++++++ .../deploy/00-init/gloo/templates/18-settings.yaml | 30 + .../20-namespace-clusterrole-gateway.yaml | 29 + .../21-namespace-clusterrole-ingress.yaml | 29 + .../22-namespace-clusterrole-knative.yaml | 29 + .../23-namespace-clusterrolebinding-gateway.yaml | 22 + .../24-namespace-clusterrolebinding-ingress.yaml | 22 + .../25-namespace-clusterrolebinding-knative.yaml | 21 + .../00-init/gloo/templates/3-gloo-deployment.yaml | 57 + .../00-init/gloo/templates/4-gloo-service.yaml | 18 + .../gloo/templates/5-discovery-deployment.yaml | 46 + .../gloo/templates/6-gateway-deployment.yaml | 47 + .../gloo/templates/7-gateway-proxy-deployment.yaml | 67 + .../gloo/templates/8-gateway-proxy-service.yaml | 35 + .../gloo/templates/9-gateway-proxy-configmap.yaml | 54 + vnfs/DAaaS/deploy/00-init/gloo/values-ingress.yaml | 74 + vnfs/DAaaS/deploy/00-init/gloo/values-knative.yaml | 72 + vnfs/DAaaS/deploy/00-init/gloo/values.yaml | 56 + vnfs/DAaaS/deploy/00-init/istio/README.md | 31 + vnfs/DAaaS/deploy/00-init/rook-ceph/Chart.yaml | 7 + .../deploy/00-init/rook-ceph/templates/NOTES.txt | 5 + .../00-init/rook-ceph/templates/_helpers.tpl | 16 + .../deploy/00-init/rook-ceph/templates/cluster.yml | 180 ++ .../00-init/rook-ceph/templates/clusterrole.yaml | 165 + .../rook-ceph/templates/clusterrolebinding.yaml | 38 + .../templates/dashboard-external-http.yaml | 22 + .../00-init/rook-ceph/templates/deployment.yaml | 108 + .../deploy/00-init/rook-ceph/templates/psp.yaml | 35 + .../00-init/rook-ceph/templates/resources.yaml | 177 ++ .../deploy/00-init/rook-ceph/templates/role.yaml | 35 + .../00-init/rook-ceph/templates/rolebinding.yaml | 19 + .../rook-ceph/templates/serviceaccount.yaml | 8 + .../00-init/rook-ceph/templates/storageclass.yml | 28 + .../00-init/rook-ceph/templates/tool-box.yml | 62 + vnfs/DAaaS/deploy/00-init/rook-ceph/values.yaml | 75 + vnfs/DAaaS/deploy/collection/.helmignore | 22 + vnfs/DAaaS/deploy/collection/Chart.yaml | 5 + .../deploy/collection/charts/cadvisor/.helmignore | 22 + .../deploy/collection/charts/cadvisor/Chart.yaml | 19 + .../collection/charts/cadvisor/templates/NOTES.txt | 34 + .../charts/cadvisor/templates/_helpers.tpl | 25 + .../charts/cadvisor/templates/daemonset.yaml | 79 + .../charts/cadvisor/templates/service.yaml | 37 + .../deploy/collection/charts/cadvisor/values.yaml | 23 + .../deploy/collection/charts/collectd/.helmignore | 21 + .../deploy/collection/charts/collectd/Chart.yaml | 19 + .../charts/collectd/resources/config/collectd.conf | 44 + .../collection/charts/collectd/templates/NOTES.txt | 34 + .../charts/collectd/templates/_helpers.tpl | 25 + .../charts/collectd/templates/configmap.yaml | 27 + .../charts/collectd/templates/daemonset.yaml | 83 + .../charts/collectd/templates/service.yaml | 32 + .../deploy/collection/charts/collectd/values.yaml | 28 + .../charts/prometheus-node-exporter/.helmignore | 21 + .../charts/prometheus-node-exporter/Chart.yaml | 15 + .../charts/prometheus-node-exporter/OWNERS | 4 + .../charts/prometheus-node-exporter/README.md | 80 + .../prometheus-node-exporter/templates/NOTES.txt | 15 + .../templates/_helpers.tpl | 55 + .../templates/daemonset.yaml | 98 + .../templates/endpoints.yaml | 17 + .../templates/monitor.yaml | 17 + .../templates/psp-clusterrole.yaml | 15 + .../templates/psp-clusterrolebinding.yaml | 17 + .../prometheus-node-exporter/templates/psp.yaml | 51 + .../templates/service.yaml | 22 + .../templates/serviceaccount.yaml | 15 + .../charts/prometheus-node-exporter/values.yaml | 96 + .../collection/charts/prometheus/.helmignore | 22 + .../deploy/collection/charts/prometheus/Chart.yaml | 5 + .../charts/prometheus/templates/NOTES.txt | 15 + .../charts/prometheus/templates/_helpers.tpl | 47 + .../charts/prometheus/templates/prometheus.yaml | 47 + .../charts/prometheus/templates/service.yaml | 38 + .../prometheus/templates/servicemonitor.yaml | 30 + .../collection/charts/prometheus/values.yaml | 79 + vnfs/DAaaS/deploy/collection/values.yaml | 28 + vnfs/DAaaS/deploy/day2_configs/collectd/README.txt | 14 + .../deploy/day2_configs/collectd/add_plugins.yaml | 47 + .../day2_configs/collectd/replace_image.yaml | 6 + .../deploy/day2_configs/prometheus/README.txt | 7 + .../day2_configs/prometheus/add_remote_write.yaml | 13 + vnfs/DAaaS/deploy/inference-core/.helmignore | 22 + vnfs/DAaaS/deploy/inference-core/Chart.yaml | 5 + .../inference-core/charts/tf-serving/.helmignore | 22 + .../inference-core/charts/tf-serving/Chart.yaml | 5 + .../charts/tf-serving/templates/NOTES.txt | 20 + .../charts/tf-serving/templates/_helpers.tpl | 41 + .../charts/tf-serving/templates/deployment.yaml | 138 + .../charts/tf-serving/templates/ingress.yaml | 55 + .../charts/tf-serving/templates/secrets.yaml | 31 + .../charts/tf-serving/templates/service.yaml | 39 + .../tf-serving/templates/serviceaccount.yaml | 25 + .../inference-core/charts/tf-serving/values.yaml | 71 + vnfs/DAaaS/deploy/inference-core/values.yaml | 30 + vnfs/DAaaS/deploy/messaging/.helmignore | 22 + vnfs/DAaaS/deploy/messaging/Chart.yaml | 5 + .../deploy/messaging/charts/kafka/.helmignore | 22 + .../DAaaS/deploy/messaging/charts/kafka/Chart.yaml | 5 + .../charts/kafka/templates/kafka-cluster.yaml | 29 + .../deploy/messaging/charts/kafka/values.yaml | 30 + .../charts/strimzi-kafka-operator/.helmignore | 21 + .../charts/strimzi-kafka-operator/Chart.yaml | 21 + .../messaging/charts/strimzi-kafka-operator/OWNERS | 8 + .../charts/strimzi-kafka-operator/README.md | 105 + ...10-ServiceAccount-strimzi-cluster-operator.yaml | 10 + ...-ClusterRole-strimzi-cluster-operator-role.yaml | 259 ++ .../020-RoleBinding-strimzi-cluster-operator.yaml | 25 + ...-ClusterRole-strimzi-cluster-operator-role.yaml | 21 + ...lusterRoleBinding-strimzi-cluster-operator.yaml | 18 + .../030-ClusterRole-strimzi-kafka-broker.yaml | 17 + ...i-cluster-operator-kafka-broker-delegation.yaml | 18 + .../031-ClusterRole-strimzi-entity-operator.yaml | 52 + ...luster-operator-entity-operator-delegation.yaml | 25 + .../032-ClusterRole-strimzi-topic-operator.yaml | 29 + ...cluster-operator-topic-operator-delegation.yaml | 25 + .../templates/040-Crd-kafka.yaml | 2123 +++++++++++++ .../templates/041-Crd-kafkaconnect.yaml | 559 ++++ .../templates/042-Crd-kafkaconnects2i.yaml | 561 ++++ .../templates/043-Crd-kafkatopic.yaml | 44 + .../templates/044-Crd-kafkauser.yaml | 100 + .../templates/045-Crd-kafkamirrormaker.yaml | 526 ++++ .../050-Deployment-strimzi-cluster-operator.yaml | 74 + .../strimzi-kafka-operator/templates/NOTES.txt | 5 + .../strimzi-kafka-operator/templates/_helpers.tpl | 49 + .../templates/_kafka_image_map.tpl | 28 + .../charts/strimzi-kafka-operator/values.yaml | 89 + vnfs/DAaaS/deploy/messaging/values.yaml | 29 + vnfs/DAaaS/deploy/minio/.helmignore | 21 + vnfs/DAaaS/deploy/minio/Chart.yaml | 22 + vnfs/DAaaS/deploy/minio/README.md | 330 ++ vnfs/DAaaS/deploy/minio/templates/NOTES.txt | 44 + .../minio/templates/_helper_create_bucket.txt | 89 + vnfs/DAaaS/deploy/minio/templates/_helpers.tpl | 43 + vnfs/DAaaS/deploy/minio/templates/configmap.yaml | 12 + vnfs/DAaaS/deploy/minio/templates/deployment.yaml | 195 ++ vnfs/DAaaS/deploy/minio/templates/ingress.yaml | 39 + .../deploy/minio/templates/networkpolicy.yaml | 25 + .../templates/post-install-create-bucket-job.yaml | 59 + vnfs/DAaaS/deploy/minio/templates/pvc.yaml | 27 + vnfs/DAaaS/deploy/minio/templates/secrets.yaml | 18 + vnfs/DAaaS/deploy/minio/templates/service.yaml | 46 + vnfs/DAaaS/deploy/minio/templates/statefulset.yaml | 141 + vnfs/DAaaS/deploy/minio/values.yaml | 331 ++ vnfs/DAaaS/deploy/operator/.helmignore | 22 + vnfs/DAaaS/deploy/operator/Chart.yaml | 5 + .../operator/charts/etcd-operator/.helmignore | 21 + .../operator/charts/etcd-operator/Chart.yaml | 14 + .../deploy/operator/charts/etcd-operator/OWNERS | 6 + .../deploy/operator/charts/etcd-operator/README.md | 158 + .../charts/etcd-operator/templates/NOTES.txt | 33 + .../charts/etcd-operator/templates/_helpers.tpl | 75 + .../etcd-operator/templates/backup-etcd-crd.yaml | 18 + .../backup-operator-clusterrole-binding.yaml | 20 + .../templates/backup-operator-deployment.yaml | 59 + .../templates/backup-operator-service-account.yaml | 12 + .../etcd-operator/templates/etcd-cluster-crd.yaml | 25 + .../templates/operator-cluster-role.yaml | 49 + .../templates/operator-clusterrole-binding.yaml | 20 + .../templates/operator-deployment.yaml | 81 + .../templates/operator-service-account.yaml | 12 + .../etcd-operator/templates/restore-etcd-crd.yaml | 28 + .../restore-operator-clusterrole-binding.yaml | 20 + .../templates/restore-operator-deployment.yaml | 63 + .../restore-operator-service-account.yaml | 12 + .../templates/restore-operator-service.yaml | 20 + .../operator/charts/etcd-operator/values.yaml | 153 + .../operator/charts/m3db-operator/Chart.yaml | 22 + .../deploy/operator/charts/m3db-operator/LICENSE | 201 ++ .../deploy/operator/charts/m3db-operator/NOTES.txt | 12 + .../deploy/operator/charts/m3db-operator/README.md | 14 + .../m3db-operator/templates/cluster_role.yaml | 35 + .../templates/cluster_role_binding.yaml | 12 + .../m3db-operator/templates/service_account.yaml | 5 + .../m3db-operator/templates/stateful_set.yaml | 26 + .../operator/charts/m3db-operator/values.yaml | 6 + .../charts/prometheus-operator/.helmignore | 25 + .../operator/charts/prometheus-operator/Chart.yaml | 17 + .../operator/charts/prometheus-operator/README.md | 428 +++ .../charts/prometheus-operator/templates/NOTES.txt | 5 + .../prometheus-operator/templates/_helpers.tpl | 91 + .../templates/alertmanager/alertmanager.yaml | 100 + .../templates/alertmanager/ingress.yaml | 33 + .../alertmanager/podDisruptionBudget.yaml | 20 + .../templates/alertmanager/psp-clusterrole.yaml | 15 + .../alertmanager/psp-clusterrolebinding.yaml | 17 + .../templates/alertmanager/psp.yaml | 48 + .../templates/alertmanager/secret.yaml | 14 + .../templates/alertmanager/service.yaml | 42 + .../templates/alertmanager/serviceaccount.yaml | 11 + .../templates/alertmanager/servicemonitor.yaml | 21 + .../exporters/node-exporter/servicemonitor.yaml | 18 + .../templates/grafana/configmap-dashboards.yaml | 23 + .../templates/grafana/configmaps-datasources.yaml | 19 + .../templates/grafana/dashboards/etcd.yaml | 1110 +++++++ .../grafana/dashboards/k8s-cluster-rsrc-use.yaml | 926 ++++++ .../templates/grafana/dashboards/k8s-coredns.yaml | 1323 ++++++++ .../grafana/dashboards/k8s-node-rsrc-use.yaml | 953 ++++++ .../grafana/dashboards/k8s-resources-cluster.yaml | 1338 ++++++++ .../dashboards/k8s-resources-namespace.yaml | 849 ++++++ .../grafana/dashboards/k8s-resources-pod.yaml | 876 ++++++ .../templates/grafana/dashboards/nodes.yaml | 1328 ++++++++ .../grafana/dashboards/persistentvolumesusage.yaml | 359 +++ .../templates/grafana/dashboards/pods.yaml | 500 +++ .../templates/grafana/dashboards/statefulset.yaml | 873 ++++++ .../templates/grafana/servicemonitor.yaml | 21 + .../prometheus-operator/cleanup-crds.yaml | 43 + .../templates/prometheus-operator/clusterrole.yaml | 71 + .../prometheus-operator/clusterrolebinding.yaml | 17 + .../prometheus-operator/crd-alertmanager.yaml | 2477 +++++++++++++++ .../prometheus-operator/crd-prometheus.yaml | 3178 ++++++++++++++++++++ .../prometheus-operator/crd-prometheusrules.yaml | 360 +++ .../prometheus-operator/crd-servicemonitor.yaml | 310 ++ .../templates/prometheus-operator/deployment.yaml | 71 + .../prometheus-operator/psp-clusterrole.yaml | 15 + .../psp-clusterrolebinding.yaml | 17 + .../templates/prometheus-operator/psp.yaml | 47 + .../templates/prometheus-operator/service.yaml | 41 + .../prometheus-operator/serviceaccount.yaml | 11 + .../prometheus-operator/servicemonitor.yaml | 20 + .../prometheus/additionalAlertRelabelConfigs.yaml | 11 + .../prometheus/additionalAlertmanagerConfigs.yaml | 11 + .../prometheus/additionalPrometheusRules.yaml | 20 + .../prometheus/additionalScrapeConfigs.yaml | 11 + .../templates/prometheus/clusterrole.yaml | 35 + .../templates/prometheus/clusterrolebinding.yaml | 18 + .../templates/prometheus/ingress.yaml | 33 + .../templates/prometheus/podDisruptionBudget.yaml | 20 + .../templates/prometheus/prometheus.yaml | 176 ++ .../templates/prometheus/psp-clusterrole.yaml | 15 + .../prometheus/psp-clusterrolebinding.yaml | 18 + .../templates/prometheus/psp.yaml | 47 + .../templates/prometheus/role-config.yaml | 16 + .../prometheus/role-specificNamespace.yaml | 27 + .../templates/prometheus/rolebinding-config.yaml | 17 + .../prometheus/rolebinding-specificNamespace.yaml | 23 + .../prometheus/rules/alertmanager.rules.yaml | 50 + .../templates/prometheus/rules/etcd.yaml | 136 + .../templates/prometheus/rules/general.rules.yaml | 46 + .../templates/prometheus/rules/k8s.rules.yaml | 60 + .../prometheus/rules/kube-apiserver.rules.yaml | 35 + .../rules/kube-prometheus-node-alerting.rules.yaml | 37 + .../kube-prometheus-node-recording.rules.yaml | 37 + .../prometheus/rules/kube-scheduler.rules.yaml | 59 + .../prometheus/rules/kubernetes-absent.yaml | 123 + .../prometheus/rules/kubernetes-apps.yaml | 156 + .../prometheus/rules/kubernetes-resources.yaml | 99 + .../prometheus/rules/kubernetes-storage.yaml | 58 + .../prometheus/rules/kubernetes-system.yaml | 119 + .../templates/prometheus/rules/node.rules.yaml | 198 ++ .../prometheus/rules/prometheus-operator.yaml | 39 + .../prometheus/rules/prometheus.rules.yaml | 105 + .../templates/prometheus/service.yaml | 44 + .../templates/prometheus/serviceaccount.yaml | 11 + .../templates/prometheus/servicemonitor.yaml | 21 + .../templates/prometheus/servicemonitors.yaml | 29 + .../charts/prometheus-operator/values.yaml | 1148 +++++++ .../operator/charts/sparkoperator/.helmignore | 1 + .../operator/charts/sparkoperator/Chart.yaml | 5 + .../deploy/operator/charts/sparkoperator/README.md | 42 + .../charts/sparkoperator/templates/_helpers.tpl | 48 + .../templates/spark-operator-deployment.yaml | 79 + .../templates/spark-operator-rbac.yaml | 55 + .../templates/spark-operator-serviceaccount.yaml | 11 + .../charts/sparkoperator/templates/spark-rbac.yaml | 44 + .../templates/spark-serviceaccount.yaml | 12 + .../templates/webhook-cleanup-job.yaml | 32 + .../sparkoperator/templates/webhook-init-job.yaml | 24 + .../sparkoperator/templates/webhook-service.yaml | 19 + .../operator/charts/sparkoperator/values.yaml | 28 + vnfs/DAaaS/deploy/operator/resources/m3db.labels | 7 + vnfs/DAaaS/deploy/operator/values.yaml | 29 + vnfs/DAaaS/deploy/training-core/.helmignore | 23 + vnfs/DAaaS/deploy/training-core/Chart.yaml | 5 + .../charts/kubernetes-HDFS/.gitignore | 2 + .../charts/kubernetes-HDFS/.travis.yml | 20 + .../training-core/charts/kubernetes-HDFS/LICENSE | 201 ++ .../training-core/charts/kubernetes-HDFS/README.md | 12 + .../charts/kubernetes-HDFS/charts/README.md | 390 +++ .../charts/hdfs-client-k8s/Chart.yaml | 4 + .../templates/client-deployment.yaml | 56 + .../charts/hdfs-config-k8s/.helmignore | 21 + .../charts/hdfs-config-k8s/Chart.yaml | 5 + .../charts/hdfs-config-k8s/templates/_helpers.tpl | 64 + .../hdfs-config-k8s/templates/configmap.yaml | 197 ++ .../charts/hdfs-datanode-k8s/Chart.yaml | 4 + .../templates/datanode-daemonset.yaml | 191 ++ .../charts/hdfs-journalnode-k8s/Chart.yaml | 4 + .../templates/journalnode-statefulset.yaml | 180 ++ .../kubernetes-HDFS/charts/hdfs-k8s/.gitignore | 2 + .../kubernetes-HDFS/charts/hdfs-k8s/.helmignore | 21 + .../kubernetes-HDFS/charts/hdfs-k8s/Chart.yaml | 5 + .../charts/hdfs-k8s/requirements.yaml | 59 + .../charts/hdfs-k8s/templates/_helpers.tpl | 264 ++ .../kubernetes-HDFS/charts/hdfs-k8s/values.yaml | 248 ++ .../charts/hdfs-krb5-k8s/.helmignore | 21 + .../charts/hdfs-krb5-k8s/Chart.yaml | 4 + .../hdfs-krb5-k8s/templates/statefulset.yaml | 99 + .../charts/hdfs-namenode-k8s/Chart.yaml | 4 + .../templates/namenode-statefulset.yaml | 287 ++ .../charts/hdfs-simple-namenode-k8s/Chart.yaml | 4 + .../templates/namenode-statefulset.yaml | 82 + .../deploy/training-core/charts/m3db/.helmignore | 22 + .../deploy/training-core/charts/m3db/Chart.yaml | 3 + .../training-core/charts/m3db/templates/NOTES.txt | 1 + .../charts/m3db/templates/_helpers.tpl | 32 + .../charts/m3db/templates/configmap.yaml | 216 ++ .../charts/m3db/templates/etcd-cluster.yaml | 20 + .../charts/m3db/templates/m3dbcluster.yaml | 22 + .../deploy/training-core/charts/m3db/values.yaml | 51 + .../hdfs-writer-source-code/hdfs-writer/README.md | 11 + .../hdfs-writer-source-code/hdfs-writer/pom.xml | 111 + .../src/main/java/CreateKafkaConsumer.java | 81 + .../hdfs-writer/src/main/java/HdfsWriter.java | 40 + .../hdfs-writer/src/main/java/Orchestrator.java | 51 + .../src/main/java/config/Configuration.java | 38 + .../hdfs-writer/src/main/java/kafka2hdfsApp.java | 14 + .../hdfs-writer/src/main/resources/configs.yaml | 10 + vnfs/DAaaS/deploy/training-core/values.yaml | 29 + vnfs/DAaaS/deploy/visualization/.helmignore | 22 + vnfs/DAaaS/deploy/visualization/Chart.yaml | 5 + .../visualization/charts/grafana/.helmignore | 22 + .../deploy/visualization/charts/grafana/Chart.yaml | 18 + .../deploy/visualization/charts/grafana/README.md | 240 ++ .../grafana/dashboards/custom-dashboard.json | 1 + .../charts/grafana/templates/NOTES.txt | 34 + .../charts/grafana/templates/_helpers.tpl | 43 + .../charts/grafana/templates/clusterrole.yaml | 23 + .../grafana/templates/clusterrolebinding.yaml | 23 + .../templates/configmap-dashboard-provider.yaml | 26 + .../charts/grafana/templates/configmap.yaml | 71 + .../templates/dashboards-json-configmap.yaml | 28 + .../charts/grafana/templates/deployment.yaml | 358 +++ .../charts/grafana/templates/ingress.yaml | 42 + .../grafana/templates/podsecuritypolicy.yaml | 54 + .../charts/grafana/templates/pvc.yaml | 24 + .../charts/grafana/templates/role.yaml | 31 + .../charts/grafana/templates/rolebinding.yaml | 29 + .../charts/grafana/templates/secret.yaml | 22 + .../charts/grafana/templates/service.yaml | 49 + .../charts/grafana/templates/serviceaccount.yaml | 11 + .../visualization/charts/grafana/values.yaml | 378 +++ .../DAaaS/deploy/visualization/templates/NOTES.txt | 37 + vnfs/DAaaS/deploy/visualization/values.yaml | 54 + vnfs/DAaaS/inference-core/.helmignore | 22 - vnfs/DAaaS/inference-core/Chart.yaml | 5 - .../inference-core/charts/tf-serving/.helmignore | 22 - .../inference-core/charts/tf-serving/Chart.yaml | 5 - .../charts/tf-serving/templates/NOTES.txt | 20 - .../charts/tf-serving/templates/_helpers.tpl | 41 - .../charts/tf-serving/templates/deployment.yaml | 138 - .../charts/tf-serving/templates/ingress.yaml | 55 - .../charts/tf-serving/templates/secrets.yaml | 31 - .../charts/tf-serving/templates/service.yaml | 39 - .../tf-serving/templates/serviceaccount.yaml | 25 - .../inference-core/charts/tf-serving/values.yaml | 71 - vnfs/DAaaS/inference-core/values.yaml | 30 - vnfs/DAaaS/lib/README.md | 1 + vnfs/DAaaS/messaging/.helmignore | 22 - vnfs/DAaaS/messaging/Chart.yaml | 5 - vnfs/DAaaS/messaging/charts/kafka/.helmignore | 22 - vnfs/DAaaS/messaging/charts/kafka/Chart.yaml | 5 - .../charts/kafka/templates/kafka-cluster.yaml | 29 - vnfs/DAaaS/messaging/charts/kafka/values.yaml | 30 - .../charts/strimzi-kafka-operator/.helmignore | 21 - .../charts/strimzi-kafka-operator/Chart.yaml | 21 - .../messaging/charts/strimzi-kafka-operator/OWNERS | 8 - .../charts/strimzi-kafka-operator/README.md | 105 - ...10-ServiceAccount-strimzi-cluster-operator.yaml | 10 - ...-ClusterRole-strimzi-cluster-operator-role.yaml | 259 -- .../020-RoleBinding-strimzi-cluster-operator.yaml | 25 - ...-ClusterRole-strimzi-cluster-operator-role.yaml | 21 - ...lusterRoleBinding-strimzi-cluster-operator.yaml | 18 - .../030-ClusterRole-strimzi-kafka-broker.yaml | 17 - ...i-cluster-operator-kafka-broker-delegation.yaml | 18 - .../031-ClusterRole-strimzi-entity-operator.yaml | 52 - ...luster-operator-entity-operator-delegation.yaml | 25 - .../032-ClusterRole-strimzi-topic-operator.yaml | 29 - ...cluster-operator-topic-operator-delegation.yaml | 25 - .../templates/040-Crd-kafka.yaml | 2123 ------------- .../templates/041-Crd-kafkaconnect.yaml | 559 ---- .../templates/042-Crd-kafkaconnects2i.yaml | 561 ---- .../templates/043-Crd-kafkatopic.yaml | 44 - .../templates/044-Crd-kafkauser.yaml | 100 - .../templates/045-Crd-kafkamirrormaker.yaml | 526 ---- .../050-Deployment-strimzi-cluster-operator.yaml | 74 - .../strimzi-kafka-operator/templates/NOTES.txt | 5 - .../strimzi-kafka-operator/templates/_helpers.tpl | 49 - .../templates/_kafka_image_map.tpl | 28 - .../charts/strimzi-kafka-operator/values.yaml | 89 - vnfs/DAaaS/messaging/values.yaml | 29 - .../GoApps/src/hdfs-writer/.gitignore | 40 + .../microservices/GoApps/src/hdfs-writer/Makefile | 35 + .../microservices/GoApps/src/hdfs-writer/README.md | 14 + .../GoApps/src/hdfs-writer/cmd/main.go | 25 + .../microservices/GoApps/src/hdfs-writer/go.mod | 3 + .../microservices/collectd-operator/.gitignore | 99 + .../DAaaS/microservices/collectd-operator/Makefile | 70 + .../collectd-operator/build/Dockerfile | 15 + .../collectd-operator/cmd/manager/main.go | 125 + .../crds/onap_v1alpha1_collectdplugin_cr.yaml | 10 + .../crds/onap_v1alpha1_collectdplugin_crd.yaml | 65 + .../collectd-operator/deploy/operator.yaml | 31 + .../collectd-operator/deploy/role.yaml | 48 + .../collectd-operator/deploy/role_binding.yaml | 11 + .../collectd-operator/deploy/service_account.yaml | 4 + vnfs/DAaaS/microservices/collectd-operator/go.mod | 57 + vnfs/DAaaS/microservices/collectd-operator/go.sum | 301 ++ .../pkg/apis/addtoscheme_onap_v1alpha1.go | 10 + .../collectd-operator/pkg/apis/apis.go | 13 + .../pkg/apis/onap/v1alpha1/collectdplugin_types.go | 56 + .../pkg/apis/onap/v1alpha1/doc.go | 4 + .../pkg/apis/onap/v1alpha1/register.go | 19 + .../apis/onap/v1alpha1/zz_generated.deepcopy.go | 108 + .../pkg/apis/onap/v1alpha1/zz_generated.openapi.go | 124 + .../pkg/controller/add_collectdplugin.go | 10 + .../collectdplugin/collectdplugin_controller.go | 215 ++ .../collectd-operator/pkg/controller/controller.go | 18 + .../DAaaS/microservices/collectd-operator/tools.go | 15 + .../collectd-operator/version/version.go | 5 + vnfs/DAaaS/minio/.helmignore | 21 - vnfs/DAaaS/minio/Chart.yaml | 22 - vnfs/DAaaS/minio/README.md | 330 -- vnfs/DAaaS/minio/templates/NOTES.txt | 44 - .../minio/templates/_helper_create_bucket.txt | 89 - vnfs/DAaaS/minio/templates/_helpers.tpl | 43 - vnfs/DAaaS/minio/templates/configmap.yaml | 12 - vnfs/DAaaS/minio/templates/deployment.yaml | 195 -- vnfs/DAaaS/minio/templates/ingress.yaml | 39 - vnfs/DAaaS/minio/templates/networkpolicy.yaml | 25 - .../templates/post-install-create-bucket-job.yaml | 59 - vnfs/DAaaS/minio/templates/pvc.yaml | 27 - vnfs/DAaaS/minio/templates/secrets.yaml | 18 - vnfs/DAaaS/minio/templates/service.yaml | 46 - vnfs/DAaaS/minio/templates/statefulset.yaml | 141 - vnfs/DAaaS/minio/values.yaml | 331 -- vnfs/DAaaS/operator/.helmignore | 22 - vnfs/DAaaS/operator/Chart.yaml | 5 - .../operator/charts/etcd-operator/.helmignore | 21 - .../DAaaS/operator/charts/etcd-operator/Chart.yaml | 14 - vnfs/DAaaS/operator/charts/etcd-operator/OWNERS | 6 - vnfs/DAaaS/operator/charts/etcd-operator/README.md | 158 - .../charts/etcd-operator/templates/NOTES.txt | 33 - .../charts/etcd-operator/templates/_helpers.tpl | 75 - .../etcd-operator/templates/backup-etcd-crd.yaml | 18 - .../backup-operator-clusterrole-binding.yaml | 20 - .../templates/backup-operator-deployment.yaml | 59 - .../templates/backup-operator-service-account.yaml | 12 - .../etcd-operator/templates/etcd-cluster-crd.yaml | 25 - .../templates/operator-cluster-role.yaml | 49 - .../templates/operator-clusterrole-binding.yaml | 20 - .../templates/operator-deployment.yaml | 81 - .../templates/operator-service-account.yaml | 12 - .../etcd-operator/templates/restore-etcd-crd.yaml | 28 - .../restore-operator-clusterrole-binding.yaml | 20 - .../templates/restore-operator-deployment.yaml | 63 - .../restore-operator-service-account.yaml | 12 - .../templates/restore-operator-service.yaml | 20 - .../operator/charts/etcd-operator/values.yaml | 153 - .../DAaaS/operator/charts/m3db-operator/Chart.yaml | 22 - vnfs/DAaaS/operator/charts/m3db-operator/LICENSE | 201 -- vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt | 12 - vnfs/DAaaS/operator/charts/m3db-operator/README.md | 14 - .../m3db-operator/templates/cluster_role.yaml | 35 - .../templates/cluster_role_binding.yaml | 12 - .../m3db-operator/templates/service_account.yaml | 5 - .../m3db-operator/templates/stateful_set.yaml | 26 - .../operator/charts/m3db-operator/values.yaml | 6 - .../charts/prometheus-operator/.helmignore | 25 - .../operator/charts/prometheus-operator/Chart.yaml | 17 - .../operator/charts/prometheus-operator/README.md | 428 --- .../charts/prometheus-operator/templates/NOTES.txt | 5 - .../prometheus-operator/templates/_helpers.tpl | 91 - .../templates/alertmanager/alertmanager.yaml | 100 - .../templates/alertmanager/ingress.yaml | 33 - .../alertmanager/podDisruptionBudget.yaml | 20 - .../templates/alertmanager/psp-clusterrole.yaml | 15 - .../alertmanager/psp-clusterrolebinding.yaml | 17 - .../templates/alertmanager/psp.yaml | 48 - .../templates/alertmanager/secret.yaml | 14 - .../templates/alertmanager/service.yaml | 42 - .../templates/alertmanager/serviceaccount.yaml | 11 - .../templates/alertmanager/servicemonitor.yaml | 21 - .../exporters/node-exporter/servicemonitor.yaml | 18 - .../templates/grafana/configmap-dashboards.yaml | 23 - .../templates/grafana/configmaps-datasources.yaml | 19 - .../templates/grafana/dashboards/etcd.yaml | 1110 ------- .../grafana/dashboards/k8s-cluster-rsrc-use.yaml | 926 ------ .../templates/grafana/dashboards/k8s-coredns.yaml | 1323 -------- .../grafana/dashboards/k8s-node-rsrc-use.yaml | 953 ------ .../grafana/dashboards/k8s-resources-cluster.yaml | 1338 -------- .../dashboards/k8s-resources-namespace.yaml | 849 ------ .../grafana/dashboards/k8s-resources-pod.yaml | 876 ------ .../templates/grafana/dashboards/nodes.yaml | 1328 -------- .../grafana/dashboards/persistentvolumesusage.yaml | 359 --- .../templates/grafana/dashboards/pods.yaml | 500 --- .../templates/grafana/dashboards/statefulset.yaml | 873 ------ .../templates/grafana/servicemonitor.yaml | 21 - .../prometheus-operator/cleanup-crds.yaml | 43 - .../templates/prometheus-operator/clusterrole.yaml | 71 - .../prometheus-operator/clusterrolebinding.yaml | 17 - .../prometheus-operator/crd-alertmanager.yaml | 2477 --------------- .../prometheus-operator/crd-prometheus.yaml | 3178 -------------------- .../prometheus-operator/crd-prometheusrules.yaml | 360 --- .../prometheus-operator/crd-servicemonitor.yaml | 310 -- .../templates/prometheus-operator/deployment.yaml | 71 - .../prometheus-operator/psp-clusterrole.yaml | 15 - .../psp-clusterrolebinding.yaml | 17 - .../templates/prometheus-operator/psp.yaml | 47 - .../templates/prometheus-operator/service.yaml | 41 - .../prometheus-operator/serviceaccount.yaml | 11 - .../prometheus-operator/servicemonitor.yaml | 20 - .../prometheus/additionalAlertRelabelConfigs.yaml | 11 - .../prometheus/additionalAlertmanagerConfigs.yaml | 11 - .../prometheus/additionalPrometheusRules.yaml | 20 - .../prometheus/additionalScrapeConfigs.yaml | 11 - .../templates/prometheus/clusterrole.yaml | 35 - .../templates/prometheus/clusterrolebinding.yaml | 18 - .../templates/prometheus/ingress.yaml | 33 - .../templates/prometheus/podDisruptionBudget.yaml | 20 - .../templates/prometheus/prometheus.yaml | 176 -- .../templates/prometheus/psp-clusterrole.yaml | 15 - .../prometheus/psp-clusterrolebinding.yaml | 18 - .../templates/prometheus/psp.yaml | 47 - .../templates/prometheus/role-config.yaml | 16 - .../prometheus/role-specificNamespace.yaml | 27 - .../templates/prometheus/rolebinding-config.yaml | 17 - .../prometheus/rolebinding-specificNamespace.yaml | 23 - .../prometheus/rules/alertmanager.rules.yaml | 50 - .../templates/prometheus/rules/etcd.yaml | 136 - .../templates/prometheus/rules/general.rules.yaml | 46 - .../templates/prometheus/rules/k8s.rules.yaml | 60 - .../prometheus/rules/kube-apiserver.rules.yaml | 35 - .../rules/kube-prometheus-node-alerting.rules.yaml | 37 - .../kube-prometheus-node-recording.rules.yaml | 37 - .../prometheus/rules/kube-scheduler.rules.yaml | 59 - .../prometheus/rules/kubernetes-absent.yaml | 123 - .../prometheus/rules/kubernetes-apps.yaml | 156 - .../prometheus/rules/kubernetes-resources.yaml | 99 - .../prometheus/rules/kubernetes-storage.yaml | 58 - .../prometheus/rules/kubernetes-system.yaml | 119 - .../templates/prometheus/rules/node.rules.yaml | 198 -- .../prometheus/rules/prometheus-operator.yaml | 39 - .../prometheus/rules/prometheus.rules.yaml | 105 - .../templates/prometheus/service.yaml | 44 - .../templates/prometheus/serviceaccount.yaml | 11 - .../templates/prometheus/servicemonitor.yaml | 21 - .../templates/prometheus/servicemonitors.yaml | 29 - .../charts/prometheus-operator/values.yaml | 1148 ------- .../operator/charts/sparkoperator/.helmignore | 1 - .../DAaaS/operator/charts/sparkoperator/Chart.yaml | 5 - vnfs/DAaaS/operator/charts/sparkoperator/README.md | 42 - .../charts/sparkoperator/templates/_helpers.tpl | 48 - .../templates/spark-operator-deployment.yaml | 79 - .../templates/spark-operator-rbac.yaml | 55 - .../templates/spark-operator-serviceaccount.yaml | 11 - .../charts/sparkoperator/templates/spark-rbac.yaml | 44 - .../templates/spark-serviceaccount.yaml | 12 - .../templates/webhook-cleanup-job.yaml | 32 - .../sparkoperator/templates/webhook-init-job.yaml | 24 - .../sparkoperator/templates/webhook-service.yaml | 19 - .../operator/charts/sparkoperator/values.yaml | 28 - vnfs/DAaaS/operator/resources/m3db.labels | 7 - vnfs/DAaaS/operator/values.yaml | 29 - .../sample-apps/m3db_promql/promql_api/README.md | 50 + .../sample-apps/m3db_promql/promql_api/__init__.py | 0 .../m3db_promql/promql_api/prom_ql_api.py | 83 + .../sample-apps/m3db_promql/sample_promql_query.py | 12 + .../training/sample-horovod-app/Chart.yaml | 5 + .../training/sample-horovod-app/Dockerfile | 143 + .../training/sample-horovod-app/README.md | 162 + .../keras_mnist_advanced_modified.py | 169 ++ .../training/sample-horovod-app/sample_values.yaml | 62 + .../sample-horovod-app/templates/NOTES.txt | 5 + .../sample-horovod-app/templates/_helpers.tpl | 32 + .../sample-horovod-app/templates/config.yaml | 130 + .../sample-horovod-app/templates/job-service.yaml | 19 + .../training/sample-horovod-app/templates/job.yaml | 140 + .../templates/minio-secrets.yaml | 31 + .../sample-horovod-app/templates/secrets.yaml | 15 + .../templates/statefulset-service.yaml | 19 + .../sample-horovod-app/templates/statefulset.yaml | 115 + .../training/sample-spark-app/.helmignore | 22 + .../training/sample-spark-app/Chart.yaml | 5 + .../training/sample-spark-app/Dockerfile | 133 + .../sample-spark-app/templates/SampleSparkApp.yaml | 43 + .../sample-spark-app/templates/_helpers.tpl | 32 + .../training/sample-spark-app/values.yaml | 57 + vnfs/DAaaS/training-core/.helmignore | 23 - vnfs/DAaaS/training-core/Chart.yaml | 5 - .../charts/kubernetes-HDFS/.gitignore | 2 - .../charts/kubernetes-HDFS/.travis.yml | 20 - .../training-core/charts/kubernetes-HDFS/LICENSE | 201 -- .../training-core/charts/kubernetes-HDFS/README.md | 12 - .../charts/kubernetes-HDFS/charts/README.md | 390 --- .../charts/hdfs-client-k8s/Chart.yaml | 4 - .../templates/client-deployment.yaml | 56 - .../charts/hdfs-config-k8s/.helmignore | 21 - .../charts/hdfs-config-k8s/Chart.yaml | 5 - .../charts/hdfs-config-k8s/templates/_helpers.tpl | 64 - .../hdfs-config-k8s/templates/configmap.yaml | 197 -- .../charts/hdfs-datanode-k8s/Chart.yaml | 4 - .../templates/datanode-daemonset.yaml | 191 -- .../charts/hdfs-journalnode-k8s/Chart.yaml | 4 - .../templates/journalnode-statefulset.yaml | 180 -- .../kubernetes-HDFS/charts/hdfs-k8s/.gitignore | 2 - .../kubernetes-HDFS/charts/hdfs-k8s/.helmignore | 21 - .../kubernetes-HDFS/charts/hdfs-k8s/Chart.yaml | 5 - .../charts/hdfs-k8s/requirements.yaml | 59 - .../charts/hdfs-k8s/templates/_helpers.tpl | 264 -- .../kubernetes-HDFS/charts/hdfs-k8s/values.yaml | 248 -- .../charts/hdfs-krb5-k8s/.helmignore | 21 - .../charts/hdfs-krb5-k8s/Chart.yaml | 4 - .../hdfs-krb5-k8s/templates/statefulset.yaml | 99 - .../charts/hdfs-namenode-k8s/Chart.yaml | 4 - .../templates/namenode-statefulset.yaml | 287 -- .../charts/hdfs-simple-namenode-k8s/Chart.yaml | 4 - .../templates/namenode-statefulset.yaml | 82 - vnfs/DAaaS/training-core/charts/m3db/.helmignore | 22 - vnfs/DAaaS/training-core/charts/m3db/Chart.yaml | 3 - .../training-core/charts/m3db/templates/NOTES.txt | 1 - .../charts/m3db/templates/_helpers.tpl | 32 - .../charts/m3db/templates/configmap.yaml | 216 -- .../charts/m3db/templates/etcd-cluster.yaml | 20 - .../charts/m3db/templates/m3dbcluster.yaml | 22 - vnfs/DAaaS/training-core/charts/m3db/values.yaml | 51 - .../hdfs-writer-source-code/hdfs-writer/README.md | 11 - .../hdfs-writer-source-code/hdfs-writer/pom.xml | 111 - .../src/main/java/CreateKafkaConsumer.java | 81 - .../hdfs-writer/src/main/java/HdfsWriter.java | 40 - .../hdfs-writer/src/main/java/Orchestrator.java | 51 - .../src/main/java/config/Configuration.java | 38 - .../hdfs-writer/src/main/java/kafka2hdfsApp.java | 14 - .../hdfs-writer/src/main/resources/configs.yaml | 10 - vnfs/DAaaS/training-core/values.yaml | 29 - vnfs/DAaaS/visualization/.helmignore | 22 - vnfs/DAaaS/visualization/Chart.yaml | 5 - .../DAaaS/visualization/charts/grafana/.helmignore | 22 - vnfs/DAaaS/visualization/charts/grafana/Chart.yaml | 18 - vnfs/DAaaS/visualization/charts/grafana/README.md | 240 -- .../grafana/dashboards/custom-dashboard.json | 1 - .../charts/grafana/templates/NOTES.txt | 34 - .../charts/grafana/templates/_helpers.tpl | 43 - .../charts/grafana/templates/clusterrole.yaml | 23 - .../grafana/templates/clusterrolebinding.yaml | 23 - .../templates/configmap-dashboard-provider.yaml | 26 - .../charts/grafana/templates/configmap.yaml | 71 - .../templates/dashboards-json-configmap.yaml | 28 - .../charts/grafana/templates/deployment.yaml | 358 --- .../charts/grafana/templates/ingress.yaml | 42 - .../grafana/templates/podsecuritypolicy.yaml | 54 - .../charts/grafana/templates/pvc.yaml | 24 - .../charts/grafana/templates/role.yaml | 31 - .../charts/grafana/templates/rolebinding.yaml | 29 - .../charts/grafana/templates/secret.yaml | 22 - .../charts/grafana/templates/service.yaml | 49 - .../charts/grafana/templates/serviceaccount.yaml | 11 - .../DAaaS/visualization/charts/grafana/values.yaml | 378 --- vnfs/DAaaS/visualization/templates/NOTES.txt | 37 - vnfs/DAaaS/visualization/values.yaml | 54 - 823 files changed, 42721 insertions(+), 42753 deletions(-) delete mode 100755 vnfs/DAaaS/00-init/gloo/.helmignore delete mode 100755 vnfs/DAaaS/00-init/gloo/Chart.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/0-namespace.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/10-ingress-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/100-gloo-crds.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/101-knative-crds-0.5.1.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/11-ingress-proxy-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/12-ingress-proxy-configmap.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/13-ingress-proxy-service.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/16-clusteringress-proxy-service.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/18-settings.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/3-gloo-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/4-gloo-service.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/5-discovery-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/6-gateway-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/7-gateway-proxy-deployment.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/8-gateway-proxy-service.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/templates/9-gateway-proxy-configmap.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/values-ingress.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/values-knative.yaml delete mode 100755 vnfs/DAaaS/00-init/gloo/values.yaml delete mode 100644 vnfs/DAaaS/00-init/istio/README.md delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/Chart.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/cluster.yml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/clusterrole.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/dashboard-external-http.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/deployment.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/psp.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/resources.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/rolebinding.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/serviceaccount.yaml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/storageclass.yml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/templates/tool-box.yml delete mode 100644 vnfs/DAaaS/00-init/rook-ceph/values.yaml delete mode 100644 vnfs/DAaaS/GoApps/src/hdfs-writer/.gitignore delete mode 100644 vnfs/DAaaS/GoApps/src/hdfs-writer/Makefile delete mode 100644 vnfs/DAaaS/GoApps/src/hdfs-writer/README.md delete mode 100644 vnfs/DAaaS/GoApps/src/hdfs-writer/cmd/main.go delete mode 100644 vnfs/DAaaS/GoApps/src/hdfs-writer/go.mod delete mode 100644 vnfs/DAaaS/applications/Chart.yaml delete mode 100644 vnfs/DAaaS/applications/m3db_promql/promql_api/README.md delete mode 100644 vnfs/DAaaS/applications/m3db_promql/promql_api/__init__.py delete mode 100644 vnfs/DAaaS/applications/m3db_promql/promql_api/prom_ql_api.py delete mode 100644 vnfs/DAaaS/applications/m3db_promql/sample_promql_query.py delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/Chart.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/Dockerfile delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/README.md delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/keras_mnist_advanced_modified.py delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/sample_values.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/config.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/job-service.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/job.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/minio-secrets.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/secrets.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset-service.yaml delete mode 100644 vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset.yaml delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/.helmignore delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/Chart.yaml delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/Dockerfile delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/templates/SampleSparkApp.yaml delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/applications/sample-spark-app/values.yaml delete mode 100644 vnfs/DAaaS/applications/values.yaml create mode 100644 vnfs/DAaaS/build/README.md delete mode 100644 vnfs/DAaaS/collectd-operator/.gitignore delete mode 100644 vnfs/DAaaS/collectd-operator/Makefile delete mode 100644 vnfs/DAaaS/collectd-operator/build/Dockerfile delete mode 100644 vnfs/DAaaS/collectd-operator/cmd/manager/main.go delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_cr.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_crd.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/operator.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/role.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/role_binding.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/deploy/service_account.yaml delete mode 100644 vnfs/DAaaS/collectd-operator/go.mod delete mode 100644 vnfs/DAaaS/collectd-operator/go.sum delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/addtoscheme_onap_v1alpha1.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/apis.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/collectdplugin_types.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/doc.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/register.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.deepcopy.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.openapi.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/controller/add_collectdplugin.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/controller/collectdplugin/collectdplugin_controller.go delete mode 100644 vnfs/DAaaS/collectd-operator/pkg/controller/controller.go delete mode 100644 vnfs/DAaaS/collectd-operator/tools.go delete mode 100644 vnfs/DAaaS/collectd-operator/version/version.go delete mode 100644 vnfs/DAaaS/collection/.helmignore delete mode 100644 vnfs/DAaaS/collection/Chart.yaml delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/.helmignore delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/Chart.yaml delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/templates/daemonset.yaml delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/templates/service.yaml delete mode 100644 vnfs/DAaaS/collection/charts/cadvisor/values.yaml delete mode 100644 vnfs/DAaaS/collection/charts/collectd/.helmignore delete mode 100644 vnfs/DAaaS/collection/charts/collectd/Chart.yaml delete mode 100644 vnfs/DAaaS/collection/charts/collectd/resources/config/collectd.conf delete mode 100644 vnfs/DAaaS/collection/charts/collectd/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/collection/charts/collectd/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/collection/charts/collectd/templates/configmap.yaml delete mode 100644 vnfs/DAaaS/collection/charts/collectd/templates/daemonset.yaml delete mode 100644 vnfs/DAaaS/collection/charts/collectd/templates/service.yaml delete mode 100644 vnfs/DAaaS/collection/charts/collectd/values.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/.helmignore delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/Chart.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/OWNERS delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/README.md delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/NOTES.txt delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/_helpers.tpl delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/daemonset.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/endpoints.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/monitor.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/service.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml delete mode 100755 vnfs/DAaaS/collection/charts/prometheus-node-exporter/values.yaml delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/.helmignore delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/Chart.yaml delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/templates/prometheus.yaml delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/templates/service.yaml delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/templates/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/collection/charts/prometheus/values.yaml delete mode 100644 vnfs/DAaaS/collection/values.yaml delete mode 100644 vnfs/DAaaS/day2_configs/collectd/README.txt delete mode 100644 vnfs/DAaaS/day2_configs/collectd/add_plugins.yaml delete mode 100644 vnfs/DAaaS/day2_configs/collectd/replace_image.yaml delete mode 100644 vnfs/DAaaS/day2_configs/prometheus/README.txt delete mode 100644 vnfs/DAaaS/day2_configs/prometheus/add_remote_write.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/.helmignore create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/0-namespace.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/10-ingress-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/100-gloo-crds.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/101-knative-crds-0.5.1.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/11-ingress-proxy-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/12-ingress-proxy-configmap.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/13-ingress-proxy-service.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/16-clusteringress-proxy-service.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/18-settings.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/3-gloo-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/4-gloo-service.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/5-discovery-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/6-gateway-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/7-gateway-proxy-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/8-gateway-proxy-service.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/templates/9-gateway-proxy-configmap.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/values-ingress.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/values-knative.yaml create mode 100755 vnfs/DAaaS/deploy/00-init/gloo/values.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/istio/README.md create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/cluster.yml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/dashboard-external-http.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/deployment.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/psp.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/resources.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/role.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/rolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/serviceaccount.yaml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/storageclass.yml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/templates/tool-box.yml create mode 100644 vnfs/DAaaS/deploy/00-init/rook-ceph/values.yaml create mode 100644 vnfs/DAaaS/deploy/collection/.helmignore create mode 100644 vnfs/DAaaS/deploy/collection/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/.helmignore create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/daemonset.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/service.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/cadvisor/values.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/.helmignore create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/resources/config/collectd.conf create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/templates/configmap.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/templates/daemonset.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/templates/service.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/collectd/values.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/.helmignore create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/OWNERS create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/README.md create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/NOTES.txt create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/_helpers.tpl create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/daemonset.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/endpoints.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/monitor.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/service.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml create mode 100755 vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/values.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/.helmignore create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/templates/prometheus.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/templates/service.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/templates/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/collection/charts/prometheus/values.yaml create mode 100644 vnfs/DAaaS/deploy/collection/values.yaml create mode 100644 vnfs/DAaaS/deploy/day2_configs/collectd/README.txt create mode 100644 vnfs/DAaaS/deploy/day2_configs/collectd/add_plugins.yaml create mode 100644 vnfs/DAaaS/deploy/day2_configs/collectd/replace_image.yaml create mode 100644 vnfs/DAaaS/deploy/day2_configs/prometheus/README.txt create mode 100644 vnfs/DAaaS/deploy/day2_configs/prometheus/add_remote_write.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/.helmignore create mode 100644 vnfs/DAaaS/deploy/inference-core/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/.helmignore create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/deployment.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/ingress.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/secrets.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/service.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/serviceaccount.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/charts/tf-serving/values.yaml create mode 100644 vnfs/DAaaS/deploy/inference-core/values.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/.helmignore create mode 100644 vnfs/DAaaS/deploy/messaging/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/kafka/.helmignore create mode 100644 vnfs/DAaaS/deploy/messaging/charts/kafka/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/kafka/templates/kafka-cluster.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/kafka/values.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/.helmignore create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/OWNERS create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/README.md create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/010-ServiceAccount-strimzi-cluster-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-ClusterRole-strimzi-cluster-operator-role.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-RoleBinding-strimzi-cluster-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRole-strimzi-cluster-operator-role.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRoleBinding-strimzi-cluster-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRole-strimzi-kafka-broker.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRoleBinding-strimzi-cluster-operator-kafka-broker-delegation.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-ClusterRole-strimzi-entity-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-RoleBinding-strimzi-cluster-operator-entity-operator-delegation.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-ClusterRole-strimzi-topic-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-RoleBinding-strimzi-cluster-operator-topic-operator-delegation.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/040-Crd-kafka.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/041-Crd-kafkaconnect.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/042-Crd-kafkaconnects2i.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/043-Crd-kafkatopic.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/044-Crd-kafkauser.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/045-Crd-kafkamirrormaker.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/050-Deployment-strimzi-cluster-operator.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_kafka_image_map.tpl create mode 100644 vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/values.yaml create mode 100644 vnfs/DAaaS/deploy/messaging/values.yaml create mode 100644 vnfs/DAaaS/deploy/minio/.helmignore create mode 100755 vnfs/DAaaS/deploy/minio/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/minio/README.md create mode 100644 vnfs/DAaaS/deploy/minio/templates/NOTES.txt create mode 100755 vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt create mode 100644 vnfs/DAaaS/deploy/minio/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/minio/templates/configmap.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/deployment.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/ingress.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml create mode 100755 vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/pvc.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/secrets.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/service.yaml create mode 100644 vnfs/DAaaS/deploy/minio/templates/statefulset.yaml create mode 100755 vnfs/DAaaS/deploy/minio/values.yaml create mode 100644 vnfs/DAaaS/deploy/operator/.helmignore create mode 100644 vnfs/DAaaS/deploy/operator/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/.helmignore create mode 100755 vnfs/DAaaS/deploy/operator/charts/etcd-operator/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/OWNERS create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/README.md create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-cluster-role.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-deployment.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-service-account.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/etcd-operator/values.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/LICENSE create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/README.md create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role_binding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/service_account.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/stateful_set.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/m3db-operator/values.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/.helmignore create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/README.md create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/service.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmap-dashboards.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmaps-datasources.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/etcd.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-cluster-rsrc-use.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-coredns.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-node-rsrc-use.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-cluster.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-namespace.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-pod.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/nodes.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/persistentvolumesusage.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/pods.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/statefulset.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/cleanup-crds.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-alertmanager.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheus.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheusrules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/deployment.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/service.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/serviceaccount.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/ingress.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/prometheus.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrole.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-config.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-specificNamespace.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-config.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-specificNamespace.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/etcd.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/general.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/node.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/service.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/serviceaccount.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitor.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitors.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/prometheus-operator/values.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/sparkoperator/.helmignore create mode 100644 vnfs/DAaaS/deploy/operator/charts/sparkoperator/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/README.md create mode 100644 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/_helpers.tpl create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/spark-operator-deployment.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/spark-operator-rbac.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/spark-operator-serviceaccount.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/spark-rbac.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/spark-serviceaccount.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/webhook-cleanup-job.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/webhook-init-job.yaml create mode 100755 vnfs/DAaaS/deploy/operator/charts/sparkoperator/templates/webhook-service.yaml create mode 100644 vnfs/DAaaS/deploy/operator/charts/sparkoperator/values.yaml create mode 100644 vnfs/DAaaS/deploy/operator/resources/m3db.labels create mode 100644 vnfs/DAaaS/deploy/operator/values.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/.helmignore create mode 100644 vnfs/DAaaS/deploy/training-core/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/.gitignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/.travis.yml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/LICENSE create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/README.md create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/README.md create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-client-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-client-k8s/templates/client-deployment.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/.helmignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/templates/configmap.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-datanode-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-datanode-k8s/templates/datanode-daemonset.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-journalnode-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-journalnode-k8s/templates/journalnode-statefulset.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/.gitignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/.helmignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/requirements.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/values.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/.helmignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/templates/statefulset.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-namenode-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-namenode-k8s/templates/namenode-statefulset.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-simple-namenode-k8s/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/kubernetes-HDFS/charts/hdfs-simple-namenode-k8s/templates/namenode-statefulset.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/.helmignore create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/Chart.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/templates/configmap.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/templates/etcd-cluster.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/templates/m3dbcluster.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/charts/m3db/values.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/README.md create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/pom.xml create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/CreateKafkaConsumer.java create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/HdfsWriter.java create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/Orchestrator.java create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/config/Configuration.java create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/kafka2hdfsApp.java create mode 100644 vnfs/DAaaS/deploy/training-core/hdfs-writer-source-code/hdfs-writer/src/main/resources/configs.yaml create mode 100644 vnfs/DAaaS/deploy/training-core/values.yaml create mode 100644 vnfs/DAaaS/deploy/visualization/.helmignore create mode 100644 vnfs/DAaaS/deploy/visualization/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/.helmignore create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/Chart.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/README.md create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/dashboards/custom-dashboard.json create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/NOTES.txt create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/_helpers.tpl create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/clusterrole.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/clusterrolebinding.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/configmap-dashboard-provider.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/configmap.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/dashboards-json-configmap.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/deployment.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/ingress.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/podsecuritypolicy.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/pvc.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/role.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/rolebinding.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/secret.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/service.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/templates/serviceaccount.yaml create mode 100755 vnfs/DAaaS/deploy/visualization/charts/grafana/values.yaml create mode 100644 vnfs/DAaaS/deploy/visualization/templates/NOTES.txt create mode 100644 vnfs/DAaaS/deploy/visualization/values.yaml delete mode 100644 vnfs/DAaaS/inference-core/.helmignore delete mode 100644 vnfs/DAaaS/inference-core/Chart.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/.helmignore delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/Chart.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/deployment.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/ingress.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/secrets.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/service.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/templates/serviceaccount.yaml delete mode 100644 vnfs/DAaaS/inference-core/charts/tf-serving/values.yaml delete mode 100644 vnfs/DAaaS/inference-core/values.yaml create mode 100644 vnfs/DAaaS/lib/README.md delete mode 100644 vnfs/DAaaS/messaging/.helmignore delete mode 100644 vnfs/DAaaS/messaging/Chart.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/kafka/.helmignore delete mode 100644 vnfs/DAaaS/messaging/charts/kafka/Chart.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/kafka/templates/kafka-cluster.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/kafka/values.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/.helmignore delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/Chart.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/OWNERS delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/README.md delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/010-ServiceAccount-strimzi-cluster-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/020-ClusterRole-strimzi-cluster-operator-role.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/020-RoleBinding-strimzi-cluster-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRole-strimzi-cluster-operator-role.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRoleBinding-strimzi-cluster-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRole-strimzi-kafka-broker.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRoleBinding-strimzi-cluster-operator-kafka-broker-delegation.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/031-ClusterRole-strimzi-entity-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/031-RoleBinding-strimzi-cluster-operator-entity-operator-delegation.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/032-ClusterRole-strimzi-topic-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/032-RoleBinding-strimzi-cluster-operator-topic-operator-delegation.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/040-Crd-kafka.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/041-Crd-kafkaconnect.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/042-Crd-kafkaconnects2i.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/043-Crd-kafkatopic.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/044-Crd-kafkauser.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/045-Crd-kafkamirrormaker.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/050-Deployment-strimzi-cluster-operator.yaml delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/templates/_kafka_image_map.tpl delete mode 100644 vnfs/DAaaS/messaging/charts/strimzi-kafka-operator/values.yaml delete mode 100644 vnfs/DAaaS/messaging/values.yaml create mode 100644 vnfs/DAaaS/microservices/GoApps/src/hdfs-writer/.gitignore create mode 100644 vnfs/DAaaS/microservices/GoApps/src/hdfs-writer/Makefile create mode 100644 vnfs/DAaaS/microservices/GoApps/src/hdfs-writer/README.md create mode 100644 vnfs/DAaaS/microservices/GoApps/src/hdfs-writer/cmd/main.go create mode 100644 vnfs/DAaaS/microservices/GoApps/src/hdfs-writer/go.mod create mode 100644 vnfs/DAaaS/microservices/collectd-operator/.gitignore create mode 100644 vnfs/DAaaS/microservices/collectd-operator/Makefile create mode 100644 vnfs/DAaaS/microservices/collectd-operator/build/Dockerfile create mode 100644 vnfs/DAaaS/microservices/collectd-operator/cmd/manager/main.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_cr.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_crd.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/operator.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/role.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/role_binding.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/deploy/service_account.yaml create mode 100644 vnfs/DAaaS/microservices/collectd-operator/go.mod create mode 100644 vnfs/DAaaS/microservices/collectd-operator/go.sum create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/addtoscheme_onap_v1alpha1.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/apis.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/onap/v1alpha1/collectdplugin_types.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/onap/v1alpha1/doc.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/onap/v1alpha1/register.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.deepcopy.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.openapi.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/controller/add_collectdplugin.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/controller/collectdplugin/collectdplugin_controller.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/pkg/controller/controller.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/tools.go create mode 100644 vnfs/DAaaS/microservices/collectd-operator/version/version.go delete mode 100644 vnfs/DAaaS/minio/.helmignore delete mode 100755 vnfs/DAaaS/minio/Chart.yaml delete mode 100755 vnfs/DAaaS/minio/README.md delete mode 100644 vnfs/DAaaS/minio/templates/NOTES.txt delete mode 100755 vnfs/DAaaS/minio/templates/_helper_create_bucket.txt delete mode 100644 vnfs/DAaaS/minio/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/minio/templates/configmap.yaml delete mode 100644 vnfs/DAaaS/minio/templates/deployment.yaml delete mode 100644 vnfs/DAaaS/minio/templates/ingress.yaml delete mode 100644 vnfs/DAaaS/minio/templates/networkpolicy.yaml delete mode 100755 vnfs/DAaaS/minio/templates/post-install-create-bucket-job.yaml delete mode 100644 vnfs/DAaaS/minio/templates/pvc.yaml delete mode 100644 vnfs/DAaaS/minio/templates/secrets.yaml delete mode 100644 vnfs/DAaaS/minio/templates/service.yaml delete mode 100644 vnfs/DAaaS/minio/templates/statefulset.yaml delete mode 100755 vnfs/DAaaS/minio/values.yaml delete mode 100644 vnfs/DAaaS/operator/.helmignore delete mode 100644 vnfs/DAaaS/operator/Chart.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/.helmignore delete mode 100755 vnfs/DAaaS/operator/charts/etcd-operator/Chart.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/OWNERS delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/README.md delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-cluster-role.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-deployment.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-service-account.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service.yaml delete mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/values.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/Chart.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/LICENSE delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/README.md delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role_binding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/service_account.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/stateful_set.yaml delete mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/values.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/.helmignore delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/Chart.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/README.md delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/service.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/configmap-dashboards.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/configmaps-datasources.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/etcd.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-cluster-rsrc-use.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-coredns.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-node-rsrc-use.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-cluster.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-namespace.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-pod.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/nodes.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/persistentvolumesusage.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/pods.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/dashboards/statefulset.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/grafana/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/cleanup-crds.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrole.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/crd-alertmanager.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheus.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheusrules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/crd-servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/deployment.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrole.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/psp.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/service.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/serviceaccount.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus-operator/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/clusterrole.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/ingress.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/prometheus.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrole.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/psp.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/role-config.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/role-specificNamespace.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rolebinding-config.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rolebinding-specificNamespace.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/etcd.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/general.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/node.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/service.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/serviceaccount.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/servicemonitor.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/templates/prometheus/servicemonitors.yaml delete mode 100644 vnfs/DAaaS/operator/charts/prometheus-operator/values.yaml delete mode 100644 vnfs/DAaaS/operator/charts/sparkoperator/.helmignore delete mode 100644 vnfs/DAaaS/operator/charts/sparkoperator/Chart.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/README.md delete mode 100644 vnfs/DAaaS/operator/charts/sparkoperator/templates/_helpers.tpl delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/spark-operator-deployment.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/spark-operator-rbac.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/spark-operator-serviceaccount.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/spark-rbac.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/spark-serviceaccount.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/webhook-cleanup-job.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/webhook-init-job.yaml delete mode 100755 vnfs/DAaaS/operator/charts/sparkoperator/templates/webhook-service.yaml delete mode 100644 vnfs/DAaaS/operator/charts/sparkoperator/values.yaml delete mode 100644 vnfs/DAaaS/operator/resources/m3db.labels delete mode 100644 vnfs/DAaaS/operator/values.yaml create mode 100644 vnfs/DAaaS/sample-apps/m3db_promql/promql_api/README.md create mode 100644 vnfs/DAaaS/sample-apps/m3db_promql/promql_api/__init__.py create mode 100644 vnfs/DAaaS/sample-apps/m3db_promql/promql_api/prom_ql_api.py create mode 100644 vnfs/DAaaS/sample-apps/m3db_promql/sample_promql_query.py create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/Chart.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/Dockerfile create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/README.md create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/keras_mnist_advanced_modified.py create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/sample_values.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/NOTES.txt create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/config.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/job-service.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/job.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/minio-secrets.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/secrets.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/statefulset-service.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-horovod-app/templates/statefulset.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/.helmignore create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/Chart.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/Dockerfile create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/templates/SampleSparkApp.yaml create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/sample-apps/training/sample-spark-app/values.yaml delete mode 100644 vnfs/DAaaS/training-core/.helmignore delete mode 100644 vnfs/DAaaS/training-core/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/.gitignore delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/.travis.yml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/LICENSE delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/README.md delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/README.md delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-client-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-client-k8s/templates/client-deployment.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/.helmignore delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-config-k8s/templates/configmap.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-datanode-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-datanode-k8s/templates/datanode-daemonset.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-journalnode-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-journalnode-k8s/templates/journalnode-statefulset.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/.gitignore delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/.helmignore delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/requirements.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-k8s/values.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/.helmignore delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-krb5-k8s/templates/statefulset.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-namenode-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-namenode-k8s/templates/namenode-statefulset.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-simple-namenode-k8s/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/kubernetes-HDFS/charts/hdfs-simple-namenode-k8s/templates/namenode-statefulset.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/.helmignore delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/Chart.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/templates/_helpers.tpl delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/templates/configmap.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/templates/etcd-cluster.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/templates/m3dbcluster.yaml delete mode 100644 vnfs/DAaaS/training-core/charts/m3db/values.yaml delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/README.md delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/pom.xml delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/CreateKafkaConsumer.java delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/HdfsWriter.java delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/Orchestrator.java delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/config/Configuration.java delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/java/kafka2hdfsApp.java delete mode 100644 vnfs/DAaaS/training-core/hdfs-writer-source-code/hdfs-writer/src/main/resources/configs.yaml delete mode 100644 vnfs/DAaaS/training-core/values.yaml delete mode 100644 vnfs/DAaaS/visualization/.helmignore delete mode 100644 vnfs/DAaaS/visualization/Chart.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/.helmignore delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/Chart.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/README.md delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/dashboards/custom-dashboard.json delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/NOTES.txt delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/_helpers.tpl delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/clusterrole.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/clusterrolebinding.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/configmap-dashboard-provider.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/configmap.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/dashboards-json-configmap.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/deployment.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/ingress.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/podsecuritypolicy.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/pvc.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/role.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/rolebinding.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/secret.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/service.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/templates/serviceaccount.yaml delete mode 100755 vnfs/DAaaS/visualization/charts/grafana/values.yaml delete mode 100644 vnfs/DAaaS/visualization/templates/NOTES.txt delete mode 100644 vnfs/DAaaS/visualization/values.yaml diff --git a/vnfs/DAaaS/00-init/gloo/.helmignore b/vnfs/DAaaS/00-init/gloo/.helmignore deleted file mode 100755 index 08c5989a..00000000 --- a/vnfs/DAaaS/00-init/gloo/.helmignore +++ /dev/null @@ -1,28 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj - -# template files -*-template.yaml - -# generator files -*.go -generate/ diff --git a/vnfs/DAaaS/00-init/gloo/Chart.yaml b/vnfs/DAaaS/00-init/gloo/Chart.yaml deleted file mode 100755 index 4f5e9315..00000000 --- a/vnfs/DAaaS/00-init/gloo/Chart.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -description: Gloo Helm chart for Kubernetes -home: https://gloo.solo.io/ -icon: https://raw.githubusercontent.com/solo-io/gloo/master/docs/img/Gloo-01.png -name: gloo -sources: -- https://github.com/solo-io/gloo -version: 0.13.18 diff --git a/vnfs/DAaaS/00-init/gloo/templates/0-namespace.yaml b/vnfs/DAaaS/00-init/gloo/templates/0-namespace.yaml deleted file mode 100755 index 92a37f9d..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/0-namespace.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if .Values.namespace.create -}} -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Release.Namespace }} - labels: - app: gloo - annotations: - "helm.sh/hook": pre-install -{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/10-ingress-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/10-ingress-deployment.yaml deleted file mode 100755 index 7314b4e3..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/10-ingress-deployment.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{- if or (.Values.ingress.enabled) (.Values.settings.integrations.knative.enabled) }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: ingress - name: ingress - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.ingress.deployment.replicas }} - selector: - matchLabels: - gloo: ingress - template: - metadata: - labels: - gloo: ingress - spec: - containers: - - image: "{{ .Values.ingress.deployment.image.repository }}:{{ .Values.ingress.deployment.image.tag }}" - imagePullPolicy: {{ .Values.ingress.deployment.image.pullPolicy }} - name: ingress - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace -{{- if .Values.settings.integrations.knative.enabled }} - - name: "ENABLE_KNATIVE_INGRESS" - value: "true" -{{- end }} - -{{- if not (.Values.ingress.enabled) }} - - name: "DISABLE_KUBE_INGRESS" - value: "true" -{{- end }} - - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/100-gloo-crds.yaml b/vnfs/DAaaS/00-init/gloo/templates/100-gloo-crds.yaml deleted file mode 100755 index 2c111170..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/100-gloo-crds.yaml +++ /dev/null @@ -1,111 +0,0 @@ -{{- if .Values.crds.create }} -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: settings.gloo.solo.io - annotations: - "helm.sh/hook": crd-install - labels: - gloo: settings -spec: - group: gloo.solo.io - names: - kind: Settings - listKind: SettingsList - plural: settings - shortNames: - - st - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: gateways.gateway.solo.io - annotations: - "helm.sh/hook": crd-install -spec: - group: gateway.solo.io - names: - kind: Gateway - listKind: GatewayList - plural: gateways - shortNames: - - gw - singular: gateway - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: virtualservices.gateway.solo.io - annotations: - "helm.sh/hook": crd-install -spec: - group: gateway.solo.io - names: - kind: VirtualService - listKind: VirtualServiceList - plural: virtualservices - shortNames: - - vs - singular: virtualservice - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: proxies.gloo.solo.io - annotations: - "helm.sh/hook": crd-install -spec: - group: gloo.solo.io - names: - kind: Proxy - listKind: ProxyList - plural: proxies - shortNames: - - px - singular: proxy - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: upstreams.gloo.solo.io - annotations: - "helm.sh/hook": crd-install -spec: - group: gloo.solo.io - names: - kind: Upstream - listKind: UpstreamList - plural: upstreams - shortNames: - - us - singular: upstream - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: upstreamgroups.gloo.solo.io - annotations: - "helm.sh/hook": crd-install -spec: - group: gloo.solo.io - names: - kind: UpstreamGroup - listKind: UpstreamGroupList - plural: upstreamgroups - shortNames: - - ug - singular: upstreamgroup - scope: Namespaced - version: v1 ---- -{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/101-knative-crds-0.5.1.yaml b/vnfs/DAaaS/00-init/gloo/templates/101-knative-crds-0.5.1.yaml deleted file mode 100755 index 3c9987ef..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/101-knative-crds-0.5.1.yaml +++ /dev/null @@ -1,343 +0,0 @@ -{{- if .Values.settings.integrations.knative.enabled }} - ---- -# ↓ required as knative dependency on istio crds is hard-coded right now ↓ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: virtualservices.networking.istio.io - annotations: - "helm.sh/hook": crd-install - labels: - app: istio-pilot -spec: - group: networking.istio.io - names: - kind: VirtualService - listKind: VirtualServiceList - plural: virtualservices - singular: virtualservice - categories: - - istio-io - - networking-istio-io - scope: Namespaced - version: v1alpha3 - -# ↑ required as knative dependency on istio crds is hard-coded right now ↑ - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: certificates.networking.internal.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].reason - name: Reason - type: string - group: networking.internal.knative.dev - names: - categories: - - all - - knative-internal - - networking - kind: Certificate - plural: certificates - shortNames: - - kcert - singular: certificate - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: clusteringresses.networking.internal.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: networking.internal.knative.dev - names: - categories: - - all - - knative-internal - - networking - kind: ClusterIngress - plural: clusteringresses - singular: clusteringress - scope: Cluster - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: configurations.serving.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.latestCreatedRevisionName - name: LatestCreated - type: string - - JSONPath: .status.latestReadyRevisionName - name: LatestReady - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: serving.knative.dev - names: - categories: - - all - - knative - - serving - kind: Configuration - plural: configurations - shortNames: - - config - - cfg - singular: configuration - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - name: images.caching.internal.knative.dev -spec: - group: caching.internal.knative.dev - names: - categories: - - all - - knative-internal - - caching - kind: Image - plural: images - shortNames: - - img - singular: image - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: podautoscalers.autoscaling.internal.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: autoscaling.internal.knative.dev - names: - categories: - - all - - knative-internal - - autoscaling - kind: PodAutoscaler - plural: podautoscalers - shortNames: - - kpa - singular: podautoscaler - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: revisions.serving.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.serviceName - name: Service Name - type: string - - JSONPath: .metadata.labels['serving\.knative\.dev/configurationGeneration'] - name: Generation - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: serving.knative.dev - names: - categories: - - all - - knative - - serving - kind: Revision - plural: revisions - shortNames: - - rev - singular: revision - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: routes.serving.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.domain - name: Domain - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: serving.knative.dev - names: - categories: - - all - - knative - - serving - kind: Route - plural: routes - shortNames: - - rt - singular: route - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: services.serving.knative.dev -spec: - additionalPrinterColumns: - - JSONPath: .status.domain - name: Domain - type: string - - JSONPath: .status.latestCreatedRevisionName - name: LatestCreated - type: string - - JSONPath: .status.latestReadyRevisionName - name: LatestReady - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=='Ready')].reason - name: Reason - type: string - group: serving.knative.dev - names: - categories: - - all - - knative - - serving - kind: Service - plural: services - shortNames: - - kservice - - ksvc - singular: service - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - "helm.sh/hook": crd-install - labels: - knative.dev/crd-install: "true" - serving.knative.dev/release: devel - name: serverlessservices.networking.internal.knative.dev -spec: - group: networking.internal.knative.dev - names: - categories: - - all - - knative-internal - - networking - kind: ServerlessService - plural: serverlessservices - shortNames: - - sks - singular: serverlessservice - scope: Namespaced - subresources: - status: {} - version: v1alpha1 - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/11-ingress-proxy-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/11-ingress-proxy-deployment.yaml deleted file mode 100755 index 5dc131e5..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/11-ingress-proxy-deployment.yaml +++ /dev/null @@ -1,65 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: ingress-proxy - name: ingress-proxy - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.ingressProxy.deployment.replicas }} - selector: - matchLabels: - gloo: ingress-proxy - template: - metadata: - labels: - gloo: ingress-proxy -{{- with .Values.ingressProxy.deployment.extraAnnotations }} - annotations: -{{toYaml . | indent 8}}{{- end }} - spec: - containers: - - args: ["--disable-hot-restart"] - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: "{{ .Values.ingressProxy.deployment.image.repository }}:{{ .Values.ingressProxy.deployment.image.tag }}" - imagePullPolicy: {{ .Values.ingressProxy.deployment.image.pullPolicy }} - name: ingress-proxy - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - ports: - - containerPort: {{ .Values.ingressProxy.deployment.httpPort }} - name: http - protocol: TCP - - containerPort: {{ .Values.ingressProxy.deployment.httpsPort }} - name: https - protocol: TCP -{{- with .Values.ingressProxy.deployment.extraPorts }} -{{toYaml . | indent 8}}{{- end }} - volumeMounts: - - mountPath: /etc/envoy - name: envoy-config - {{- if .Values.ingressProxy.deployment.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.ingressProxy.deployment.image.pullSecret }}{{end}} - volumes: - - configMap: - name: ingress-envoy-config - name: envoy-config - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/12-ingress-proxy-configmap.yaml b/vnfs/DAaaS/00-init/gloo/templates/12-ingress-proxy-configmap.yaml deleted file mode 100755 index 8938a477..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/12-ingress-proxy-configmap.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if .Values.ingress.enabled }} -# configmap -apiVersion: v1 -kind: ConfigMap -metadata: - name: ingress-envoy-config - namespace: {{ .Release.Namespace }} - labels: - app: gloo - gloo: gateway-proxy -data: -{{ if (empty .Values.ingressProxy.configMap.data) }} - envoy.yaml: | - node: - cluster: ingress - id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" - metadata: - # this line must match ! - role: "{{ "{{" }}.PodNamespace{{ "}}" }}~ingress-proxy" - static_resources: - clusters: - - name: xds_cluster - connect_timeout: 5.000s - load_assignment: - cluster_name: xds_cluster - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: gloo - port_value: {{ .Values.gloo.deployment.xdsPort }} - http2_protocol_options: {} - type: STRICT_DNS - dynamic_resources: - ads_config: - api_type: GRPC - grpc_services: - - envoy_grpc: {cluster_name: xds_cluster} - cds_config: - ads: {} - lds_config: - ads: {} - admin: - access_log_path: /dev/null - address: - socket_address: - address: 127.0.0.1 - port_value: 19000 -{{- else}}{{ toYaml .Values.ingressProxy.configMap.data | indent 2}}{{- end}} - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/13-ingress-proxy-service.yaml b/vnfs/DAaaS/00-init/gloo/templates/13-ingress-proxy-service.yaml deleted file mode 100755 index 583e8bcd..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/13-ingress-proxy-service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: v1 -kind: Service -metadata: - labels: - app: gloo - gloo: ingress-proxy - name: ingress-proxy - namespace: {{ .Release.Namespace }} -spec: - ports: - - port: {{ .Values.ingressProxy.deployment.httpPort }} - protocol: TCP - name: http - - port: {{ .Values.ingressProxy.deployment.httpsPort }} - protocol: TCP - name: https - selector: - gloo: ingress-proxy - type: LoadBalancer - - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml deleted file mode 100755 index fb7874eb..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -{{- if .Values.settings.integrations.knative.enabled }} - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: clusteringress-proxy - name: clusteringress-proxy - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.settings.integrations.knative.proxy.replicas }} - selector: - matchLabels: - gloo: clusteringress-proxy - template: - metadata: - labels: - gloo: clusteringress-proxy - spec: - containers: - - args: ["--disable-hot-restart"] - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: {{ .Values.settings.integrations.knative.proxy.image.repository }}:{{ .Values.settings.integrations.knative.proxy.image.tag }} - imagePullPolicy: {{ .Values.settings.integrations.knative.proxy.image.pullPolicy }} - name: clusteringress-proxy - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - ports: - - containerPort: {{ .Values.settings.integrations.knative.proxy.httpPort }} - name: http - protocol: TCP - - containerPort: {{ .Values.settings.integrations.knative.proxy.httpsPort }} - name: https - protocol: TCP - volumeMounts: - - mountPath: /etc/envoy - name: envoy-config - volumes: - - configMap: - name: clusteringress-envoy-config - name: envoy-config - -{{- end }} diff --git a/vnfs/DAaaS/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml b/vnfs/DAaaS/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml deleted file mode 100755 index 85a6421f..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if .Values.settings.integrations.knative.enabled }} -# configmap -apiVersion: v1 -kind: ConfigMap -metadata: - name: clusteringress-envoy-config - namespace: {{ .Release.Namespace }} - labels: - app: gloo - gloo: clusteringress-proxy -data: - envoy.yaml: | - node: - cluster: clusteringress - id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" - metadata: - # this line must match ! - role: "{{ "{{" }}.PodNamespace{{ "}}" }}~clusteringress-proxy" - static_resources: - clusters: - - name: xds_cluster - connect_timeout: 5.000s - load_assignment: - cluster_name: xds_cluster - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: gloo - port_value: {{ .Values.gloo.deployment.xdsPort }} - http2_protocol_options: {} - type: STRICT_DNS - dynamic_resources: - ads_config: - api_type: GRPC - grpc_services: - - envoy_grpc: {cluster_name: xds_cluster} - cds_config: - ads: {} - lds_config: - ads: {} - admin: - access_log_path: /dev/null - address: - socket_address: - address: 127.0.0.1 - port_value: 19000 -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/16-clusteringress-proxy-service.yaml b/vnfs/DAaaS/00-init/gloo/templates/16-clusteringress-proxy-service.yaml deleted file mode 100755 index 7e25bee9..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/16-clusteringress-proxy-service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.settings.integrations.knative.enabled }} -apiVersion: v1 -kind: Service -metadata: - labels: - app: gloo - gloo: clusteringress-proxy - name: clusteringress-proxy - namespace: {{ .Release.Namespace }} -spec: - ports: - - port: {{ .Values.settings.integrations.knative.proxy.httpPort }} - protocol: TCP - name: http - - port: {{ .Values.settings.integrations.knative.proxy.httpsPort }} - protocol: TCP - name: https - selector: - gloo: clusteringress-proxy - type: LoadBalancer -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml b/vnfs/DAaaS/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml deleted file mode 100755 index a73cf1f2..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml +++ /dev/null @@ -1,982 +0,0 @@ -{{- if .Values.settings.integrations.knative.enabled }} -apiVersion: v1 -kind: Namespace -metadata: - labels: - app: gloo - istio-injection: enabled - serving.knative.dev/release: devel - name: knative-serving - ---- -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - serving.knative.dev/release: devel - name: knative-serving-admin -rules: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - serving.knative.dev/controller: "true" - serving.knative.dev/release: devel - name: knative-serving-core -rules: - - apiGroups: - - "" - resources: - - pods - - namespaces - - secrets - - configmaps - - endpoints - - services - - events - - serviceaccounts - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - extensions - resources: - - ingresses - - deployments - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - apps - resources: - - deployments - - deployments/scale - - statefulsets - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - serving.knative.dev - resources: - - configurations - - routes - - revisions - - services - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - serving.knative.dev - resources: - - configurations/status - - routes/status - - revisions/status - - services/status - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - autoscaling.internal.knative.dev - resources: - - podautoscalers - - podautoscalers/status - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - caching.internal.knative.dev - resources: - - images - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - - apiGroups: - - networking.internal.knative.dev - resources: - - clusteringresses - - clusteringresses/status - - serverlessservices - - serverlessservices/status - verbs: - - get - - list - - create - - update - - delete - - deletecollection - - patch - - watch - - apiGroups: - - networking.istio.io - resources: - - virtualservices - verbs: - - get - - list - - create - - update - - delete - - patch - - watch - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - serving.knative.dev/release: devel - name: controller - namespace: knative-serving - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - serving.knative.dev/release: devel - name: knative-serving-controller-admin -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: knative-serving-admin -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: activator - serving.knative.dev/release: devel - name: activator-service - namespace: knative-serving -spec: - ports: - - name: http - nodePort: null - port: 80 - protocol: TCP - targetPort: 8080 - - name: http2 - port: 81 - protocol: TCP - targetPort: 8081 - - name: metrics - nodePort: null - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: activator - type: ClusterIP - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: controller - serving.knative.dev/release: devel - name: controller - namespace: knative-serving -spec: - ports: - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: controller - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - role: webhook - serving.knative.dev/release: devel - name: webhook - namespace: knative-serving -spec: - ports: - - port: 443 - targetPort: 443 - selector: - role: webhook - ---- -apiVersion: caching.internal.knative.dev/v1alpha1 -kind: Image -metadata: - labels: - serving.knative.dev/release: devel - name: queue-proxy - namespace: knative-serving -spec: - image: gcr.io/knative-releases/github.com/knative/serving/cmd/queue@sha256:b5c759e4ea6f36ae4498c1ec794653920345b9ad7492731fb1d6087e3b95dc43 - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - serving.knative.dev/release: devel - name: activator - namespace: knative-serving -spec: - selector: - matchLabels: - app: activator - role: activator - template: - metadata: - annotations: - sidecar.istio.io/inject: "true" - labels: - app: activator - role: activator - serving.knative.dev/release: devel - spec: - containers: - - args: - - -logtostderr=false - - -stderrthreshold=FATAL - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - image: gcr.io/knative-releases/github.com/knative/serving/cmd/activator@sha256:60630ac88d8cb67debd1e2ab1ecd6ec3ff6cbab2336dda8e7ae1c01ebead76c0 - livenessProbe: - httpGet: - path: /healthz - port: 8080 - name: activator - ports: - - containerPort: 8080 - name: http1-port - - containerPort: 8081 - name: h2c-port - - containerPort: 9090 - name: metrics-port - readinessProbe: - httpGet: - path: /healthz - port: 8080 - resources: - limits: - cpu: 200m - memory: 600Mi - requests: - cpu: 20m - memory: 60Mi - volumeMounts: - - mountPath: /etc/config-logging - name: config-logging - - mountPath: /etc/config-observability - name: config-observability - serviceAccountName: controller - volumes: - - configMap: - name: config-logging - name: config-logging - - configMap: - name: config-observability - name: config-observability - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: autoscaler - serving.knative.dev/release: devel - name: autoscaler - namespace: knative-serving -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - - name: metrics - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: autoscaler - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - serving.knative.dev/release: devel - name: autoscaler - namespace: knative-serving -spec: - replicas: 1 - selector: - matchLabels: - app: autoscaler - template: - metadata: - annotations: - sidecar.istio.io/inject: "true" - labels: - app: autoscaler - spec: - containers: - - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - image: gcr.io/knative-releases/github.com/knative/serving/cmd/autoscaler@sha256:442f99e3a55653b19137b44c1d00f681b594d322cb39c1297820eb717e2134ba - name: autoscaler - ports: - - containerPort: 8080 - name: websocket - - containerPort: 9090 - name: metrics - resources: - limits: - cpu: 300m - memory: 400Mi - requests: - cpu: 30m - memory: 40Mi - volumeMounts: - - mountPath: /etc/config-autoscaler - name: config-autoscaler - - mountPath: /etc/config-logging - name: config-logging - - mountPath: /etc/config-observability - name: config-observability - serviceAccountName: controller - volumes: - - configMap: - name: config-autoscaler - name: config-autoscaler - - configMap: - name: config-logging - name: config-logging - - configMap: - name: config-observability - name: config-observability - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # The Revision ContainerConcurrency field specifies the maximum number - # of requests the Container can handle at once. Container concurrency - # target percentage is how much of that maximum to use in a stable - # state. E.g. if a Revision specifies ContainerConcurrency of 10, then - # the Autoscaler will try to maintain 7 concurrent connections per pod - # on average. A value of 0.7 is chosen because the Autoscaler panics - # when concurrency exceeds 2x the desired set point. So we will panic - # before we reach the limit. - container-concurrency-target-percentage: "1.0" - - # The container concurrency target default is what the Autoscaler will - # try to maintain when the Revision specifies unlimited concurrency. - # Even when specifying unlimited concurrency, the autoscaler will - # horizontally scale the application based on this target concurrency. - # - # A value of 100 is chosen because it's enough to allow vertical pod - # autoscaling to tune resource requests. E.g. maintaining 1 concurrent - # "hello world" request doesn't consume enough resources to allow VPA - # to achieve efficient resource usage (VPA CPU minimum is 300m). - container-concurrency-target-default: "100" - - # When operating in a stable mode, the autoscaler operates on the - # average concurrency over the stable window. - stable-window: "60s" - - # When observed average concurrency during the panic window reaches 2x - # the target concurrency, the autoscaler enters panic mode. When - # operating in panic mode, the autoscaler operates on the average - # concurrency over the panic window. - panic-window: "6s" - - # Max scale up rate limits the rate at which the autoscaler will - # increase pod count. It is the maximum ratio of desired pods versus - # observed pods. - max-scale-up-rate: "10" - - # Scale to zero feature flag - enable-scale-to-zero: "true" - - # Tick interval is the time between autoscaling calculations. - tick-interval: "2s" - - # Dynamic parameters (take effect when config map is updated): - - # Scale to zero grace period is the time an inactive revision is left - # running before it is scaled to zero (min: 30s). - scale-to-zero-grace-period: "30s" -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-autoscaler - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # List of repositories for which tag to digest resolving should be skipped - registriesSkippingTagResolving: "ko.local,dev.local" - queueSidecarImage: gcr.io/knative-releases/github.com/knative/serving/cmd/queue@sha256:b5c759e4ea6f36ae4498c1ec794653920345b9ad7492731fb1d6087e3b95dc43 -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-controller - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # revision-timeout-seconds contains the default number of - # seconds to use for the revision's per-request timeout, if - # none is specified. - revision-timeout-seconds: "300" # 5 minutes - - # revision-cpu-request contains the cpu allocation to assign - # to revisions by default. - revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-defaults - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # Default value for domain. - # Although it will match all routes, it is the least-specific rule so it - # will only be used if no other domain matches. - example.com: | - - # These are example settings of domain. - # example.org will be used for routes having app=nonprofit. - example.org: | - selector: - app: nonprofit - - # Routes having domain suffix of 'svc.cluster.local' will not be exposed - # through Ingress. You can define your own label selector to assign that - # domain suffix to your Route here, or you can set the label - # "serving.knative.dev/visibility=cluster-local" - # to achieve the same effect. This shows how to make routes having - # the label app=secret only exposed to the local cluster. - svc.cluster.local: | - selector: - app: secret -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-domain - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # Delay after revision creation before considering it for GC - stale-revision-create-delay: "24h" - - # Duration since a route has been pointed at a revision before it should be GC'd - # This minus lastpinned-debounce be longer than the controller resync period (10 hours) - stale-revision-timeout: "15h" - - # Minimum number of generations of revisions to keep before considering for GC - stale-revision-minimum-generations: "1" - - # To avoid constant updates, we allow an existing annotation to be stale by this - # amount before we update the timestamp - stale-revision-lastpinned-debounce: "5h" -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-gc - namespace: knative-serving - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - networking.knative.dev/ingress-provider: istio - serving.knative.dev/release: devel - name: config-istio - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # Common configuration for all Knative codebase - zap-logger-config: | - { - "level": "info", - "development": false, - "outputPaths": ["stdout"], - "errorOutputPaths": ["stderr"], - "encoding": "json", - "encoderConfig": { - "timeKey": "ts", - "levelKey": "level", - "nameKey": "logger", - "callerKey": "caller", - "messageKey": "msg", - "stacktraceKey": "stacktrace", - "lineEnding": "", - "levelEncoder": "", - "timeEncoder": "iso8601", - "durationEncoder": "", - "callerEncoder": "" - } - } - - # Log level overrides - # For all components except the autoscaler and queue proxy, - # changes are be picked up immediately. - # For autoscaler and queue proxy, changes require recreation of the pods. - loglevel.controller: "info" - loglevel.autoscaler: "info" - loglevel.queueproxy: "info" - loglevel.webhook: "info" - loglevel.activator: "info" -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-logging - namespace: knative-serving - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-network - namespace: knative-serving - ---- -apiVersion: v1 -data: - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # logging.enable-var-log-collection defaults to false. - # A fluentd sidecar will be set up to collect var log if - # this flag is true. - logging.enable-var-log-collection: false - - # logging.fluentd-sidecar-image provides the fluentd sidecar image - # to inject as a sidecar to collect logs from /var/log. - # Must be presented if logging.enable-var-log-collection is true. - logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 - - # logging.fluentd-sidecar-output-config provides the configuration - # for the fluentd sidecar, which will be placed into a configmap and - # mounted into the fluentd sidecar image. - logging.fluentd-sidecar-output-config: | - # Parse json log before sending to Elastic Search - - @type parser - key_name log - - @type multi_format - - format json - time_key fluentd-time # fluentd-time is reserved for structured logs - time_format %Y-%m-%dT%H:%M:%S.%NZ - - - format none - message_key log - - - - # Send to Elastic Search - - @id elasticsearch - @type elasticsearch - @log_level info - include_tag_key true - # Elasticsearch service is in monitoring namespace. - host elasticsearch-logging.knative-monitoring - port 9200 - logstash_format true - - @type file - path /var/log/fluentd-buffers/kubernetes.system.buffer - flush_mode interval - retry_type exponential_backoff - flush_thread_count 2 - flush_interval 5s - retry_forever - retry_max_interval 30 - chunk_limit_size 2M - queue_limit_length 8 - overflow_action block - - - - # logging.revision-url-template provides a template to use for producing the - # logging URL that is injected into the status of each Revision. - # This value is what you might use the the Knative monitoring bundle, and provides - # access to Kibana after setting up kubectl proxy. - logging.revision-url-template: | - http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) - - # If non-empty, this enables queue proxy writing request logs to stdout. - # The value determines the shape of the request logs and it must be a valid go text/template. - # It is important to keep this as a single line. Multiple lines are parsed as separate entities - # by most collection agents and will split the request logs into multiple records. - # - # The following fields and functions are available to the template: - # - # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) - # representing an HTTP request received by the server. - # - # Response: - # struct { - # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) - # Size int // An int representing the size of the response. - # Latency float64 // A float64 representing the latency of the response in seconds. - # } - # - # Revision: - # struct { - # Name string // Knative revision name - # Namespace string // Knative revision namespace - # Service string // Knative service name - # Configuration string // Knative configuration name - # PodName string // Name of the pod hosting the revision - # PodIP string // IP of the pod hosting the revision - # } - # - logging.request-log-template: '{"httpRequest": {"requestMethod": "{{ "{{" }}.Request.Method{{ "{{" }}", "requestUrl": "{{ "{{" }}js .Request.RequestURI{{ "{{" }}", "requestSize": "{{ "{{" }}.Request.ContentLength{{ "{{" }}", "status": {{ "{{" }}.Response.Code{{ "{{" }}, "responseSize": "{{ "{{" }}.Response.Size{{ "{{" }}", "userAgent": "{{ "{{" }}js .Request.UserAgent{{ "{{" }}", "remoteIp": "{{ "{{" }}js .Request.RemoteAddr{{ "{{" }}", "serverIp": "{{ "{{" }}.Revision.PodIP{{ "{{" }}", "referer": "{{ "{{" }}js .Request.Referer{{ "{{" }}", "latency": "{{ "{{" }}.Response.Latency{{ "{{" }}s", "protocol": "{{ "{{" }}.Request.Proto{{ "{{" }}"}, "traceId": "{{ "{{" }}index .Request.Header "X-B3-Traceid"{{ "{{" }}"}' - - # metrics.backend-destination field specifies the system metrics destination. - # It supports either prometheus (the default) or stackdriver. - # Note: Using stackdriver will incur additional charges - metrics.backend-destination: prometheus - - # metrics.request-metrics-backend-destination specifies the request metrics - # destination. If non-empty, it enables queue proxy to send request metrics. - # Currently supported values: prometheus, stackdriver. - metrics.request-metrics-backend-destination: prometheus - - # metrics.stackdriver-project-id field specifies the stackdriver project ID. This - # field is optional. When running on GCE, application default credentials will be - # used if this field is not provided. - metrics.stackdriver-project-id: "" - - # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to - # Stackdriver using "global" resource type and custom metric type if the - # metrics are not supported by "knative_revision" resource type. Setting this - # flag to "true" could cause extra Stackdriver charge. - # If metrics.backend-destination is not Stackdriver, this is ignored. - metrics.allow-stackdriver-custom-metrics: "false" -kind: ConfigMap -metadata: - labels: - serving.knative.dev/release: devel - name: config-observability - namespace: knative-serving - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - serving.knative.dev/release: devel - name: controller - namespace: knative-serving -spec: - replicas: 1 - selector: - matchLabels: - app: controller - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: controller - spec: - containers: - - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - image: gcr.io/knative-releases/github.com/knative/serving/cmd/controller@sha256:25af5f3adad8b65db3126e0d6e90aa36835c124c24d9d72ffbdd7ee739a7f571 - name: controller - ports: - - containerPort: 9090 - name: metrics - resources: - limits: - cpu: 1000m - memory: 1000Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - mountPath: /etc/config-logging - name: config-logging - serviceAccountName: controller - volumes: - - configMap: - name: config-logging - name: config-logging - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - serving.knative.dev/release: devel - name: webhook - namespace: knative-serving -spec: - replicas: 1 - selector: - matchLabels: - app: webhook - role: webhook - template: - metadata: - annotations: - sidecar.istio.io/inject: "false" - labels: - app: webhook - role: webhook - spec: - containers: - - env: - - name: SYSTEM_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CONFIG_LOGGING_NAME - value: config-logging - image: gcr.io/knative-releases/github.com/knative/serving/cmd/webhook@sha256:d1ba3e2c0d739084ff508629db001619cea9cc8780685e85dd910363774eaef6 - name: webhook - resources: - limits: - cpu: 200m - memory: 200Mi - requests: - cpu: 20m - memory: 20Mi - volumeMounts: - - mountPath: /etc/config-logging - name: config-logging - serviceAccountName: controller - volumes: - - configMap: - name: config-logging - name: config-logging - -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/18-settings.yaml b/vnfs/DAaaS/00-init/gloo/templates/18-settings.yaml deleted file mode 100755 index a2eec087..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/18-settings.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{ if .Values.settings.create }} - -apiVersion: gloo.solo.io/v1 -kind: Settings -metadata: - name: default - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": pre-install -spec: - bindAddr: 0.0.0.0:{{ .Values.gloo.deployment.xdsPort }} - discoveryNamespace: {{ .Values.settings.writeNamespace }} - kubernetesArtifactSource: {} - kubernetesConfigSource: {} - kubernetesSecretSource: {} - refreshRate: 60s - -{{- if .Values.settings.extensions }} - extensions: -{{- toYaml .Values.settings.extensions | nindent 4 }} -{{- end }} - -{{- with .Values.settings.watchNamespaces }} - watchNamespaces: - {{- range . }} - - {{ . }} - {{- end }} -{{- end }} - -{{- end }} diff --git a/vnfs/DAaaS/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml b/vnfs/DAaaS/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml deleted file mode 100755 index 35fb5eb0..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.gateway.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-gateway - labels: - app: gloo - gloo: rbac -rules: -- apiGroups: [""] - resources: ["pods", "services", "secrets", "endpoints", "configmaps"] - verbs: ["*"] -- apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] -- apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "create"] -- apiGroups: ["gloo.solo.io"] - resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] - verbs: ["*"] -- apiGroups: ["gateway.solo.io"] - resources: ["virtualservices", "gateways"] - verbs: ["*"] -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml b/vnfs/DAaaS/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml deleted file mode 100755 index 15215b9f..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.ingress.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-ingress - labels: - app: gloo - gloo: rbac -rules: -- apiGroups: [""] - resources: ["pods", "services", "secrets", "endpoints", "configmaps"] - verbs: ["*"] -- apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] -- apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "create"] -- apiGroups: ["gloo.solo.io"] - resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] - verbs: ["*"] -- apiGroups: ["extensions", ""] - resources: ["ingresses"] - verbs: ["*"] -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml b/vnfs/DAaaS/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml deleted file mode 100755 index 1bd2b95d..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.settings.integrations.knative.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-knative - labels: - app: gloo - gloo: rbac -rules: -- apiGroups: [""] - resources: ["pods", "services", "secrets", "endpoints", "configmaps"] - verbs: ["*"] -- apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list", "watch"] -- apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "create"] -- apiGroups: ["gloo.solo.io"] - resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] - verbs: ["*"] -- apiGroups: ["networking.internal.knative.dev"] - resources: ["clusteringresses"] - verbs: ["get", "list", "watch"] -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml b/vnfs/DAaaS/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml deleted file mode 100755 index 62198913..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.gateway.enabled }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-binding-gateway-{{ .Release.Namespace }} - labels: - app: gloo - gloo: rbac -subjects: -- kind: ServiceAccount - name: default - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: gloo-role-gateway - apiGroup: rbac.authorization.k8s.io - -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml b/vnfs/DAaaS/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml deleted file mode 100755 index 7ef5cbae..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.ingress.enabled }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-binding-ingress-{{ .Release.Namespace }} - labels: - app: gloo - gloo: rbac -subjects: -- kind: ServiceAccount - name: default - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: gloo-role-ingress - apiGroup: rbac.authorization.k8s.io - -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml b/vnfs/DAaaS/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml deleted file mode 100755 index 5f05de96..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.rbac.create }} - -{{- if .Values.settings.integrations.knative.enabled }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: gloo-role-binding-knative-{{ .Release.Namespace }} - labels: - app: gloo - gloo: rbac -subjects: -- kind: ServiceAccount - name: default - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: gloo-role-knative - apiGroup: rbac.authorization.k8s.io -{{- end -}} - -{{- end -}} diff --git a/vnfs/DAaaS/00-init/gloo/templates/3-gloo-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/3-gloo-deployment.yaml deleted file mode 100755 index b3d8423f..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/3-gloo-deployment.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: gloo - name: gloo - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.gloo.deployment.replicas }} - selector: - matchLabels: - gloo: gloo - template: - metadata: - labels: - gloo: gloo - {{- if .Values.gloo.deployment.stats }} - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "9091" - prometheus.io/scrape: "true" - {{- end}} - spec: - containers: - - image: "{{ .Values.gloo.deployment.image.repository }}:{{ .Values.gloo.deployment.image.tag }}" - imagePullPolicy: {{ .Values.gloo.deployment.image.pullPolicy }} - name: gloo - resources: - requests: - cpu: 1 - memory: 256Mi - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 10101 - capabilities: - drop: - - ALL - ports: - - containerPort: {{ .Values.gloo.deployment.xdsPort }} - name: grpc - protocol: TCP - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if .Values.gloo.deployment.stats }} - - name: START_STATS_SERVER - value: "true" - {{- end}} - {{- if .Values.gloo.deployment.image.pullSecret }} - imagePullSecrets: - - name: {{ .Values.gloo.deployment.image.pullSecret }}{{end}} - diff --git a/vnfs/DAaaS/00-init/gloo/templates/4-gloo-service.yaml b/vnfs/DAaaS/00-init/gloo/templates/4-gloo-service.yaml deleted file mode 100755 index ab49ea3f..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/4-gloo-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: gloo - gloo: gloo - name: gloo - namespace: {{ .Release.Namespace }} -spec: -{{ if .Values.gloo.deployment.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.gloo.deployment.externalTrafficPolicy }} -{{- end }} - ports: - - name: grpc - port: {{ .Values.gloo.deployment.xdsPort }} - protocol: TCP - selector: - gloo: gloo diff --git a/vnfs/DAaaS/00-init/gloo/templates/5-discovery-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/5-discovery-deployment.yaml deleted file mode 100755 index 1a44e922..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/5-discovery-deployment.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: discovery - name: discovery - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.discovery.deployment.replicas }} - selector: - matchLabels: - gloo: discovery - template: - metadata: - labels: - gloo: discovery - {{- if .Values.discovery.deployment.stats }} - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "9091" - prometheus.io/scrape: "true" - {{- end}} - spec: - containers: - - image: "{{ .Values.discovery.deployment.image.repository }}:{{ .Values.discovery.deployment.image.tag }}" - imagePullPolicy: {{ .Values.discovery.deployment.image.pullPolicy }} - name: discovery - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 10101 - capabilities: - drop: - - ALL - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if .Values.discovery.deployment.stats }} - - name: START_STATS_SERVER - value: "true" - {{- end}} - diff --git a/vnfs/DAaaS/00-init/gloo/templates/6-gateway-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/6-gateway-deployment.yaml deleted file mode 100755 index 0a32241e..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/6-gateway-deployment.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{- if .Values.gateway.enabled }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: gateway - name: gateway - namespace: {{ .Release.Namespace }} -spec: - replicas: {{ .Values.gateway.deployment.replicas }} - selector: - matchLabels: - gloo: gateway - template: - metadata: - labels: - gloo: gateway - {{- if .Values.gateway.deployment.stats }} - annotations: - prometheus.io/path: /metrics - prometheus.io/port: "9091" - prometheus.io/scrape: "true" - {{- end}} - spec: - containers: - - image: "{{ .Values.gateway.deployment.image.repository }}:{{ .Values.gateway.deployment.image.tag }}" - imagePullPolicy: {{ .Values.gateway.deployment.image.pullPolicy }} - name: gateway - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 10101 - capabilities: - drop: - - ALL - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if .Values.gateway.deployment.stats }} - - name: START_STATS_SERVER - value: "true" - {{- end}} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/7-gateway-proxy-deployment.yaml b/vnfs/DAaaS/00-init/gloo/templates/7-gateway-proxy-deployment.yaml deleted file mode 100755 index bb54e8f3..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/7-gateway-proxy-deployment.yaml +++ /dev/null @@ -1,67 +0,0 @@ -{{- if .Values.gateway.enabled }} -{{- range $key, $spec := .Values.gatewayProxies }} ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: gloo - gloo: {{ $key }} - name: {{ $key }} - namespace: {{ $.Release.Namespace }} -spec: - replicas: {{ $spec.deployment.replicas }} - selector: - matchLabels: - gloo: {{ $key }} - template: - metadata: - labels: - gloo: {{ $key }} -{{- with $spec.deployment.extraAnnotations }} - annotations: -{{toYaml . | indent 8}}{{- end }} - spec: - containers: - - args: ["--disable-hot-restart"] - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - image: {{ $spec.deployment.image.repository }}:{{ $spec.deployment.image.tag }} - imagePullPolicy: {{ $spec.deployment.image.pullPolicy }} - name: gateway-proxy - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - ports: - - containerPort: {{ $spec.deployment.httpPort }} - name: http - protocol: TCP - - containerPort: {{ $spec.deployment.httpsPort }} - name: https - protocol: TCP -{{- with $spec.deployment.extraPorts }} -{{toYaml . | indent 8}}{{- end }} - volumeMounts: - - mountPath: /etc/envoy - name: envoy-config - {{- if $spec.deployment.image.pullSecret }} - imagePullSecrets: - - name: {{ $spec.deployment.image.pullSecret }}{{end}} - volumes: - - configMap: - name: {{ $key }}-envoy-config - name: envoy-config -{{- end }} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/templates/8-gateway-proxy-service.yaml b/vnfs/DAaaS/00-init/gloo/templates/8-gateway-proxy-service.yaml deleted file mode 100755 index f0b7d347..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/8-gateway-proxy-service.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.gateway.enabled }} -{{- range $key, $spec := .Values.gatewayProxies }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: gloo - gloo: {{ $key }} - name: {{ $key }} - namespace: {{ $.Release.Namespace }} - {{- with $spec.service.extraAnnotations }} - annotations: -{{toYaml . | indent 8}}{{- end }} -spec: - ports: - - port: {{ $spec.service.httpPort }} - targetPort: {{ $spec.deployment.httpPort }} - protocol: TCP - name: http - - port: {{ $spec.service.httpsPort }} - targetPort: {{ $spec.deployment.httpsPort }} - protocol: TCP - name: https - selector: - gloo: {{ $key }} - type: {{ $spec.service.type }} - {{- if and (eq $spec.service.type "ClusterIP") $spec.service.clusterIP }} - clusterIP: {{ $spec.service.clusterIP }} - {{- end }} - {{- if and (eq $spec.service.type "LoadBalancer") $spec.service.loadBalancerIP }} - loadBalancerIP: {{ $spec.service.loadBalancerIP }} - {{- end }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/00-init/gloo/templates/9-gateway-proxy-configmap.yaml b/vnfs/DAaaS/00-init/gloo/templates/9-gateway-proxy-configmap.yaml deleted file mode 100755 index 03c5a920..00000000 --- a/vnfs/DAaaS/00-init/gloo/templates/9-gateway-proxy-configmap.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- if .Values.gateway.enabled }} -{{- range $key, $spec := .Values.gatewayProxies }} ---- -# config_map -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $key }}-envoy-config - namespace: {{ $.Release.Namespace }} - labels: - app: gloo - gloo: {{ $key }} -data: -{{ if (empty $spec.configMap.data) }} - envoy.yaml: | - node: - cluster: gateway - id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" - metadata: - # this line must match ! - role: "{{ "{{" }}.PodNamespace{{ "}}" }}~gateway-proxy" - static_resources: - clusters: - - name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }} - connect_timeout: 5.000s - load_assignment: - cluster_name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }} - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: gloo.{{ $.Release.Namespace }}.svc.cluster.local - port_value: {{ $.Values.gloo.deployment.xdsPort }} - http2_protocol_options: {} - type: STRICT_DNS - dynamic_resources: - ads_config: - api_type: GRPC - grpc_services: - - envoy_grpc: {cluster_name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }}} - cds_config: - ads: {} - lds_config: - ads: {} - admin: - access_log_path: /dev/null - address: - socket_address: - address: 127.0.0.1 - port_value: 19000 -{{- else}}{{ toYaml $spec.configMap.data | indent 2}}{{- end}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/gloo/values-ingress.yaml b/vnfs/DAaaS/00-init/gloo/values-ingress.yaml deleted file mode 100755 index 98dd42ae..00000000 --- a/vnfs/DAaaS/00-init/gloo/values-ingress.yaml +++ /dev/null @@ -1,74 +0,0 @@ -crds: - create: true -discovery: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/discovery - tag: 0.13.18 - replicas: 1 - stats: false -gateway: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gateway - tag: "" - replicas: 1 - stats: false - enabled: false -gatewayProxies: - gateway-proxy: - configMap: - data: null - deployment: - httpPort: "8080" - httpsPort: "8443" - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo-envoy-wrapper - tag: "" - replicas: 1 - stats: false - service: - httpPort: "80" - httpsPort: "443" - type: LoadBalancer -gloo: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo - tag: 0.13.18 - replicas: 1 - stats: false - xdsPort: "9977" -ingress: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/ingress - tag: 0.13.18 - replicas: 1 - stats: false - enabled: true -ingressProxy: - configMap: {} - deployment: - httpPort: "80" - httpsPort: "443" - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo-envoy-wrapper - tag: 0.13.18 - replicas: 1 - stats: false -namespace: - create: false -rbac: - create: true -settings: - integrations: - knative: - enabled: false - writeNamespace: gloo-system diff --git a/vnfs/DAaaS/00-init/gloo/values-knative.yaml b/vnfs/DAaaS/00-init/gloo/values-knative.yaml deleted file mode 100755 index c53ca1a9..00000000 --- a/vnfs/DAaaS/00-init/gloo/values-knative.yaml +++ /dev/null @@ -1,72 +0,0 @@ -crds: - create: true -discovery: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/discovery - tag: 0.13.18 - replicas: 1 - stats: false -gateway: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gateway - tag: "" - replicas: 1 - stats: false - enabled: false -gatewayProxies: - gateway-proxy: - configMap: - data: null - deployment: - httpPort: "8080" - httpsPort: "8443" - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo-envoy-wrapper - tag: "" - replicas: 1 - stats: false - service: - httpPort: "80" - httpsPort: "443" - type: LoadBalancer -gloo: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo - tag: 0.13.18 - replicas: 1 - stats: false - xdsPort: "9977" -ingress: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/ingress - tag: 0.13.18 - replicas: 1 - stats: false - enabled: false -namespace: - create: false -rbac: - create: true -settings: - integrations: - knative: - enabled: true - proxy: - httpPort: "80" - httpsPort: "443" - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo-envoy-wrapper - tag: 0.13.18 - replicas: 1 - stats: false - writeNamespace: gloo-system diff --git a/vnfs/DAaaS/00-init/gloo/values.yaml b/vnfs/DAaaS/00-init/gloo/values.yaml deleted file mode 100755 index daeab0c3..00000000 --- a/vnfs/DAaaS/00-init/gloo/values.yaml +++ /dev/null @@ -1,56 +0,0 @@ -crds: - create: true -discovery: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/discovery - tag: 0.13.18 - replicas: 1 - stats: false -gateway: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gateway - tag: 0.13.18 - replicas: 1 - stats: false - enabled: true -gatewayProxies: - gateway-proxy: - configMap: - data: null - deployment: - httpPort: "8080" - httpsPort: "8443" - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo-envoy-wrapper - tag: 0.13.18 - replicas: 1 - stats: false - service: - httpPort: "80" - httpsPort: "443" - type: LoadBalancer -gloo: - deployment: - image: - pullPolicy: Always - repository: quay.io/solo-io/gloo - tag: 0.13.18 - replicas: 1 - stats: false - xdsPort: "9977" -ingress: - enabled: false -namespace: - create: false -rbac: - create: true -settings: - integrations: - knative: - enabled: false - writeNamespace: gloo-system diff --git a/vnfs/DAaaS/00-init/istio/README.md b/vnfs/DAaaS/00-init/istio/README.md deleted file mode 100644 index d19bcce0..00000000 --- a/vnfs/DAaaS/00-init/istio/README.md +++ /dev/null @@ -1,31 +0,0 @@ -Istio Installation - -1. Download the Source code -curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.1.7 sh - - -2. Add the ISTIO helm chart repository. “helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.1.7/charts/” - - NOTE : Make sure the helm client and helm server (tiller) is installed - - Create a namespace istio-system where all the istio components are installed “kubectl create namespace istio-system” - -3. Install all the Istio Custom Resource Definitions (CRDs) using kubectl apply - - - “helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -”. - -4. Verify that all 53 Istio CRDs were committed to the Kubernetes api-server using the following command: - - “kubectl get crds | grep 'istio.io\|certmanager.k8s.io' | wc -l” - -5. Install istio with the sds as the configuration profile. - - “helm template install/kubernetes/helm/istio --name istio --namespace istio-system --values install/kubernetes/helm/istio/values-istio-sds-auth.yaml | kubectl apply -f -” - -6. Verify the Installation - - “kubectl get svc -n istio-system” && “kubectl get pods -n istio-system” - - Reference - -1. https://istio.io/docs/setup/kubernetes/install/helm/ -2. https://istio.io/docs/tasks/security/auth-sds/ diff --git a/vnfs/DAaaS/00-init/rook-ceph/Chart.yaml b/vnfs/DAaaS/00-init/rook-ceph/Chart.yaml deleted file mode 100644 index 21e90098..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -description: File, Block, and Object Storage Services for your Cloud-Native Environment -name: rook-ceph -version: 0.0.1 -icon: https://rook.io/images/logos/rook/rook-logo-color-on-transparent.png -sources: - - https://github.com/rook/rook diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/NOTES.txt b/vnfs/DAaaS/00-init/rook-ceph/templates/NOTES.txt deleted file mode 100644 index 0509b574..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/NOTES.txt +++ /dev/null @@ -1,5 +0,0 @@ -The Rook Operator has been installed. Check its status by running: - kubectl --namespace {{ .Release.Namespace }} get pods -l "app=rook-ceph-operator" - -Visit https://rook.io/docs/rook/master for instructions on how -to create & configure Rook clusters diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/_helpers.tpl b/vnfs/DAaaS/00-init/rook-ceph/templates/_helpers.tpl deleted file mode 100644 index f0d83d2e..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/cluster.yml b/vnfs/DAaaS/00-init/rook-ceph/templates/cluster.yml deleted file mode 100644 index 1cd33e8c..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/cluster.yml +++ /dev/null @@ -1,180 +0,0 @@ -################################################################################# -# This example first defines some necessary namespace and RBAC security objects. -# The actual Ceph Cluster CRD example can be found at the bottom of this example. -################################################################################# -apiVersion: v1 -kind: Namespace -metadata: - name: rook-ceph ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: rook-ceph-osd - namespace: rook-ceph ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: rook-ceph-mgr - namespace: rook-ceph ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-osd - namespace: rook-ceph -rules: -- apiGroups: [""] - resources: ["configmaps"] - verbs: [ "get", "list", "watch", "create", "update", "delete" ] ---- -# Aspects of ceph-mgr that require access to the system namespace -kind: Role -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr-system - namespace: rook-ceph -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch ---- -# Aspects of ceph-mgr that operate within the cluster's namespace -kind: Role -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr - namespace: rook-ceph -rules: -- apiGroups: - - "" - resources: - - pods - - services - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - get - - list - - watch - - create - - update - - delete -- apiGroups: - - ceph.rook.io - resources: - - "*" - verbs: - - "*" ---- -# Allow the operator to create resources in this cluster's namespace -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-cluster-mgmt - namespace: rook-ceph -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: rook-ceph-cluster-mgmt -subjects: -- kind: ServiceAccount - name: rook-ceph-system - namespace: rook-ceph-system ---- -# Allow the osd pods in this namespace to work with configmaps -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-osd - namespace: rook-ceph -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: rook-ceph-osd -subjects: -- kind: ServiceAccount - name: rook-ceph-osd - namespace: rook-ceph ---- -# Allow the ceph mgr to access the cluster-specific resources necessary for the mgr modules -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr - namespace: rook-ceph -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: rook-ceph-mgr -subjects: -- kind: ServiceAccount - name: rook-ceph-mgr - namespace: rook-ceph ---- -# Allow the ceph mgr to access the rook system resources necessary for the mgr modules -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr-system - namespace: rook-ceph-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: rook-ceph-mgr-system -subjects: -- kind: ServiceAccount - name: rook-ceph-mgr - namespace: rook-ceph ---- -# Allow the ceph mgr to access cluster-wide resources necessary for the mgr modules -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr-cluster - namespace: rook-ceph -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: rook-ceph-mgr-cluster -subjects: -- kind: ServiceAccount - name: rook-ceph-mgr - namespace: rook-ceph ---- -################################################################################# -# The Ceph Cluster CRD example -################################################################################# -apiVersion: ceph.rook.io/v1 -kind: CephCluster -metadata: - name: rook-ceph - namespace: rook-ceph -spec: - cephVersion: - # For the latest ceph images, see https://hub.docker.com/r/ceph/ceph/tags - image: ceph/ceph:v13.2.2-20181023 - dataDirHostPath: /var/lib/rook - dashboard: - enabled: true - mon: - count: 3 - allowMultiplePerNode: true - storage: - useAllNodes: true - useAllDevices: false - config: - databaseSizeMB: "1024" - journalSizeMB: "1024" \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrole.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrole.yaml deleted file mode 100644 index 58a24d47..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrole.yaml +++ /dev/null @@ -1,165 +0,0 @@ -{{- if .Values.rbacEnable }} -# The cluster role for managing all the cluster-specific resources in a namespace -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: rook-ceph-cluster-mgmt - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - "" - resources: - - secrets - - pods - - pods/log - - services - - configmaps - verbs: - - get - - list - - watch - - patch - - create - - update - - delete -- apiGroups: - - extensions - resources: - - deployments - - daemonsets - - replicasets - verbs: - - get - - list - - watch - - create - - update - - delete ---- -# The cluster role for managing the Rook CRDs -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: rook-ceph-global - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - "" - resources: - # Pod access is needed for fencing - - pods - # Node access is needed for determining nodes where mons should run - - nodes - - nodes/proxy - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - # PVs and PVCs are managed by the Rook provisioner - - persistentvolumes - - persistentvolumeclaims - verbs: - - get - - list - - watch - - patch - - create - - update - - delete -- apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - get - - list - - watch - - create - - update - - delete -- apiGroups: - - ceph.rook.io - resources: - - "*" - verbs: - - "*" -- apiGroups: - - rook.io - resources: - - "*" - verbs: - - "*" ---- -# Aspects of ceph-mgr that require cluster-wide access -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-mgr-cluster - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - "" - resources: - - configmaps - - nodes - - nodes/proxy - verbs: - - get - - list - - watch -{{- if ((.Values.agent) and .Values.agent.mountSecurityMode) and ne .Values.agent.mountSecurityMode "Any" }} ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: rook-ceph-agent-mount - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - get -{{- end }} -{{- if .Values.pspEnable }} ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRole -metadata: - name: rook-ceph-system-psp-user - labels: - operator: rook - storage-backend: ceph - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -rules: -- apiGroups: - - extensions - resources: - - podsecuritypolicies - resourceNames: - - 00-rook-ceph-operator - verbs: - - use -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrolebinding.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrolebinding.yaml deleted file mode 100644 index 845eb6d7..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if .Values.rbacEnable }} -# Grant the rook system daemons cluster-wide access to manage the Rook CRDs, PVCs, and storage classes -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-global - labels: - operator: rook - storage-backend: ceph - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: rook-ceph-global -subjects: -- kind: ServiceAccount - name: rook-ceph-system - namespace: {{ .Release.Namespace }} -{{- if .Values.pspEnable }} ---- -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: rook-ceph-system-psp-users - labels: - operator: rook - storage-backend: ceph - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: rook-ceph-system-psp-user -subjects: -- kind: ServiceAccount - name: rook-ceph-system - namespace: {{ .Release.Namespace }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/dashboard-external-http.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/dashboard-external-http.yaml deleted file mode 100644 index ee521152..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/dashboard-external-http.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: rook-ceph-mgr-dashboard-external-http - namespace: rook-ceph - labels: - app: rook-ceph-mgr - rook_cluster: rook-ceph - annotations: - "helm.sh/hook": "post-install" - "helm.sh/hook-weight": "10" -spec: - ports: - - name: dashboard - port: 7000 - protocol: TCP - targetPort: 7000 - selector: - app: rook-ceph-mgr - rook_cluster: rook-ceph - sessionAffinity: None - type: NodePort diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/deployment.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/deployment.yaml deleted file mode 100644 index 13c6a763..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/deployment.yaml +++ /dev/null @@ -1,108 +0,0 @@ -apiVersion: apps/v1beta1 -kind: Deployment -metadata: - name: rook-ceph-operator - labels: - operator: rook - storage-backend: ceph - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -spec: - replicas: 1 - selector: - matchLabels: - app: rook-ceph-operator - template: - metadata: - labels: - app: rook-ceph-operator - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" -{{- if .Values.annotations }} - annotations: -{{ toYaml .Values.annotations | indent 8 }} -{{- end }} - spec: - containers: - - name: rook-ceph-operator - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: ["ceph", "operator"] - env: -{{- if not .Values.rbacEnable }} - - name: RBAC_ENABLED - value: "false" -{{- end }} -{{- if .Values.agent }} -{{- if .Values.agent.toleration }} - - name: AGENT_TOLERATION - value: {{ .Values.agent.toleration }} -{{- end }} -{{- if .Values.agent.tolerationKey }} - - name: AGENT_TOLERATION_KEY - value: {{ .Values.agent.tolerationKey }} -{{- end }} -{{- if .Values.agent.mountSecurityMode }} - - name: AGENT_MOUNT_SECURITY_MODE - value: {{ .Values.agent.mountSecurityMode }} -{{- end }} -{{- if .Values.agent.flexVolumeDirPath }} - - name: FLEXVOLUME_DIR_PATH - value: {{ .Values.agent.flexVolumeDirPath }} -{{- end }} -{{- if .Values.agent.libModulesDirPath }} - - name: LIB_MODULES_DIR_PATH - value: {{ .Values.agent.libModulesDirPath }} -{{- end }} -{{- if .Values.agent.mounts }} - - name: AGENT_MOUNTS - value: {{ .Values.agent.mounts }} -{{- end }} -{{- end }} -{{- if .Values.discover }} -{{- if .Values.discover.toleration }} - - name: DISCOVER_TOLERATION - value: {{ .Values.agent.toleration }} -{{- end }} -{{- if .Values.discover.tolerationKey }} - - name: DISCOVER_TOLERATION_KEY - value: {{ .Values.discover.tolerationKey }} -{{- end }} -{{- end }} - - name: ROOK_LOG_LEVEL - value: {{ .Values.logLevel }} - - name: ROOK_ENABLE_SELINUX_RELABELING - value: {{ .Values.enableSelinuxRelabeling | quote }} - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace -{{- if .Values.mon }} -{{- if .Values.mon.healthCheckInterval }} - - name: ROOK_MON_HEALTHCHECK_INTERVAL - value: {{ .Values.mon.healthCheckInterval }} -{{- end }} -{{- if .Values.mon.monOutTimeout }} - - name: ROOK_MON_OUT_TIMEOUT - value: {{ .Values.mon.monOutTimeout }} -{{- end }} -{{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} -{{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} -{{- end }} -{{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} -{{- end }} -{{- if .Values.rbacEnable }} - serviceAccountName: rook-ceph-system -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/psp.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/psp.yaml deleted file mode 100644 index 412b2437..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/psp.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.pspEnable }} -# PSP for rook-ceph-operator - -# Most of the teams follow the kubernetes docs and have these PSPs. -# * privileged (for kube-system namespace) -# * restricted (for all logged in users) -# -# If we name it as `rook-ceph-operator`, it comes next to `restricted` PSP alphabetically, -# and applies `restricted` capabilities to `rook-system`. Thats reason this is named with `00-rook-ceph-operator`, -# so it stays somewhere close to top and `rook-system` gets the intended PSP. -# -# More info on PSP ordering : https://kubernetes.io/docs/concepts/policy/pod-security-policy/#policy-order - -apiVersion: extensions/v1beta1 -kind: PodSecurityPolicy -metadata: - name: 00-rook-ceph-operator -spec: - fsGroup: - rule: RunAsAny - privileged: true - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - '*' - allowedCapabilities: - - '*' - hostPID: true - hostIPC: true - hostNetwork: true -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/resources.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/resources.yaml deleted file mode 100644 index e296663f..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/resources.yaml +++ /dev/null @@ -1,177 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cephclusters.ceph.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: ceph.rook.io - names: - kind: CephCluster - listKind: CephClusterList - plural: cephclusters - singular: cephcluster - scope: Namespaced - version: v1 - validation: - openAPIV3Schema: - properties: - spec: - properties: - cephVersion: - properties: - allowUnsupported: - type: boolean - image: - type: string - name: - pattern: ^(luminous|mimic|nautilus)$ - type: string - dashboard: - properties: - enabled: - type: boolean - urlPrefix: - type: string - port: - type: integer - minimum: 0 - maximum: 65535 - dataDirHostPath: - pattern: ^/(\S+) - type: string - mon: - properties: - allowMultiplePerNode: - type: boolean - count: - maximum: 9 - minimum: 1 - type: integer - required: - - count - network: - properties: - hostNetwork: - type: boolean - storage: - properties: - nodes: - items: {} - type: array - useAllDevices: {} - useAllNodes: - type: boolean - required: - - mon - additionalPrinterColumns: - - name: DataDirHostPath - type: string - description: Directory used on the K8s nodes - JSONPath: .spec.dataDirHostPath - - name: MonCount - type: string - description: Number of MONs - JSONPath: .spec.mon.count - - name: Age - type: date - JSONPath: .metadata.creationTimestamp - - name: State - type: string - description: Current State - JSONPath: .status.state ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cephfilesystems.ceph.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: ceph.rook.io - names: - kind: CephFilesystem - listKind: CephFilesystemList - plural: cephfilesystems - singular: cephfilesystem - scope: Namespaced - version: v1 - additionalPrinterColumns: - - name: MdsCount - type: string - description: Number of MDSs - JSONPath: .spec.metadataServer.activeCount - - name: Age - type: date - JSONPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cephobjectstores.ceph.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: ceph.rook.io - names: - kind: CephObjectStore - listKind: CephObjectStoreList - plural: cephobjectstores - singular: cephobjectstore - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cephobjectstoreusers.ceph.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: ceph.rook.io - names: - kind: CephObjectStoreUser - listKind: CephObjectStoreUserList - plural: cephobjectstoreusers - singular: cephobjectstoreuser - shortNames: - - rcou - - objectuser - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: cephblockpools.ceph.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: ceph.rook.io - names: - kind: CephBlockPool - listKind: CephBlockPoolList - plural: cephblockpools - singular: cephblockpool - scope: Namespaced - version: v1 ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: volumes.rook.io - annotations: - "helm.sh/hook": crd-install -spec: - group: rook.io - names: - kind: Volume - listKind: VolumeList - plural: volumes - singular: volume - shortNames: - - rv - scope: Namespaced - version: v1alpha2 ---- diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml deleted file mode 100644 index 45122d32..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/role.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.rbacEnable }} -# The role for the operator to manage resources in the system namespace -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: Role -metadata: - name: rook-ceph-system - labels: - operator: rook - storage-backend: ceph -rules: -- apiGroups: - - "" - resources: - - pods - - configmaps - verbs: - - get - - list - - watch - - patch - - create - - update - - delete -- apiGroups: - - extensions - resources: - - daemonsets - verbs: - - get - - list - - watch - - create - - update - - delete -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/rolebinding.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/rolebinding.yaml deleted file mode 100644 index 3ef5897f..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/rolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.rbacEnable }} -# Grant the operator, agent, and discovery agents access to resources in the rook-ceph-system namespace -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: rook-ceph-system - namespace: {{ .Release.Namespace }} - labels: - operator: rook - storage-backend: ceph -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: rook-ceph-system -subjects: -- kind: ServiceAccount - name: rook-ceph-system - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/serviceaccount.yaml b/vnfs/DAaaS/00-init/rook-ceph/templates/serviceaccount.yaml deleted file mode 100644 index 7b42de17..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/serviceaccount.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: rook-ceph-system - labels: - operator: rook - storage-backend: ceph - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/storageclass.yml b/vnfs/DAaaS/00-init/rook-ceph/templates/storageclass.yml deleted file mode 100644 index 38ddf5d7..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/storageclass.yml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: ceph.rook.io/v1 -kind: CephBlockPool -metadata: - name: replicapool - namespace: rook-ceph - annotations: - storageclass.kubernetes.io/is-default-class: "true" - "helm.sh/hook": post-install -spec: - failureDomain: host - replicated: - size: 1 ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: rook-ceph-block - annotations: - storageclass.kubernetes.io/is-default-class: "true" - "helm.sh/hook": post-install -provisioner: ceph.rook.io/block -parameters: - blockPool: replicapool - # The value of "clusterNamespace" MUST be the same as the one in which your rook cluster exist - clusterNamespace: rook-ceph - # Specify the filesystem type of the volume. If not specified, it will use `ext4`. - fstype: xfs -# Optional, default reclaimPolicy is "Delete". Other options are: "Retain", "Recycle" as documented in https://kubernetes.io/docs/concepts/storage/storage-classes/ \ No newline at end of file diff --git a/vnfs/DAaaS/00-init/rook-ceph/templates/tool-box.yml b/vnfs/DAaaS/00-init/rook-ceph/templates/tool-box.yml deleted file mode 100644 index 98bc3c98..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/templates/tool-box.yml +++ /dev/null @@ -1,62 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: rook-ceph-tools - namespace: rook-ceph - labels: - app: rook-ceph-tools - annotations: - "helm.sh/hook": "post-install" - "helm.sh/hook-weight": "10" -spec: - replicas: 1 - selector: - matchLabels: - app: rook-ceph-tools - template: - metadata: - labels: - app: rook-ceph-tools - spec: - dnsPolicy: ClusterFirstWithHostNet - containers: - - name: rook-ceph-tools - image: rook/ceph:v0.9.1 - command: ["/tini"] - args: ["-g", "--", "/usr/local/bin/toolbox.sh"] - imagePullPolicy: IfNotPresent - env: - - name: ROOK_ADMIN_SECRET - valueFrom: - secretKeyRef: - name: rook-ceph-mon - key: admin-secret - securityContext: - privileged: true - volumeMounts: - - mountPath: /dev - name: dev - - mountPath: /sys/bus - name: sysbus - - mountPath: /lib/modules - name: libmodules - - name: mon-endpoint-volume - mountPath: /etc/rook - # if hostNetwork: false, the "rbd map" command hangs, see https://github.com/rook/rook/issues/2021 - hostNetwork: true - volumes: - - name: dev - hostPath: - path: /dev - - name: sysbus - hostPath: - path: /sys/bus - - name: libmodules - hostPath: - path: /lib/modules - - name: mon-endpoint-volume - configMap: - name: rook-ceph-mon-endpoints - items: - - key: data - path: mon-endpoints diff --git a/vnfs/DAaaS/00-init/rook-ceph/values.yaml b/vnfs/DAaaS/00-init/rook-ceph/values.yaml deleted file mode 100644 index 7b4d07bd..00000000 --- a/vnfs/DAaaS/00-init/rook-ceph/values.yaml +++ /dev/null @@ -1,75 +0,0 @@ -# Default values for rook-ceph-operator -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -image: - prefix: rook - repository: rook/ceph - tag: v0.9.1 - pullPolicy: IfNotPresent - -hyperkube: - repository: k8s.gcr.io/hyperkube - tag: v1.7.12 - pullPolicy: IfNotPresent - -resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 100m - memory: 128Mi - -nodeSelector: -# Constraint rook-ceph-operator Deployment to nodes with label `disktype: ssd`. -# For more info, see https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -# disktype: ssd - -# Tolerations for the rook-ceph-operator to allow it to run on nodes with particular taints -tolerations: [] - -mon: - healthCheckInterval: "45s" - monOutTimeout: "300s" - -## Annotations to be added to pod -annotations: {} - -## LogLevel can be set to: TRACE, DEBUG, INFO, NOTICE, WARNING, ERROR or CRITICAL -logLevel: INFO - -## If true, create & use RBAC resources -## -rbacEnable: false - -## If true, create & use PSP resources -## -pspEnable: true - -## Rook Agent configuration -## toleration: NoSchedule, PreferNoSchedule or NoExecute -## tolerationKey: Set this to the specific key of the taint to tolerate -## flexVolumeDirPath: The path where the Rook agent discovers the flex volume plugins -## libModulesDirPath: The path where the Rook agent can find kernel modules -# agent: -# toleration: NoSchedule -# tolerationKey: key -# mountSecurityMode: Any -## For information on FlexVolume path, please refer to https://rook.io/docs/rook/master/flexvolume.html -# flexVolumeDirPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/ -# libModulesDirPath: /lib/modules -# mounts: mount1=/host/path:/container/path,/host/path2:/container/path2 -agent: - flexVolumeDirPath: /var/lib/kubelet/volumeplugins -## Rook Discover configuration -## toleration: NoSchedule, PreferNoSchedule or NoExecute -## tolerationKey: Set this to the specific key of the taint to tolerate -# discover: -# toleration: NoSchedule -# tolerationKey: key - -# In some situations SELinux relabelling breaks (times out) on large filesystems, and doesn't work with cephfs ReadWriteMany volumes (last relabel wins). -# Disable it here if you have similiar issues. -# For more details see https://github.com/rook/rook/issues/2417 -enableSelinuxRelabeling: true diff --git a/vnfs/DAaaS/GoApps/src/hdfs-writer/.gitignore b/vnfs/DAaaS/GoApps/src/hdfs-writer/.gitignore deleted file mode 100644 index ad4781d2..00000000 --- a/vnfs/DAaaS/GoApps/src/hdfs-writer/.gitignore +++ /dev/null @@ -1,40 +0,0 @@ -# Common -.DS_Store -.vscode -*-workspace -.tox/ -.*.swp -*.log -coverage.html -docs/build -.Makefile.bk - -# Directories -pkg -bin -target -src/github.com -src/golang.org -src/k8splugin/vendor -src/k8splugin/.vendor-new/ -src/k8splugin/kubeconfig/* -deployments/k8plugin - -# Binaries -*.so -src/k8splugin/csar/mock_plugins/*.so -src/k8splugin/plugins/**/*.so - -# Tests -*.test -*.out - -# KRD -.vagrant/ -kud/hosting_providers/vagrant/inventory/hosts.ini -kud/hosting_providers/vagrant/inventory/artifacts -kud/hosting_providers/vagrant/inventory/group_vars/all.yml -kud/hosting_providers/vagrant/config/pdf.yml -kud/hosting_providers/vagrant/sources.list -*.retry -*.vdi \ No newline at end of file diff --git a/vnfs/DAaaS/GoApps/src/hdfs-writer/Makefile b/vnfs/DAaaS/GoApps/src/hdfs-writer/Makefile deleted file mode 100644 index e3f21405..00000000 --- a/vnfs/DAaaS/GoApps/src/hdfs-writer/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2019 Intel Corporation -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - - -GOPATH := $(shell realpath "$(PWD)/../../") -#export GOPATH=/Users/rajamoha/projects/demo/vnfs/DAaaS/GoApps -export GOPATH ... -export GO111MODULE=on - - - -all: - echo $$GOPATH - GOOS=linux GOARCH=amd64 - @go build -tags netgo -o ./bin/hdfs-writer ./cmd/main.go - -build: - echo $$GOPATH - GOOS=linux GOARCH=amd64 - @go build -tags netgo -o ./bin/hdfs-writer ./cmd/main.go - -.PHONY: format -format: - @go fmt ./... - -.PHONY: clean -clean: - @find . -name "*so" -delete - @rm -f ./bin/hdfs-writer diff --git a/vnfs/DAaaS/GoApps/src/hdfs-writer/README.md b/vnfs/DAaaS/GoApps/src/hdfs-writer/README.md deleted file mode 100644 index 453b842d..00000000 --- a/vnfs/DAaaS/GoApps/src/hdfs-writer/README.md +++ /dev/null @@ -1,14 +0,0 @@ - - -# HDFS-writer - -Read a topic in kafka and write into HDFS directory. \ No newline at end of file diff --git a/vnfs/DAaaS/GoApps/src/hdfs-writer/cmd/main.go b/vnfs/DAaaS/GoApps/src/hdfs-writer/cmd/main.go deleted file mode 100644 index 11350f0b..00000000 --- a/vnfs/DAaaS/GoApps/src/hdfs-writer/cmd/main.go +++ /dev/null @@ -1,25 +0,0 @@ -package main - -import ( - "os" - "fmt" - "log" - "github.com/colinmarc/hdfs/v2" -) - -func main() { - log.Println("Starting the HDFS writer") - localSourceFile := os.Args[1] - hdfsDestination := os.Args[2] - - log.Println("localSourceFile:: "+localSourceFile) - log.Println("hdfsDestination:: "+hdfsDestination) - - client, _ := hdfs.New("hdfs://hdfs-1-namenode-1.hdfs-1-namenode.hdfs1.svc.cluster.local:8020") - file, _ := client.Open("/kafka.txt") - - buf := make([]byte, 59) - file.ReadAt(buf, 48847) - fmt.Println(string(buf)) - -} diff --git a/vnfs/DAaaS/GoApps/src/hdfs-writer/go.mod b/vnfs/DAaaS/GoApps/src/hdfs-writer/go.mod deleted file mode 100644 index b2855127..00000000 --- a/vnfs/DAaaS/GoApps/src/hdfs-writer/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module hdfs-writer - -require github.com/colinmarc/hdfs/v2 v2.0.0 // indirect diff --git a/vnfs/DAaaS/README.md b/vnfs/DAaaS/README.md index b0838d54..2b3c0d6a 100644 --- a/vnfs/DAaaS/README.md +++ b/vnfs/DAaaS/README.md @@ -10,7 +10,7 @@ #### Download Framework ```bash git clone https://github.com/onap/demo.git -DA_WORKING_DIR=$PWD/demo/vnfs/DAaaS +DA_WORKING_DIR=$PWD/demo/vnfs/DAaaS/deploy cd $DA_WORKING_DIR ``` diff --git a/vnfs/DAaaS/applications/Chart.yaml b/vnfs/DAaaS/applications/Chart.yaml deleted file mode 100644 index 803e19aa..00000000 --- a/vnfs/DAaaS/applications/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ - apiVersion: v1 - appVersion: "1.0" - description: Helm chart for sample applications that use the components that the training-core framework deploys. - name: sample-applications - version: 0.1.0 diff --git a/vnfs/DAaaS/applications/m3db_promql/promql_api/README.md b/vnfs/DAaaS/applications/m3db_promql/promql_api/README.md deleted file mode 100644 index 4493af22..00000000 --- a/vnfs/DAaaS/applications/m3db_promql/promql_api/README.md +++ /dev/null @@ -1,50 +0,0 @@ -## What does this API do ? -This api as of now provides a function which takes in a lits of 'LABELS' of prometheus -and returns the corresponding result_sets in a list. - -For eg: -If the labels is - -``` -LABELS = ['irate(collectd_cpufreq{exported_instance="otconap7",cpufreq="1"}[2m])'] -``` - -The return is: - -``` -[{'metric': {'cpufreq': '1', - 'endpoint': 'collectd-prometheus', - 'exported_instance': 'otconap7', - 'instance': '172.25.103.1:9103', - 'job': 'collectd', - 'namespace': 'edge1', - 'pod': 'plundering-liger-collectd-wz7xg', - 'service': 'collectd'}, - 'value': [1559177169.415, '119727200']}] -``` - -## How to use this API ? - -``` -1. Copy the directory 'promql_api' to your working directory. -``` - -``` -2. Import the API function: query_m3db -from promql_api.prom_ql_api import query_m3db -``` - -``` -3. have a global or local variable as 'LABELS' -LABELS = ['irate(collectd_cpufreq{exported_instance="otconap7",cpufreq="1"}[2m])'] -``` - -``` -4. Store the result set in a list: -list_of_result_sets = query_m3db(LABELS) -``` - -## How to troubleshoot ? - -* Check the sample file - sample_promql_query.py in the repo. -* Make sure the file __init__.py is present in promql_api directory after you copy the directory. diff --git a/vnfs/DAaaS/applications/m3db_promql/promql_api/__init__.py b/vnfs/DAaaS/applications/m3db_promql/promql_api/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/vnfs/DAaaS/applications/m3db_promql/promql_api/prom_ql_api.py b/vnfs/DAaaS/applications/m3db_promql/promql_api/prom_ql_api.py deleted file mode 100644 index 2bc102c4..00000000 --- a/vnfs/DAaaS/applications/m3db_promql/promql_api/prom_ql_api.py +++ /dev/null @@ -1,83 +0,0 @@ -from __future__ import print_function -from os import environ -import logging -import sysconfig -import requests -from requests.exceptions import HTTPError - - -#LABELS = [ 'irate(http_requests_total{code="200"}[1m])', 'collectd_cpu_percent{job="collectd", exported_instance="an11-31"}[1m]' ] -#LABELS = ['irate(collectd_cpufreq{exported_instance="otconap7",cpufreq="1"}[2m])', 'go_info'] -API_VERSION = '/api/v1/query' -LIST_OF_ENV_VARIABLES = ["PROMETHEUS_SERVER_URL"] -MAP_ENV_VARIABLES = dict() -#MAP_ENV_VARIABLES['PROMETHEUS_SERVER_URL']='http://172.25.103.1:30090' #to be deleted -LOG = logging.getLogger(__name__) - -def set_log_config(): - logging.basicConfig(format='%(asctime)s ::%(filename)s :: %(funcName)s :: %(levelname)s :: %(message)s', - datefmt='%m-%d-%Y %I:%M:%S%p', - level=logging.DEBUG, - filename='promql_api.log', - filemode='w') - LOG.info("Set the log configs.") - - -def load_and_validate_env_vars(list_of_env_vars): - LOG.info("Loading the env variables ...") - for env_var in list_of_env_vars: - if env_var in environ: - LOG.info("Found env variable: {} ".format(env_var.upper())) - MAP_ENV_VARIABLES[env_var.upper()] = environ.get(env_var) - else: - #MAP_ENV_VARIABLES['PROMETHEUS_SERVER_URL']='http://172.25.103.1:30090' # to be deleted - LOG.error("Env var: {} not found ! ".format(env_var.upper())) - raise KeyError("Env variable: {} not found ! ".format(env_var.upper())) - - -def query_m3db(LABELS): - """ - Input parameters: - LABELS : a list of the LABELS - Return: - returns a list of result sets of different labels - """ - - LOG.info("Forming the get request ...") - list_of_substrings = [] - params_map = {} - list_of_result_sets = [] - list_of_substrings.append(MAP_ENV_VARIABLES['PROMETHEUS_SERVER_URL']) - list_of_substrings.append(API_VERSION) - url = ''.join(list_of_substrings) - - for each_label in LABELS: - params_map['query'] = each_label - try: - LOG.info('API request::: URL: {} '.format(url)) - LOG.info('API request::: params: {} '.format(params_map)) - response = requests.get(url, params=params_map) - response.raise_for_status() - except HTTPError as http_err: - print(f'HTTP error occurred: {http_err}') - return None - except Exception as err: - print(f'Other error occurred: {err}') - return None - else: - - results = response.json()['data']['result'] - LOG.info('::::::::::RESULTS::::::::::::: {}'.format(each_label)) - for each_result in results: - LOG.info(each_result) - list_of_result_sets.append(results) - return list_of_result_sets - - -# def main(): -# set_log_config() -# load_and_validate_env_vars(LIST_OF_ENV_VARIABLES) -# query_m3db(LABELS) - -# if __name__ == "__main__": -# main() \ No newline at end of file diff --git a/vnfs/DAaaS/applications/m3db_promql/sample_promql_query.py b/vnfs/DAaaS/applications/m3db_promql/sample_promql_query.py deleted file mode 100644 index ef360809..00000000 --- a/vnfs/DAaaS/applications/m3db_promql/sample_promql_query.py +++ /dev/null @@ -1,12 +0,0 @@ -from promql_api.prom_ql_api import query_m3db -import pprint - -LABELS = ['irate(collectd_cpufreq{exported_instance="otconap7",cpufreq="1"}[2m])'] - -def main(): - list_of_result_sets = query_m3db(LABELS) - for each_result in list_of_result_sets: - pprint.pprint(each_result) - -if __name__ == "__main__": - main() \ No newline at end of file diff --git a/vnfs/DAaaS/applications/sample-horovod-app/Chart.yaml b/vnfs/DAaaS/applications/sample-horovod-app/Chart.yaml deleted file mode 100644 index 3ce06e28..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: "A sample horovod application which runs the MNIST application using Tensorflow as backend" -name: sample-horovod-app-keras-mnist-advanced -version: 0.1.0 diff --git a/vnfs/DAaaS/applications/sample-horovod-app/Dockerfile b/vnfs/DAaaS/applications/sample-horovod-app/Dockerfile deleted file mode 100644 index 5b8f5636..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/Dockerfile +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright (c) 2019 Intel Corporation -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Ported kubernetes spark image to Ubuntu - -FROM ubuntu:18.04 - -# Install jdk -RUN apt update -yqq -RUN apt install -y locales openjdk-8-jdk && rm -rf /var/lib/apt/lists/* \ - && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 - -# Install all the essentials -RUN apt-get update --fix-missing && \ - apt-get install -y numactl wget curl bzip2 nmap vim ca-certificates libglib2.0-0 libxext6 libsm6 libxrender1 \ - git mercurial subversion build-essential openssh-server openssh-client net-tools && \ - mkdir -p /var/run/sshd && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -ENV LANG en_US.utf8 -ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64 -ENV PATH $JAVA_HOME/bin:$PATH -ENV PATH /opt/conda/bin:/opt/spark/bin:$PATH -ENV OPENMPI_VERSION 3.1 - -# Install openMPI -RUN mkdir /tmp/openmpi && \ - cd /tmp/openmpi && \ - wget --quiet https://www.open-mpi.org/software/ompi/v${OPENMPI_VERSION}/downloads/openmpi-${OPENMPI_VERSION}.2.tar.gz -O openmpi.tar.gz && \ - tar zxf openmpi.tar.gz && \ - cd openmpi-3.1.2 && \ - ./configure --enable-orterun-prefix-by-default && \ - make -j $(nproc) all && \ - make install && \ - ldconfig && \ - rm -rf /tmp/openmpi - -# Install miniconda -RUN wget --quiet https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O ~/miniconda.sh && \ - /bin/bash ~/miniconda.sh -b -p /opt/conda && \ - rm ~/miniconda.sh && \ - ln -s /opt/conda/etc/profile.d/conda.sh /etc/profile.d/conda.sh && \ - echo ". /opt/conda/etc/profile.d/conda.sh" >> ~/.bashrc && \ - echo "conda activate base" >> ~/.bashrc - -# Install tf & keras using conda in the virtual_environment:tf_env -SHELL ["/bin/bash", "-c"] -RUN conda update -n base -c defaults conda && \ - conda create -n tf_env -RUN conda install -n tf_env -y -c anaconda \ - pip tensorflow keras nltk pyarrow -RUN conda install -n tf_env -y -c anaconda h5py - -RUN conda install -n tf_env -y -c pytorch pytorch-cpu -RUN conda install -n tf_env -y -c conda-forge matplotlib - -RUN echo "conda activate tf_env" >> ~/.bashrc && \ - conda install -n tf_env -y -c conda-forge clangdev - -RUN source ~/.bashrc -RUN HOROVOD_WITH_TENSORFLOW=1 /opt/conda/envs/tf_env/bin/pip install --no-cache-dir horovod - -# openMPI sane defaults: -RUN echo "hwloc_base_binding_policy = none" >> /usr/local/etc/openmpi-mca-params.conf && \ - echo "rmaps_base_mapping_policy = slot" >> /usr/local/etc/openmpi-mca-params.conf && \ - echo "btl_tcp_if_exclude = lo,docker0" >> /usr/local/etc/openmpi-mca-params.conf - -# Allow OpenSSH to talk to containers without asking for confirmation -RUN cat /etc/ssh/ssh_config | grep -v StrictHostKeyChecking > /etc/ssh/ssh_config.new && \ - echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config.new && \ - mv /etc/ssh/ssh_config.new /etc/ssh/ssh_config - -# Install tini -RUN apt-get install -y curl grep sed dpkg && \ - TINI_VERSION=`curl https://github.com/krallin/tini/releases/latest | grep -o "/v.*\"" | sed 's:^..\(.*\).$:\1:'` && echo ${TINI_VERSION} && \ - curl -L "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini_${TINI_VERSION}.deb" > tini.deb && \ - dpkg -i tini.deb && \ - rm tini.deb && \ - apt clean - -# This is needed to match the original entrypoint.sh file. -RUN cp /usr/bin/tini /sbin - -# Begin: Installing spark -ARG spark_jars=jars -ARG img_path=kubernetes/dockerfiles -ARG k8s_tests=kubernetes/tests - -# Before building the docker image, first build and make a Spark distribution following -# the instructions in http://spark.apache.org/docs/latest/building-spark.html. -# If this docker file is being used in the context of building your images from a Spark -# distribution, the docker build command should be invoked from the top level directory -# of the Spark distribution. E.g.: -# docker build -t spark:latest -f kubernetes/dockerfiles/spark/ubuntu18.04/Dockerfile . - -RUN mkdir -p /opt/spark && \ - mkdir -p /opt/spark/work-dir && \ - touch /opt/spark/RELEASE && \ - rm /bin/sh && \ - ln -sv /bin/bash /bin/sh && \ - echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su && \ - chgrp root /etc/passwd && chmod ug+rw /etc/passwd - - -COPY ${spark_jars} /opt/spark/jars -COPY bin /opt/spark/bin -COPY sbin /opt/spark/sbin -COPY ${img_path}/spark/entrypoint.sh /opt/ - -COPY ${k8s_tests} /opt/spark/tests -COPY data /opt/spark/data -ENV SPARK_HOME /opt/spark - -RUN mkdir /opt/spark/python -COPY python/pyspark /opt/spark/python/pyspark -COPY python/lib /opt/spark/python/lib -ENV PYTHONPATH /opt/spark/python/lib/pyspark.zip:/opt/spark/python/lib/py4j-*.zip -ENV PATH /opt/conda/envs/tf_env/bin:$PATH - -RUN echo "export PATH=/opt/conda/envs/tf_env/bin:$PATH" >> ~/.bashrc -# echo "activate tf_env\n" >> ~/.bashrc -RUN pip install petastorm -COPY examples /opt/spark/examples -WORKDIR /opt/spark/work-dir - -ENTRYPOINT [ "/opt/entrypoint.sh" ] - -# End: Installing spark diff --git a/vnfs/DAaaS/applications/sample-horovod-app/README.md b/vnfs/DAaaS/applications/sample-horovod-app/README.md deleted file mode 100644 index 08e7691f..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/README.md +++ /dev/null @@ -1,162 +0,0 @@ -# Horovod - -[Horovod](https://eng.uber.com/horovod/) is a distributed training framework for TensorFlow, and it's provided by UBER. The goal of Horovod is to make distributed Deep Learning fast and easy to use. And it provides [Horovod in Docker](https://github.com/uber/horovod/blob/master/docs/docker.md) to streamline the installation process. - -## Introduction - -This chart bootstraps Horovod which is a Distributed TensorFlow Framework on a Kubernetes cluster using the Helm Package Manager. It deploys Horovod workers as statefulsets, and the Horovod master as a job, then discover the host list automatically. - -## Prerequisites - -- Kubernetes cluster v1.8+ - -## Build Docker Image - -You can use the dockerfile image provided along with this package. The benefit of this dockerfile is it contains many additional packages that the data science engineers usually require like spark, tensorflow, pytorch, matplotlib, nltk, -keras, h5py, pyarrow. - -Before building the docker image, first build and make a Spark distribution following the instructions in http://spark.apache.org/docs/latest/building-spark.html -If this docker file is being used in the context of building your images from a Spark distribution, the docker build command should be invoked from the top level directory of the Spark distribution. E.g.: - -``` -docker build -t spark:latest -f kubernetes/dockerfiles/spark/ubuntu18.04/Dockerfile . -``` - -Once you build the spark image, go inside the spark package and place the file "keras_mnist_advanced_modified.py" in the dirctory: examples/src/main/python/tensorflow/. Create the 'tensorflow' directory if it doesnt exists. -We do this because we the file keras_mnist_advanced_modified.py is optimized for CPU running and we want this file to be automatically present in the final docker image that we build. - -``` -docker build -t spark-tf-keras-horovod-pytorch:latest -f kubernetes/dockerfiles/spark/ubuntu18.04/Dockerfile . -``` - -## Prepare ssh keys - -``` -# Setup ssh key -export SSH_KEY_DIR=`mktemp -d` -cd $SSH_KEY_DIR -yes | ssh-keygen -N "" -f id_rsa -``` - -## Create the values.yaml - -To run Horovod with GPU, you can create `values.yaml` like below - -``` -# cat << EOF > ~/values.yaml ---- -ssh: - useSecrets: true - hostKey: |- -$(cat $SSH_KEY_DIR/id_rsa | sed 's/^/ /g') - - hostKeyPub: |- -$(cat $SSH_KEY_DIR/id_rsa.pub | sed 's/^/ /g') - -worker: - number: 2 - image: - repository: uber/horovod - tag: 0.12.1-tf1.8.0-py3.5 -master: - image: - repository: uber/horovod - tag: 0.12.1-tf1.8.0-py3.5 - args: - - "mpirun -np 3 --hostfile /horovod/generated/hostfile --mca orte_keep_fqdn_hostnames t --allow-run-as-root --display-map --tag-output --timestamp-output sh -c '/opt/conda/envs/tf_env/bin/python /opt/spark/examples/src/main/python/tensorflow/keras_mnist_advanced_modified.py'" -EOF -``` - -For most cases, the overlay network impacts the Horovod performance greatly, so we should apply `Host Network` solution. To run Horovod with Host Network and GPU, you can create `values.yaml` like below - - -``` -# cat << EOF > ~/values.yaml ---- -useHostNetwork: true - -ssh: - useSecrets: true - port: 32222 - hostKey: |- -$(cat $SSH_KEY_DIR/id_rsa | sed 's/^/ /g') - - hostKeyPub: |- -$(cat $SSH_KEY_DIR/id_rsa.pub | sed 's/^/ /g') - - -worker: - number: 2 - image: - repository: uber/horovod - tag: 0.12.1-tf1.8.0-py3.5 -master: - image: - repository: uber/horovod - tag: 0.12.1-tf1.8.0-py3.5 - args: - - "mpirun -np 3 --hostfile /horovod/generated/hostfile --mca orte_keep_fqdn_hostnames t --allow-run-as-root --display-map --tag-output --timestamp-output sh -c '/opt/conda/envs/tf_env/bin/python /opt/spark/examples/src/main/python/tensorflow/keras_mnist_advanced_modified.py'" -EOF -``` - -``` -NOTE: A sample values.yaml is provided for reference. After adding the above changes, we should have a values.yml similar to that. -``` - -> notice: the difference is that you should set `useHostNetwork` as true, then set another ssh port rather than `22` - -## Installing the Chart - -To install the chart with the release name `mnist`: - -```bash -$ helm install --values ~/values.yaml --name mnist stable/horovod -``` - -## Uninstalling the Chart - -To uninstall/delete the `mnist` deployment: - -```bash -$ helm delete mnist -``` - -The command removes all the Kubernetes components associated with the chart and -deletes the release. - -## Upgrading an existing Release to a new major version -A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an -incompatible breaking change needing manual actions. - -### 1.0.0 -This version removes the `chart` label from the `spec.selector.matchLabels` -which is immutable since `StatefulSet apps/v1beta2`. It has been inadvertently -added, causing any subsequent upgrade to fail. See https://github.com/helm/charts/issues/7726. - -In order to upgrade, delete the Horovod StatefulSet before upgrading, supposing your Release is named `my-release`: - -```bash -$ kubectl delete statefulsets.apps --cascade=false my-release -``` - -## Configuration - -The following table lists the configurable parameters of the Horovod -chart and their default values. - -| Parameter | Description | Default | -|-----------|-------------|---------| -| `useHostNetwork` | Host network | `false` | -| `ssh.port` | The ssh port | `22` | -| `ssh.useSecrets` | Determine if using the secrets for ssh | `false` | -| `worker.number`| The worker's number | `5` | -| `worker.image.repository` | horovod worker image | `uber/horovod` | -| `worker.image.pullPolicy` | `pullPolicy` for the worker | `IfNotPresent` | -| `worker.image.tag` | `tag` for the worker | `0.12.1-tf1.8.0-py3.5` | -| `resources`| pod resource requests & limits| `{}`| -| `worker.env` | worker's environment variables | `{}` | -| `master.image.repository` | horovod master image | `uber/horovod` | -| `master.image.tag` | `tag` for the master | `0.12.1-tf1.8.0-py3.5` | -| `master.image.pullPolicy` | image pullPolicy for the master image| `IfNotPresent` | -| `master.args` | master's args | `{}` | -| `master.env` | master's environment variables | `{}` | diff --git a/vnfs/DAaaS/applications/sample-horovod-app/keras_mnist_advanced_modified.py b/vnfs/DAaaS/applications/sample-horovod-app/keras_mnist_advanced_modified.py deleted file mode 100644 index fa39cb6a..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/keras_mnist_advanced_modified.py +++ /dev/null @@ -1,169 +0,0 @@ -from __future__ import print_function -import keras -import os -from tensorflow.keras.datasets import mnist -from tensorflow.keras.models import Sequential -from tensorflow.keras.layers import Dense, Dropout, Flatten -from tensorflow.keras.layers import Conv2D, MaxPooling2D -from tensorflow.keras.preprocessing.image import ImageDataGenerator -from tensorflow.keras import backend as K -from tensorflow_estimator.python.estimator.export import export as export_helpers -from tensorflow.python.saved_model import builder as saved_model_builder -from tensorflow.python.saved_model import tag_constants, signature_constants -from tensorflow.python.saved_model.signature_def_utils_impl import predict_signature_def -import tensorflow as tf -import horovod.tensorflow.keras as hvd - - -# Horovod: initialize Horovod. -hvd.init() - -# Horovod: pin GPU to be used to process local rank (one GPU per process) -config = tf.ConfigProto() -#config.gpu_options.allow_growth = True -#config.gpu_options.visible_device_list = str(hvd.local_rank()) -K.set_session(tf.Session(config=config)) - -batch_size = 128 -num_classes = 10 - -# Enough epochs to demonstrate learning rate warmup and the reduction of -# learning rate when training plateaues. -epochs = 24 - -# Input image dimensions -img_rows, img_cols = 28, 28 - -# The data, shuffled and split between train and test sets -(x_train, y_train), (x_test, y_test) = mnist.load_data() - -# Determine how many batches are there in train and test sets -train_batches = len(x_train) // batch_size -test_batches = len(x_test) // batch_size - -if K.image_data_format() == 'channels_first': - x_train = x_train.reshape(x_train.shape[0], 1, img_rows, img_cols) - x_test = x_test.reshape(x_test.shape[0], 1, img_rows, img_cols) - input_shape = (1, img_rows, img_cols) -else: - x_train = x_train.reshape(x_train.shape[0], img_rows, img_cols, 1) - x_test = x_test.reshape(x_test.shape[0], img_rows, img_cols, 1) - input_shape = (img_rows, img_cols, 1) - -x_train = x_train.astype('float32') -x_test = x_test.astype('float32') -x_train /= 255 -x_test /= 255 -print('x_train shape:', x_train.shape) -print(x_train.shape[0], 'train samples') -print(x_test.shape[0], 'test samples') - -# Convert class vectors to binary class matrices -y_train = tf.keras.utils.to_categorical(y_train, num_classes) -y_test = tf.keras.utils.to_categorical(y_test, num_classes) - -model = Sequential() -model.add(Conv2D(32, kernel_size=(3, 3), - activation='relu', - input_shape=input_shape)) -model.add(Conv2D(64, (3, 3), activation='relu')) -model.add(MaxPooling2D(pool_size=(2, 2))) -model.add(Dropout(0.25)) -model.add(Flatten()) -model.add(Dense(128, activation='relu')) -model.add(Dropout(0.5)) -model.add(Dense(num_classes, activation='softmax')) - -# Horovod: adjust learning rate based on number of GPUs. -opt = tf.keras.optimizers.Adadelta(lr=1.0 * hvd.size()) - -# Horovod: add Horovod Distributed Optimizer. -opt = hvd.DistributedOptimizer(opt) - -model.compile(loss=tf.keras.losses.categorical_crossentropy, - optimizer=opt, - metrics=['accuracy']) - -callbacks = [ - # Horovod: broadcast initial variable states from rank 0 to all other processes. - # This is necessary to ensure consistent initialization of all workers when - # training is started with random weights or restored from a checkpoint. - hvd.callbacks.BroadcastGlobalVariablesCallback(0), - - # Horovod: average metrics among workers at the end of every epoch. - # - # Note: This callback must be in the list before the ReduceLROnPlateau, - # TensorBoard or other metrics-based callbacks. - hvd.callbacks.MetricAverageCallback(), - - # Horovod: using `lr = 1.0 * hvd.size()` from the very beginning leads to worse final - # accuracy. Scale the learning rate `lr = 1.0` ---> `lr = 1.0 * hvd.size()` during - # the first five epochs. See https://arxiv.org/abs/1706.02677 for details. - hvd.callbacks.LearningRateWarmupCallback(warmup_epochs=5, verbose=1), - - # Reduce the learning rate if training plateaues. - tf.keras.callbacks.ReduceLROnPlateau(patience=10, verbose=1), -] - -# Horovod: save checkpoints only on worker 0 to prevent other workers from corrupting them. -if hvd.rank() == 0: - callbacks.append(tf.keras.callbacks.ModelCheckpoint( - './checkpoint-{epoch}.h5')) - -# Set up ImageDataGenerators to do data augmentation for the training images. -train_gen = ImageDataGenerator(rotation_range=8, width_shift_range=0.08, shear_range=0.3, - height_shift_range=0.08, zoom_range=0.08) -test_gen = ImageDataGenerator() - -# Train the model. -# Horovod: the training will randomly sample 1 / N batches of training data and -# 3 / N batches of validation data on every worker, where N is the number of workers. -# Over-sampling of validation data helps to increase probability that every validation -# example will be evaluated. -model.fit_generator(train_gen.flow(x_train, y_train, batch_size=batch_size), - steps_per_epoch=train_batches // hvd.size(), - callbacks=callbacks, - epochs=epochs, - verbose=1, - validation_data=test_gen.flow( - x_test, y_test, batch_size=batch_size), - validation_steps=3 * test_batches // hvd.size()) - -# Evaluate the model on the full data set. -score = model.evaluate(x_test, y_test, verbose=0) -print('Test loss:', score[0]) -print('Test accuracy:', score[1]) - -# Save Model to Minio -if hvd.rank() == 0: - print('Model Summary') - model.summary() - print('Exporting trained model to Minio Model Repo') - base_path = os.environ['MODEL_BASE_PATH'] - - # Option 1(Preferred) - Using Keras api and Tensorflow v1.13 version - saved_model_path = tf.contrib.saved_model.save_keras_model(model, base_path) - print('Model Saved to {} Using new Keras API!!!'.format(saved_model_path)) - # Option 2 - Tensorflow v1.13+ Builder saved_model api. - # builder = saved_model_builder.SavedModelBuilder(base_path) - - # print(model.input) - # print(model.outputs) - - # signature = predict_signature_def(inputs={"inputs": model.input}, - # outputs={t.name:t for t in model.outputs}) - # print(signature) - # K.set_learning_phase(0) - # with K.get_session() as sess: - # builder.add_meta_graph_and_variables(sess=sess, - # tags=[tag_constants.SERVING], - # signature_def_map={'predict': signature}) - # builder.save() - # print('Model Saved to S3 Using Builder!!!') - - # Option 3 - Tensorflow v1.13 Will be deprecated in Tensorflow v2 - # tf.saved_model.simple_save( - # keras.backend.get_session(), - # export_path, - # inputs={'input_image': model.input}, - # outputs={t.name: t for t in model.outputs}) diff --git a/vnfs/DAaaS/applications/sample-horovod-app/sample_values.yaml b/vnfs/DAaaS/applications/sample-horovod-app/sample_values.yaml deleted file mode 100644 index 7030dd24..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/sample_values.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -#useHostNetwork: true - -ssh: - useSecrets: true - port: 22 - hostKey: |- - -----BEGIN RSA PRIVATE KEY----- - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - ThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKeyThisIsPrivateKey - -----END RSA PRIVATE KEY----- - - hostKeyPub: |- - ssh-rsa ThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKey - ThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKey - ThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKey - ThisIsPublicKeyThisIsPublicKeyThisIsPublicKeyThisIsPublicKey user@openSource - -resources: {} - -worker: - number: 2 - image: - repository: spark-tf-keras-horovod-pytorch - tag: latest - pullPolicy: Never -master: - image: - repository: spark-tf-keras-horovod-pytorch - tag: latest - pullPolicy: Never - args: - - "mpirun -np 3 --hostfile /horovod/generated/hostfile --mca orte_keep_fqdn_hostnames t --allow-run-as-root --display-map --tag-output --timestamp-output sh -c '/opt/conda/envs/tf_env/bin/python /opt/spark/examples/src/main/python/tensorflow/keras_mnist_advanced_modified.py'" - -## Model repository information (Minio) -minio: - existingSecret: "" - accessKey: "onapdaas" - secretKey: "onapsecretdaas" - environment: - AWS_REGION: "us-west-1" - S3_REGION: "us-west-1" - S3_ENDPOINT: "minio.edge1.svc.cluster.local:9000" - AWS_ENDPOINT_URL: "http://minio.edge1.svc.cluster.local:9000" - S3_USE_HTTPS: 0 - S3_VERIFY_SSL: 0 - AWS_LOG_LEVEL: 3 - TF_CPP_MIN_LOG_LEVEL: 3 - MODEL_NAME: "mnist" - MODEL_BASE_PATH: "s3://models/mnist/export/" diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/NOTES.txt b/vnfs/DAaaS/applications/sample-horovod-app/templates/NOTES.txt deleted file mode 100644 index 774555ae..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/NOTES.txt +++ /dev/null @@ -1,5 +0,0 @@ -1. Get the application URL by running these commands: - -*** NOTE: It may take a few minutes for the statefulset to be available - -*** you can watch the status of statefulset by running 'kubectl get sts --namespace {{ .Release.Namespace }} -w {{ template "horovod.fullname" . }}' *** \ No newline at end of file diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/_helpers.tpl b/vnfs/DAaaS/applications/sample-horovod-app/templates/_helpers.tpl deleted file mode 100644 index 02071c0f..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/_helpers.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "horovod.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "horovod.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "horovod.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/config.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/config.yaml deleted file mode 100644 index ae93c445..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/config.yaml +++ /dev/null @@ -1,130 +0,0 @@ -{{- $workerNum := .Values.worker.number -}} -{{- $name := include "horovod.fullname" . }} -{{- $slots := 1 }} -{{- if index .Values.resources "nvidia.com/gpu" }} -{{- $slots := index .Values.resources "nvidia.com/gpu" }} -{{- end }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "horovod.fullname" . }} - labels: - heritage: {{ .Release.Service | quote }} - release: {{ .Release.Name | quote }} - chart: {{ template "horovod.chart" . }} - app: {{ template "horovod.fullname" . }} -data: - hostfile.config: | - {{ $name }}-master slots={{ $slots }} - {{- range $i, $none := until (int $workerNum) }} - {{ $name }}-{{ $i }}.{{ $name }} slots={{ $slots }} - {{- end }} - ssh.readiness: | - #!/bin/bash - set -xev - ssh localhost ls - master.run: | - #!/bin/bash - set -x - sleep 5 - - mkdir -p /root/.ssh - rm -f /root/.ssh/config - touch /root/.ssh/config - - if [ "$USESECRETS" == "true" ];then - set +e - yes | cp /etc/secret-volume/id_rsa /root/.ssh/id_rsa - yes | cp /etc/secret-volume/authorized_keys /root/.ssh/authorized_keys - set -e - fi - - if [ -n "$SSHPORT" ]; then - echo "Port $SSHPORT" > /root/.ssh/config - sed -i "s/^Port.*/Port $SSHPORT /g" /etc/ssh/sshd_config - fi - echo "StrictHostKeyChecking no" >> /root/.ssh/config - /usr/sbin/sshd - - if [ $# -eq 0 ]; then - sleep infinity - else - bash -c "$*" - fi - sleep 300 - master.waitWorkerReady: | - #!/bin/bash - set -xev - function updateSSHPort() { - mkdir -p /root/.ssh - rm -f /root/.ssh/config - touch /root/.ssh/config - - if [ -n "$SSHPORT" ]; then - echo "Port $SSHPORT" > /root/.ssh/config - echo "StrictHostKeyChecking no" >> /root/.ssh/config - fi - } - - function runCheckSSH() { - if [[ "$USESECRETS" == "true" ]];then - set +e - yes | cp /etc/secret-volume/id_rsa /root/.ssh/id_rsa - yes | cp /etc/secret-volume/authorized_keys /root/.ssh/authorized_keys - set -e - fi - - for i in `cat $1 | awk '{print $(1)}'`;do - if [[ "$i" != *"master" ]];then - retry 30 ssh -o ConnectTimeout=2 -q $i exit - fi - done - } - - function retry() - { - local n=0;local try=$1 - local cmd="${@: 2}" - [[ $# -le 1 ]] && { - echo "Usage $0 "; - } - set +e - until [[ $n -ge $try ]] - do - $cmd && break || { - echo "Command Fail.." - ((n++)) - echo "retry $n :: [$cmd]" - sleep 1; - } - done - $cmd - if [ $? -ne 0 ]; then - exit 1 - fi - set -e - } - updateSSHPort - runCheckSSH $1 - worker.run: | - #!/bin/bash - set -x - - mkdir -p /root/.ssh - rm -f /root/.ssh/config - touch /root/.ssh/config - - if [[ "$USESECRETS" == "true" ]];then - set +e - yes | cp /etc/secret-volume/id_rsa /root/.ssh/id_rsa - yes | cp /etc/secret-volume/authorized_keys /root/.ssh/authorized_keys - set -e - fi - - if [ -n "$SSHPORT" ]; then - echo "Port $SSHPORT" > /root/.ssh/config - sed -i "s/^Port.*/Port $SSHPORT /g" /etc/ssh/sshd_config - fi - echo "StrictHostKeyChecking no" >> /root/.ssh/config - - /usr/sbin/sshd -D diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/job-service.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/job-service.yaml deleted file mode 100644 index e7b05c26..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/job-service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "horovod.fullname" . }}-master - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - clusterIP: None - ports: - - name: ssh - port: {{ .Values.ssh.port }} - targetPort: {{ .Values.ssh.port }} - selector: - app: {{ template "horovod.name" . }} - release: {{ .Release.Name }} - role: master diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/job.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/job.yaml deleted file mode 100644 index da42ded8..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/job.yaml +++ /dev/null @@ -1,140 +0,0 @@ ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ template "horovod.fullname" . }} - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - role: master -spec: - template: - metadata: - labels: - app: {{ template "horovod.name" . }} - release: {{ .Release.Name }} - role: master - spec: - {{- if .Values.useHostNetwork }} - hostNetwork: {{ .Values.useHostNetwork }} - dnsPolicy: ClusterFirstWithHostNet - {{- end }} - {{- if .Values.useHostPID }} - hostPID: {{ .Values.useHostPID }} - {{- end }} - restartPolicy: OnFailure - volumes: - - name: {{ template "horovod.fullname" . }}-cm - configMap: - name: {{ template "horovod.fullname" . }} - items: - - key: hostfile.config - path: hostfile - mode: 438 - - key: master.waitWorkerReady - path: waitWorkersReady.sh - mode: 365 - - key: master.run - path: run.sh - mode: 365 - {{- if .Values.ssh.useSecrets }} - - name: {{ template "horovod.fullname" . }}-secret - secret: - secretName: {{ template "horovod.fullname" . }} - defaultMode: 448 - items: - - key: host-key - path: id_rsa - - key: host-key-pub - path: authorized_keys - {{- end }} -{{- if .Values.volumes }} -{{ toYaml .Values.volumes | indent 6 }} -{{- end }} - containers: - - name: horovod-master - image: "{{ .Values.master.image.repository }}:{{ .Values.master.image.tag }}" - imagePullPolicy: {{ .Values.master.image.pullPolicy }} - env: - - name: SSHPORT - value: "{{ .Values.ssh.port }}" - {{- if .Values.ssh.useSecrets }} - - name: USESECRETS - value: "{{ .Values.ssh.useSecrets }}" - {{- end }} - {{- if .Values.master.env }} - {{- range $key, $value := .Values.master.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- end }} - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "horovod.fullname" . }}-minio{{ end }} - key: accesskey - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "horovod.fullname" . }}-minio{{ end }} - key: secretkey - {{- range $key, $val := .Values.minio.environment }} - - name: {{ $key }} - value: {{ $val | quote }} - {{- end}} -{{- if .Values.master.privileged }} - securityContext: - privileged: true -{{- end }} - ports: - - containerPort: {{ .Values.ssh.port }} - volumeMounts: - - name: {{ template "horovod.fullname" . }}-cm - mountPath: /horovod/generated - {{- if .Values.ssh.useSecrets }} - - name: {{ template "horovod.fullname" . }}-secret - readOnly: true - mountPath: "/etc/secret-volume" - {{- end }} -{{- if .Values.volumeMounts }} -{{ toYaml .Values.volumeMounts | indent 8 }} -{{- end }} - command: - - /horovod/generated/run.sh - args: -{{ toYaml .Values.master.args | indent 10 }} - resources: -{{ toYaml .Values.resources | indent 10 }} -{{- if .Values.ssh.useSecrets }} - initContainers: - - name: wait-workers - image: "{{ .Values.master.image.repository }}:{{ .Values.master.image.tag }}" - imagePullPolicy: {{ .Values.master.image.pullPolicy }} - env: - - name: SSHPORT - value: "{{ .Values.ssh.port }}" - {{- if .Values.ssh.useSecrets }} - - name: USESECRETS - value: "{{ .Values.ssh.useSecrets }}" - {{- end }} - {{- if .Values.master.env }} - {{- range $key, $value := .Values.master.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- end }} - command: - - /horovod/generated/waitWorkersReady.sh - args: - - /horovod/generated/hostfile - volumeMounts: - - name: {{ template "horovod.fullname" . }}-cm - mountPath: /horovod/generated - {{- if .Values.ssh.useSecrets }} - - name: {{ template "horovod.fullname" . }}-secret - readOnly: true - mountPath: "/etc/secret-volume" - {{- end }} -{{- end }} diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/minio-secrets.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/minio-secrets.yaml deleted file mode 100644 index c99abe67..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/minio-secrets.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{- if not .Values.minio.existingSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "horovod.fullname" . }}-minio - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - accesskey: {{ .Values.minio.accessKey | b64enc }} - secretkey: {{ .Values.minio.secretKey | b64enc }} -{{- end }} diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/secrets.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/secrets.yaml deleted file mode 100644 index c9853ed0..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/secrets.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.ssh.useSecrets }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "horovod.fullname" . }} - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - host-key: {{ .Values.ssh.hostKey | b64enc | quote }} - host-key-pub: {{ .Values.ssh.hostKeyPub | b64enc | quote }} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset-service.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset-service.yaml deleted file mode 100644 index d0216a86..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset-service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "horovod.fullname" . }} - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - clusterIP: None - ports: - - name: ssh - port: {{ .Values.ssh.port }} - targetPort: {{ .Values.ssh.port }} - selector: - app: {{ template "horovod.name" . }} - release: {{ .Release.Name }} - role: worker diff --git a/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset.yaml b/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset.yaml deleted file mode 100644 index 1d3f7577..00000000 --- a/vnfs/DAaaS/applications/sample-horovod-app/templates/statefulset.yaml +++ /dev/null @@ -1,115 +0,0 @@ -apiVersion: apps/v1beta2 -kind: StatefulSet -metadata: - name: {{ template "horovod.fullname" . }} - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - role: worker -spec: - selector: - matchLabels: - app: {{ template "horovod.name" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - role: worker - serviceName: {{ template "horovod.fullname" . }} - podManagementPolicy: {{ .Values.worker.podManagementPolicy }} - replicas: {{.Values.worker.number}} - template: - metadata: - labels: - app: {{ template "horovod.name" . }} - chart: {{ template "horovod.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - role: worker - spec: - selector: - matchLabels: - app: {{ template "horovod.name" . }} - release: {{ .Release.Name }} - role: worker - {{- if .Values.useHostNetwork }} - hostNetwork: {{ .Values.useHostNetwork }} - dnsPolicy: ClusterFirstWithHostNet - {{- end }} - {{- if .Values.useHostPID }} - hostPID: {{ .Values.useHostPID }} - {{- end }} - volumes: - - name: {{ template "horovod.fullname" . }}-cm - configMap: - name: {{ template "horovod.fullname" . }} - items: - - key: hostfile.config - path: hostfile - mode: 438 - - key: ssh.readiness - path: check.sh - mode: 365 - - key: worker.run - path: run.sh - mode: 365 - {{- if .Values.ssh.useSecrets }} - - name: {{ template "horovod.fullname" . }}-secret - secret: - secretName: {{ template "horovod.fullname" . }} - defaultMode: 448 - items: - - key: host-key - path: id_rsa - - key: host-key-pub - path: authorized_keys - {{- end }} -{{- if .Values.volumes }} -{{ toYaml .Values.volumes | indent 6 }} -{{- end }} - containers: - - name: worker - image: "{{ .Values.worker.image.repository }}:{{ .Values.worker.image.tag }}" - imagePullPolicy: {{ .Values.worker.image.pullPolicy }} - env: - - name: SSHPORT - value: "{{ .Values.ssh.port }}" - {{- if .Values.ssh.useSecrets }} - - name: USESECRETS - value: "{{ .Values.ssh.useSecrets }}" - {{- end }} - {{- if .Values.master.env }} - {{- range $key, $value := .Values.master.env }} - - name: "{{ $key }}" - value: "{{ $value }}" - {{- end }} - {{- end }} -{{- if .Values.worker.privileged }} - securityContext: - privileged: true -{{- end }} - ports: - - containerPort: {{ .Values.ssh.port }} - volumeMounts: - - name: {{ template "horovod.fullname" . }}-cm - mountPath: /horovod/generated - {{- if .Values.ssh.useSecrets }} - - name: {{ template "horovod.fullname" . }}-secret - readOnly: true - mountPath: "/etc/secret-volume" - {{- end }} -{{- if .Values.volumeMounts }} -{{ toYaml .Values.volumeMounts | indent 8 }} -{{- end }} - command: - - /horovod/generated/run.sh -{{- if .Values.ssh.useSecrets }} - readinessProbe: - exec: - command: - - /horovod/generated/check.sh - initialDelaySeconds: 1 - periodSeconds: 2 -{{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} diff --git a/vnfs/DAaaS/applications/sample-spark-app/.helmignore b/vnfs/DAaaS/applications/sample-spark-app/.helmignore deleted file mode 100644 index 50af0317..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/vnfs/DAaaS/applications/sample-spark-app/Chart.yaml b/vnfs/DAaaS/applications/sample-spark-app/Chart.yaml deleted file mode 100644 index 42ed0400..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: A sample spark application which finds the top users from the apache logs which is stored in the remote hdfs-k8s cluster -name: sample-spark-app-apache-log-analysis -version: 0.1.0 diff --git a/vnfs/DAaaS/applications/sample-spark-app/Dockerfile b/vnfs/DAaaS/applications/sample-spark-app/Dockerfile deleted file mode 100644 index cd42d4c7..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/Dockerfile +++ /dev/null @@ -1,133 +0,0 @@ -# Copyright (c) 2019 Intel Corporation -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Ported kubernetes spark image to Ubuntu - -FROM ubuntu:18.04 - -# Install jdk -RUN apt update -yqq -RUN apt install -y locales openjdk-8-jdk && rm -rf /var/lib/apt/lists/* \ - && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 - -# Install all the essentials -RUN apt-get update --fix-missing && \ - apt-get install -y numactl wget curl bzip2 ca-certificates libglib2.0-0 libxext6 libsm6 libxrender1 \ - git mercurial subversion build-essential openssh-server openssh-client net-tools && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -ENV LANG en_US.utf8 -ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64 -ENV PATH $JAVA_HOME/bin:$PATH -ENV PATH /opt/conda/bin:$PATH -ENV OPENMPI_VERSION 3.1 - -# Install openMPI -RUN mkdir /tmp/openmpi && \ - cd /tmp/openmpi && \ - wget --quiet https://www.open-mpi.org/software/ompi/v${OPENMPI_VERSION}/downloads/openmpi-${OPENMPI_VERSION}.2.tar.gz -O openmpi.tar.gz && \ - tar zxf openmpi.tar.gz && \ - cd openmpi-3.1.2 && \ - ./configure --enable-orterun-prefix-by-default && \ - make -j $(nproc) all && \ - make install && \ - ldconfig && \ - rm -rf /tmp/openmpi - -# Install miniconda -RUN wget --quiet https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O ~/miniconda.sh && \ - /bin/bash ~/miniconda.sh -b -p /opt/conda && \ - rm ~/miniconda.sh && \ - ln -s /opt/conda/etc/profile.d/conda.sh /etc/profile.d/conda.sh && \ - echo ". /opt/conda/etc/profile.d/conda.sh" >> ~/.bashrc && \ - echo "conda activate base" >> ~/.bashrc - -# Install tf & keras using conda in the virtual_environment:tf_env -SHELL ["/bin/bash", "-c"] -RUN conda update -n base -c defaults conda && \ - conda create -n tf_env -RUN conda install -n tf_env -y -c anaconda \ - pip tensorflow keras nltk - -RUN echo "conda activate tf_env" >> ~/.bashrc && \ - conda install -n tf_env -y -c conda-forge clangdev - -RUN source ~/.bashrc -RUN HOROVOD_WITH_TENSORFLOW=1 /opt/conda/envs/tf_env/bin/pip install --no-cache-dir horovod - -# openMPI sane defaults: -RUN echo "hwloc_base_binding_policy = none" >> /usr/local/etc/openmpi-mca-params.conf && \ - echo "rmaps_base_mapping_policy = slot" >> /usr/local/etc/openmpi-mca-params.conf && \ - echo "btl_tcp_if_exclude = lo,docker0" >> /usr/local/etc/openmpi-mca-params.conf - -# Allow OpenSSH to talk to containers without asking for confirmation -RUN cat /etc/ssh/ssh_config | grep -v StrictHostKeyChecking > /etc/ssh/ssh_config.new && \ - echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config.new && \ - mv /etc/ssh/ssh_config.new /etc/ssh/ssh_config - -# Install tini -RUN apt-get install -y curl grep sed dpkg && \ - TINI_VERSION=`curl https://github.com/krallin/tini/releases/latest | grep -o "/v.*\"" | sed 's:^..\(.*\).$:\1:'` && echo ${TINI_VERSION} && \ - curl -L "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini_${TINI_VERSION}.deb" > tini.deb && \ - dpkg -i tini.deb && \ - rm tini.deb && \ - apt clean - -# This is needed to match the original entrypoint.sh file. -RUN cp /usr/bin/tini /sbin - -# Begin: Installing spark -ARG spark_jars=jars -ARG img_path=kubernetes/dockerfiles -ARG k8s_tests=kubernetes/tests - -# Before building the docker image, first build and make a Spark distribution following -# the instructions in http://spark.apache.org/docs/latest/building-spark.html. -# If this docker file is being used in the context of building your images from a Spark -# distribution, the docker build command should be invoked from the top level directory -# of the Spark distribution. E.g.: -# docker build -t spark:latest -f kubernetes/dockerfiles/spark/ubuntu18.04/Dockerfile . - -RUN mkdir -p /opt/spark && \ - mkdir -p /opt/spark/work-dir && \ - touch /opt/spark/RELEASE && \ - rm /bin/sh && \ - ln -sv /bin/bash /bin/sh && \ - echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su && \ - chgrp root /etc/passwd && chmod ug+rw /etc/passwd - - -COPY ${spark_jars} /opt/spark/jars -COPY bin /opt/spark/bin -COPY sbin /opt/spark/sbin -COPY ${img_path}/spark/entrypoint.sh /opt/ -COPY examples /opt/spark/examples -COPY ${k8s_tests} /opt/spark/tests -COPY data /opt/spark/data -ENV SPARK_HOME /opt/spark - -RUN mkdir /opt/spark/python -COPY python/pyspark /opt/spark/python/pyspark -COPY python/lib /opt/spark/python/lib -ENV PYTHONPATH /opt/spark/python/lib/pyspark.zip:/opt/spark/python/lib/py4j-*.zip - -WORKDIR /opt/spark/work-dir - -ENTRYPOINT [ "/opt/entrypoint.sh" ] - -# End: Installing spark diff --git a/vnfs/DAaaS/applications/sample-spark-app/templates/SampleSparkApp.yaml b/vnfs/DAaaS/applications/sample-spark-app/templates/SampleSparkApp.yaml deleted file mode 100644 index f728f82e..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/templates/SampleSparkApp.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: "sparkoperator.k8s.io/v1beta1" -kind: SparkApplication -metadata: - name: {{ .Values.nameOfTheSparkApp }} - namespace: {{ .Release.Namespace }} -spec: - type: {{ .Values.programmingLanguageType }} - mode: {{ .Values.modeOfSparkApp | default "cluster" }} - image: {{ quote .Values.image }} - imagePullPolicy: {{ .Values.imagePullPolicy | default "IfNotPresent" }} - mainClass: {{ .Values.mainClassOfTheSparkApp }} - mainApplicationFile: {{ .Values.mainApplicationFileOfTheSparkApp }} - arguments: - {{- range .Values.argumentsOfTheSparkProgram }} - - {{ . }} - {{ end }} - hadoopConfigMap: {{ .Values.hadoopConfigMap }} - restartPolicy: - type: {{ .Values.restartPolicy | default "Never" }} - volumes: - - name: {{ quote .Values.volumesName | default "test-volume" }} - hostpath: - path: {{ quote .Values.hostpath | default "/tmp" }} - type: {{ .Values.hostpathType | default "Directory" }} - driver: - cores: {{ .Values.driverCores | default 0.1 }} - coreLimit: {{ quote .Values.driverCoreLimit | default "200m" }} - memory: {{ quote .Values.driverMemory | default "1024m" }} - labels: - version: 2.4.0 - serviceAccount: spark - volumeMounts: - - name: {{ quote .Values.driverVolumeMountsName | default "test-volume" }} - mountPath: {{ quote .Values.driverVolumeMountPath | default "/tmp" }} - executor: - cores: {{ .Values.executorCores | default 1 }} - instances: {{ .Values.executorInstances | default 1 }} - memory: {{ quote .Values.executorMemory | default "512m" }} - labels: - version: 2.4.0 - volumeMounts: - - name: {{ quote .Values.executorVolumeMountsName | default "test-volume" }} - mountPath: {{ quote .Values.executorVolumeMountPath | default "/tmp" }} diff --git a/vnfs/DAaaS/applications/sample-spark-app/templates/_helpers.tpl b/vnfs/DAaaS/applications/sample-spark-app/templates/_helpers.tpl deleted file mode 100644 index 6f51811d..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/templates/_helpers.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "sample-spark-app.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "sample-spark-app.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "sample-spark-app.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/vnfs/DAaaS/applications/sample-spark-app/values.yaml b/vnfs/DAaaS/applications/sample-spark-app/values.yaml deleted file mode 100644 index afb48d67..00000000 --- a/vnfs/DAaaS/applications/sample-spark-app/values.yaml +++ /dev/null @@ -1,57 +0,0 @@ -# Default values for sample-spark-app. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - - -#===========================KUBERNETES POD RELATED CONFIGs======================== -image: spark-tf-keras-horo:latest -imagePullPolicy: Never -restartPolicy: Never -volumesName: test-volume -hostpath: /tmp -hostpathType: Directory - - - -#============================SPARK APP RELATED CONFIGs============================= - -nameOfTheSparkApp: spark-apache-logs2 -# Python or Scala supported. -programmingLanguageType: Scala -modeOfSparkApp: cluster -mainClassOfTheSparkApp: ApacheLogAnalysis -# can be http path, s3 path, minio path -mainApplicationFileOfTheSparkApp: https://github.com/mohanraj1311/ApacheLogAnalysisJar/raw/master/analysisofapachelogs_2.11-0.1.jar -argumentsOfTheSparkProgram: - - hdfs://hdfs-1-namenode-1.hdfs-1-namenode.hdfs1.svc.cluster.local:8020/data/apache-logs - - - -#============================SPARK DRIVER RELATED CONFIGs========================= -driverCores: 0.1 -driverCoreLimit: 200m -driverMemory: 1024m -driverVolumeMountsName: test-volume -driverVolumeMountPath: /tmp - - - -#============================SPARK EXECUTOR RELATED CONFIGs======================= -executorCores: 1 -executorInstances: 1 -executorMemory: 512m -executorVolumeMountsName: test-volume -executorVolumeMountPath: /tmp - - - -#===========================HADOOP RELATED CONFIGs=============================== -# config map of the hdfs -hadoopConfigMap: hdfs-1-config - - -################################################################################### - - - - diff --git a/vnfs/DAaaS/applications/values.yaml b/vnfs/DAaaS/applications/values.yaml deleted file mode 100644 index fd98eb36..00000000 --- a/vnfs/DAaaS/applications/values.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright © 2019 Intel Corporation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 310 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# k8s Operator Day-0 configuration defaults. -################################################################# - diff --git a/vnfs/DAaaS/build/README.md b/vnfs/DAaaS/build/README.md new file mode 100644 index 00000000..d1eaa323 --- /dev/null +++ b/vnfs/DAaaS/build/README.md @@ -0,0 +1 @@ +This folder consists of Dockerfiles and build scripts. diff --git a/vnfs/DAaaS/collectd-operator/.gitignore b/vnfs/DAaaS/collectd-operator/.gitignore deleted file mode 100644 index 4ff0bf71..00000000 --- a/vnfs/DAaaS/collectd-operator/.gitignore +++ /dev/null @@ -1,99 +0,0 @@ -# Common -.DS_Store -.vscode -*-workspace -.tox/ -.*.swp -*.log -coverage.html -docs/build -*.so - -# Tests -*.test -*.out - -# # Directories -bin -target -vendor -src/github.com -src/golang.org - -# Temporary Build Files -build/_output -build/_test -# Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode -### Emacs ### -# -*- mode: gitignore; -*- -*~ -\#*\# -/.emacs.desktop -/.emacs.desktop.lock -*.elc -auto-save-list -tramp -.\#* -# Org-mode -.org-id-locations -*_archive -# flymake-mode -*_flymake.* -# eshell files -/eshell/history -/eshell/lastdir -# elpa packages -/elpa/ -# reftex files -*.rel -# AUCTeX auto folder -/auto/ -# cask packages -.cask/ -dist/ -# Flycheck -flycheck_*.el -# server auth directory -/server/ -# projectiles files -.projectile -projectile-bookmarks.eld -# directory configuration -.dir-locals.el -# saveplace -places -# url cache -url/cache/ -# cedet -ede-projects.el -# smex -smex-items -# company-statistics -company-statistics-cache.el -# anaconda-mode -anaconda-mode/ -### Go ### -# Binaries for programs and plugins -*.exe -*.exe~ -*.dll -*.so -*.dylib -# Test binary, build with 'go test -c' -*.test -# Output of the go coverage tool, specifically when used with LiteIDE -*.out -### Vim ### -# swap -.sw[a-p] -.*.sw[a-p] -# session -Session.vim -# temporary -.netrwhist -# auto-generated tag files -tags -### VisualStudioCode ### -.vscode/* -.history -# End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode diff --git a/vnfs/DAaaS/collectd-operator/Makefile b/vnfs/DAaaS/collectd-operator/Makefile deleted file mode 100644 index c3c11f5e..00000000 --- a/vnfs/DAaaS/collectd-operator/Makefile +++ /dev/null @@ -1,70 +0,0 @@ -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2019 Intel Corporation -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -# Common -VERSION := $(shell git describe --tags) -BUILD := $(shell git rev-parse --short HEAD) -PROJECTNAME := $(shell basename "$(PWD)") - -GOPATH := $(shell realpath "$(PWD)/../../../../../") -COP = ${PWD}/build/_output/bin/collectd-operator -IMAGE_NAME = dcr.cluster.local/collectd-operator:latest - -export GOPATH ... -export GO111MODULE=on - -.PHONY: clean plugins - -## all: Generate the k8s and openapi artifacts using operator-sdk -all: clean vendor - GOOS=linux GOARCH=amd64 - operator-sdk generate k8s --verbose - operator-sdk generate openapi --verbose - #@go build -o ${COP} -gcflags all=-trimpath=${GOPATH} -asmflags all=-trimpath=${GOPATH} -mod=vendor demo/vnfs/DAaaS/collectd-operator/cmd/manager - @operator-sdk build ${IMAGE_NAME} --verbose - -# The following is done this way as each patch on CI runs build and each merge runs deploy. So for build we don't need to build binary and hence -# no need to create a static binary with additional flags. However, for generating binary, additional build flags are necessary. This if used with -# mock plugin errors out for unit tests. So the seperation avoids the error. - -## build: clean the -build: clean test cover -deploy: build publish -vendor: - @go mod vendor -publish: - @docker push ${IMAGE_NAME} -.PHONY: test -test: clean - @go test -v ./... - -format: - @go fmt ./... - -clean: - @echo "Deleting the collectd-operator binary" - @rm -rf ${PWD}/build/_output/bin/collectd-operator - @echo "Deleting the collectd-operator docker image" - @docker rmi ${IMAGE_NAME} - -.PHONY: cover -cover: - @go test ./... -coverprofile=coverage.out - @go tool cover -html=coverage.out -o coverage.html - -.PHONY: help -## help: Print help message -help: Makefile - @echo - @echo " Requires -\\t Operator SDK v0.8.0+, go1.12.5+" - @echo - @echo " Choose a command run in "$(PROJECTNAME)":" - @echo - @sed -n 's/^## //p' $< | column -t -s ':' | sed -e 's/^/ /' - @echo \ No newline at end of file diff --git a/vnfs/DAaaS/collectd-operator/build/Dockerfile b/vnfs/DAaaS/collectd-operator/build/Dockerfile deleted file mode 100644 index c923e158..00000000 --- a/vnfs/DAaaS/collectd-operator/build/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM registry.access.redhat.com/ubi7/ubi-minimal:latest - -ENV OPERATOR=/usr/local/bin/collectd-operator \ - USER_UID=1001 \ - USER_NAME=collectd-operator - -# install operator binary -COPY build/_output/bin/collectd-operator ${OPERATOR} - -COPY build/bin /usr/local/bin -RUN /usr/local/bin/user_setup - -ENTRYPOINT ["/usr/local/bin/entrypoint"] - -USER ${USER_UID} diff --git a/vnfs/DAaaS/collectd-operator/cmd/manager/main.go b/vnfs/DAaaS/collectd-operator/cmd/manager/main.go deleted file mode 100644 index 80013fb5..00000000 --- a/vnfs/DAaaS/collectd-operator/cmd/manager/main.go +++ /dev/null @@ -1,125 +0,0 @@ -package main - -import ( - "context" - "flag" - "fmt" - "os" - "runtime" - - // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) - _ "k8s.io/client-go/plugin/pkg/client/auth" - - "demo/vnfs/DAaaS/collectd-operator/pkg/apis" - "demo/vnfs/DAaaS/collectd-operator/pkg/controller" - - "github.com/operator-framework/operator-sdk/pkg/k8sutil" - "github.com/operator-framework/operator-sdk/pkg/leader" - "github.com/operator-framework/operator-sdk/pkg/log/zap" - "github.com/operator-framework/operator-sdk/pkg/metrics" - "github.com/operator-framework/operator-sdk/pkg/restmapper" - sdkVersion "github.com/operator-framework/operator-sdk/version" - "github.com/spf13/pflag" - "sigs.k8s.io/controller-runtime/pkg/client/config" - "sigs.k8s.io/controller-runtime/pkg/manager" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" - "sigs.k8s.io/controller-runtime/pkg/runtime/signals" -) - -// Change below variables to serve metrics on different host or port. -var ( - metricsHost = "0.0.0.0" - metricsPort int32 = 8383 -) -var log = logf.Log.WithName("cmd") - -func printVersion() { - log.Info(fmt.Sprintf("Go Version: %s", runtime.Version())) - log.Info(fmt.Sprintf("Go OS/Arch: %s/%s", runtime.GOOS, runtime.GOARCH)) - log.Info(fmt.Sprintf("Version of operator-sdk: %v", sdkVersion.Version)) -} - -func main() { - // Add the zap logger flag set to the CLI. The flag set must - // be added before calling pflag.Parse(). - pflag.CommandLine.AddFlagSet(zap.FlagSet()) - - // Add flags registered by imported packages (e.g. glog and - // controller-runtime) - pflag.CommandLine.AddGoFlagSet(flag.CommandLine) - - pflag.Parse() - - // Use a zap logr.Logger implementation. If none of the zap - // flags are configured (or if the zap flag set is not being - // used), this defaults to a production zap logger. - // - // The logger instantiated here can be changed to any logger - // implementing the logr.Logger interface. This logger will - // be propagated through the whole operator, generating - // uniform and structured logs. - logf.SetLogger(zap.Logger()) - - printVersion() - - namespace, err := k8sutil.GetWatchNamespace() - if err != nil { - log.Error(err, "Failed to get watch namespace") - os.Exit(1) - } - - // Get a config to talk to the apiserver - cfg, err := config.GetConfig() - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - ctx := context.TODO() - - // Become the leader before proceeding - err = leader.Become(ctx, "collectd-operator-lock") - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - // Create a new Cmd to provide shared dependencies and start components - mgr, err := manager.New(cfg, manager.Options{ - Namespace: namespace, - MapperProvider: restmapper.NewDynamicRESTMapper, - MetricsBindAddress: fmt.Sprintf("%s:%d", metricsHost, metricsPort), - }) - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - log.Info("Registering Components.") - - // Setup Scheme for all resources - if err := apis.AddToScheme(mgr.GetScheme()); err != nil { - log.Error(err, "") - os.Exit(1) - } - - // Setup all Controllers - if err := controller.AddToManager(mgr); err != nil { - log.Error(err, "") - os.Exit(1) - } - - // Create Service object to expose the metrics port. - _, err = metrics.ExposeMetricsPort(ctx, metricsPort) - if err != nil { - log.Info(err.Error()) - } - - log.Info("Starting the Cmd.") - - // Start the Cmd - if err := mgr.Start(signals.SetupSignalHandler()); err != nil { - log.Error(err, "Manager exited non-zero") - os.Exit(1) - } -} diff --git a/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_cr.yaml b/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_cr.yaml deleted file mode 100644 index a4684293..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_cr.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: onap.org/v1alpha1 -kind: CollectdPlugin -metadata: - name: example-collectdplugin -spec: - # Add fields here - pluginName: "cpu" - pluginConf: | - - diff --git a/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_crd.yaml b/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_crd.yaml deleted file mode 100644 index 9b944f48..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/crds/onap_v1alpha1_collectdplugin_crd.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: collectdplugins.onap.org -spec: - group: onap.org - names: - kind: CollectdPlugin - listKind: CollectdPluginList - plural: collectdplugins - singular: collectdplugin - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - pluginConf: - type: string - pluginName: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "operator-sdk generate k8s" to regenerate code after - modifying this file Add custom validation using kubebuilder tags: - https://book.kubebuilder.io/beyond_basics/generating_crd.html' - type: string - required: - - pluginName - - pluginConf - type: object - status: - properties: - collectdAgents: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "operator-sdk generate k8s" to regenerate - code after modifying this file Add custom validation using kubebuilder - tags: https://book.kubebuilder.io/beyond_basics/generating_crd.html - CollectdAgents are the collectd pods in the Daemonset' - items: - type: string - type: array - collectdConf: - type: object - required: - - collectdAgents - - collectdConf - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/vnfs/DAaaS/collectd-operator/deploy/operator.yaml b/vnfs/DAaaS/collectd-operator/deploy/operator.yaml deleted file mode 100644 index 108719ab..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/operator.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: collectd-operator -spec: - replicas: 1 - selector: - matchLabels: - name: collectd-operator - template: - metadata: - labels: - name: collectd-operator - spec: - serviceAccountName: collectd-operator - containers: - - name: collectd-operator - # Replace this with the built image name - image: dcr.cluster.local:31976/collectd-operator:latest - command: - - collectd-operator - imagePullPolicy: Always - env: - - name: WATCH_NAMESPACE - value: "" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "collectd-operator" diff --git a/vnfs/DAaaS/collectd-operator/deploy/role.yaml b/vnfs/DAaaS/collectd-operator/deploy/role.yaml deleted file mode 100644 index d7aba353..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/role.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: collectd-operator -rules: -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - verbs: - - '*' -- apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - verbs: - - '*' -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create -- apiGroups: - - apps - resourceNames: - - collectd-operator - resources: - - deployments/finalizers - verbs: - - update -- apiGroups: - - onap.org - resources: - - '*' - verbs: - - '*' diff --git a/vnfs/DAaaS/collectd-operator/deploy/role_binding.yaml b/vnfs/DAaaS/collectd-operator/deploy/role_binding.yaml deleted file mode 100644 index 5f425081..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/role_binding.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: collectd-operator -subjects: -- kind: ServiceAccount - name: collectd-operator -roleRef: - kind: ClusterRole - name: collectd-operator - apiGroup: rbac.authorization.k8s.io diff --git a/vnfs/DAaaS/collectd-operator/deploy/service_account.yaml b/vnfs/DAaaS/collectd-operator/deploy/service_account.yaml deleted file mode 100644 index 6e6700e4..00000000 --- a/vnfs/DAaaS/collectd-operator/deploy/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: collectd-operator diff --git a/vnfs/DAaaS/collectd-operator/go.mod b/vnfs/DAaaS/collectd-operator/go.mod deleted file mode 100644 index 3adbdc2b..00000000 --- a/vnfs/DAaaS/collectd-operator/go.mod +++ /dev/null @@ -1,57 +0,0 @@ -module demo/vnfs/DAaaS/collectd-operator - -require ( - contrib.go.opencensus.io/exporter/ocagent v0.4.9 // indirect - github.com/Azure/go-autorest v11.5.2+incompatible // indirect - github.com/appscode/jsonpatch v0.0.0-20190108182946-7c0e3b262f30 // indirect - github.com/coreos/prometheus-operator v0.26.0 // indirect - github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect - github.com/emicklei/go-restful v2.8.1+incompatible // indirect - github.com/go-logr/logr v0.1.0 // indirect - github.com/go-logr/zapr v0.1.0 // indirect - github.com/go-openapi/spec v0.19.0 - github.com/golang/groupcache v0.0.0-20180924190550-6f2cf27854a4 // indirect - github.com/golang/mock v1.2.0 // indirect - github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c // indirect - github.com/googleapis/gnostic v0.2.0 // indirect - github.com/gophercloud/gophercloud v0.0.0-20190318015731-ff9851476e98 // indirect - github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect - github.com/grpc-ecosystem/grpc-gateway v1.8.5 // indirect - github.com/imdario/mergo v0.3.6 // indirect - github.com/operator-framework/operator-sdk v0.8.1-0.20190521182814-a67086ad2c15 - github.com/pborman/uuid v0.0.0-20180906182336-adf5a7427709 // indirect - github.com/peterbourgon/diskv v2.0.1+incompatible // indirect - github.com/spf13/pflag v1.0.3 - go.opencensus.io v0.19.2 // indirect - go.uber.org/atomic v1.3.2 // indirect - go.uber.org/multierr v1.1.0 // indirect - go.uber.org/zap v1.9.1 // indirect - golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2 // indirect - k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b - k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d - k8s.io/client-go v11.0.0+incompatible - k8s.io/code-generator v0.0.0-20180823001027-3dcf91f64f63 - k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 - k8s.io/kube-openapi v0.0.0-20190510232812-a01b7d5d6c22 - sigs.k8s.io/controller-runtime v0.1.10 - sigs.k8s.io/controller-tools v0.1.10 - sigs.k8s.io/kind v0.3.0 // indirect - sigs.k8s.io/testing_frameworks v0.1.0 // indirect -) - -// Pinned to kubernetes-1.13.1 -replace ( - k8s.io/api => k8s.io/api v0.0.0-20181213150558-05914d821849 - k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.0.0-20181213153335-0fe22c71c476 - k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20181127025237-2b1284ed4c93 - k8s.io/client-go => k8s.io/client-go v0.0.0-20181213151034-8d9ed539ba31 -) - -replace ( - github.com/coreos/prometheus-operator => github.com/coreos/prometheus-operator v0.29.0 - github.com/operator-framework/operator-sdk => github.com/operator-framework/operator-sdk v0.8.0 - k8s.io/code-generator => k8s.io/code-generator v0.0.0-20181117043124-c2090bec4d9b - k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d - sigs.k8s.io/controller-runtime => sigs.k8s.io/controller-runtime v0.1.10 - sigs.k8s.io/controller-tools => sigs.k8s.io/controller-tools v0.1.11-0.20190411181648-9d55346c2bde -) diff --git a/vnfs/DAaaS/collectd-operator/go.sum b/vnfs/DAaaS/collectd-operator/go.sum deleted file mode 100644 index ea13f2aa..00000000 --- a/vnfs/DAaaS/collectd-operator/go.sum +++ /dev/null @@ -1,301 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.34.0 h1:eOI3/cP2VTU6uZLDYAoic+eyzzB9YyGmJ7eIjl8rOPg= -cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -contrib.go.opencensus.io/exporter/ocagent v0.4.9 h1:8ZbMXpyd04/3LILa/9Tzr8N4HzZNj6Vb2xsaSuR4nQI= -contrib.go.opencensus.io/exporter/ocagent v0.4.9/go.mod h1:ueLzZcP7LPhPulEBukGn4aLh7Mx9YJwpVJ9nL2FYltw= -git.apache.org/thrift.git v0.12.0/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= -github.com/Azure/go-autorest v11.5.2+incompatible h1:NTIEargbhAGNWuT7QEXJ2fqLMFvatupHIscb9FYwVOg= -github.com/Azure/go-autorest v11.5.2+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/PuerkitoBio/purell v1.1.0 h1:rmGxhojJlM0tuKtfdvliR84CFHljx9ag64t2xmVkjK4= -github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= -github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= -github.com/appscode/jsonpatch v0.0.0-20190108182946-7c0e3b262f30 h1:Kn3rqvbUFqSepE2OqVu0Pn1CbDw9IuMlONapol0zuwk= -github.com/appscode/jsonpatch v0.0.0-20190108182946-7c0e3b262f30/go.mod h1:4AJxUpXUhv4N+ziTvIcWWXgeorXpxPZOfk9HdEVr96M= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/census-instrumentation/opencensus-proto v0.2.0 h1:LzQXZOgg4CQfE6bFvXGM30YZL1WW/M337pXml+GrcZ4= -github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/coreos/prometheus-operator v0.29.0 h1:Moi4klbr1xUVaofWzlaM12mxwCL294GiLW2Qj8ku0sY= -github.com/coreos/prometheus-operator v0.29.0/go.mod h1:SO+r5yZUacDFPKHfPoUjI3hMsH+ZUdiuNNhuSq3WoSg= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= -github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= -github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= -github.com/emicklei/go-restful v2.8.1+incompatible h1:AyDqLHbJ1quqbWr/OWDw+PlIP8ZFoTmYrGYaxzrLbNg= -github.com/emicklei/go-restful v2.8.1+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/evanphx/json-patch v4.0.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.2.0+incompatible h1:fUDGZCv/7iAN7u0puUVhvKCcsR6vRfwrJatElLBEf0I= -github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logr/logr v0.1.0 h1:M1Tv3VzNlEHg6uyACnRdtrploV2P7wZqH8BoQMtz0cg= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= -github.com/go-logr/zapr v0.1.0 h1:h+WVe9j6HAA01niTJPA/kKH0i7e0rLZBCwauQFcRE54= -github.com/go-logr/zapr v0.1.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= -github.com/go-openapi/jsonpointer v0.17.0 h1:nH6xp8XdXHx8dqveo0ZuJBluCO2qGrPbDNZ0dwoRHP0= -github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonreference v0.17.0 h1:yJW3HCkTHg7NOA+gZ83IPHzUSnUzGXhGmsdiCcMexbA= -github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/spec v0.18.0 h1:aIjeyG5mo5/FrvDkpKKEGZPmF9MPHahS72mzfVqeQXQ= -github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.19.0 h1:A4SZ6IWh3lnjH0rG0Z5lkxazMGBECtrZcbyYQi+64k4= -github.com/go-openapi/spec v0.19.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/swag v0.17.0 h1:iqrgMg7Q7SvtbWLlltPrkMs0UBJI6oTSs79JFRUi880= -github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gobuffalo/envy v1.6.5/go.mod h1:N+GkhhZ/93bGZc6ZKhJLP6+m+tCNPKwgSpH9kaifseQ= -github.com/gobuffalo/envy v1.6.15 h1:OsV5vOpHYUpP7ZLS6sem1y40/lNX1BZj+ynMiRi21lQ= -github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20180924190550-6f2cf27854a4 h1:6UVLWz0fIIrv0UVj6t0A7cL48n8IyAdLVQqAYzEfsKI= -github.com/golang/groupcache v0.0.0-20180924190550-6f2cf27854a4/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c h1:964Od4U6p2jUkFxvCydnIczKteheJEzHRToSGK3Bnlw= -github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/gofuzz v0.0.0-20170612174753-24818f796faf h1:+RRA9JqSOZFfKrOeqr2z77+8R2RKyh8PG66dcu1V0ck= -github.com/google/gofuzz v0.0.0-20170612174753-24818f796faf/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= -github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/uuid v1.0.0 h1:b4Gk+7WdP/d3HZH8EJsZpvV7EtDOgaZLtnaNGIu1adA= -github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gnostic v0.2.0 h1:l6N3VoaVzTncYYW+9yOz2LJJammFZGBO13sqgEhpy9g= -github.com/googleapis/gnostic v0.2.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/gophercloud/gophercloud v0.0.0-20190318015731-ff9851476e98 h1:yVCQl8LUAduuT+xe+Wo+kq1lXQtMSPo+4EoOD9AIY0k= -github.com/gophercloud/gophercloud v0.0.0-20190318015731-ff9851476e98/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= -github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= -github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/grpc-gateway v1.6.2/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= -github.com/grpc-ecosystem/grpc-gateway v1.8.5 h1:2+KSC78XiO6Qy0hIjfc1OD9H+hsaJdJlb8Kqsd41CTE= -github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/golang-lru v0.5.0 h1:CL2msUPvZTLb5O648aiLNJw3hnBxN2+1Jq8rCOH9wdo= -github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= -github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= -github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/pty v1.1.4/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329 h1:2gxZ0XQIU/5z3Z3bUBu+FXuk2pFbkN6tcwi/pjyaDic= -github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/markbates/inflect v1.0.4 h1:5fh1gzTFhfae06u3hzHYO9xe3l3v3nW5Pwt3naLTP5g= -github.com/markbates/inflect v1.0.4/go.mod h1:1fR9+pO2KHEO9ZRtto13gDwwZaAKstQzferVeWqbgNs= -github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/openzipkin/zipkin-go v0.1.3/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8= -github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= -github.com/operator-framework/operator-sdk v0.8.0 h1:aKwgim6L2Ffi9QCRrwBAq22MWBPp+myxuvQl0Zqx3ro= -github.com/operator-framework/operator-sdk v0.8.0/go.mod h1:iVyukRkam5JZa8AnjYf+/G3rk7JI1+M6GsU0sq0B9NA= -github.com/pborman/uuid v0.0.0-20180906182336-adf5a7427709 h1:zNBQb37RGLmJybyMcs983HfUfpkw9OTFD9tbBfAViHE= -github.com/pborman/uuid v0.0.0-20180906182336-adf5a7427709/go.mod h1:VyrYX9gd7irzKovcSS6BIIEwPRkP2Wm2m9ufcdFSJ34= -github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= -github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829 h1:D+CiwcpGTW6pL6bv6KI3KbyEyCKyS+1JWS2h8PNDnGA= -github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f h1:BVwpUVJDADN2ufcGik7W992pyps0wZ888b/y9GXcLTU= -github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/common v0.2.0 h1:kUZDBDTdBVBYBj5Tmh2NZLlF60mfjA27rM34b+cVwNU= -github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1 h1:/K3IL0Z1quvmJ7X0A1AwNEK7CRkVK3YwfOU/QAL4WGg= -github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.2.2 h1:J7U/N7eRtzjhs26d6GqMh2HBuXP8/Z64Densiiieafo= -github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1 h1:GL2rEmy6nsikmW0r8opw9JIRScdMF5hA8cOYLH7In1k= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/cobra v0.0.3 h1:ZlrZ4XsMRm04Fr5pSFxBgfND2EBVa1nLpiy1stUsX/8= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -go.opencensus.io v0.19.1/go.mod h1:gug0GbSHa8Pafr0d2urOSgoXHZ6x/RUlaiT0d9pqb4A= -go.opencensus.io v0.19.2 h1:ZZpq6xI6kv/LuE/5s5UQvBU5vMjvRnPb8PvJrIntAnc= -go.opencensus.io v0.19.2/go.mod h1:NO/8qkisMZLZ1FCsKNqtJPwc8/TaclWyY0B6wcYNg9M= -go.uber.org/atomic v1.3.2 h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4= -go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/zap v1.9.1 h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o= -go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20181217174547-8f45f776aaf1/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190206173232-65e2d4e15006/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a h1:oWX7TPOiFAMXLq8o0ikBYfCJVlRHBcsciT5bXOrH628= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190514140710-3ec191127204 h1:4yG6GqBtw9C+UrLp6s2wtSniayy/Vd/3F7ffLE427XI= -golang.org/x/net v0.0.0-20190514140710-3ec191127204/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421 h1:Wo7BWFiOk0QRFMLYMqJGFMd9CgUAcGx7V+qEg/h5IBI= -golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6 h1:bjcUS9ztw9kFmmIxJInhon/0Is3p+EHBKNgquIzo1OI= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181218192612-074acd46bca6/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2 h1:+DCIGbF/swA92ohVg0//6X2IVY3KZs6p9mix0ziNYJM= -golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181219222714-6e267b5cc78e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190213015956-f7e1b50d2251/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138 h1:H3uGjxCR/6Ds0Mjgyp7LMK81+LvmbvWWEnJhzk1Pi9E= -golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -google.golang.org/api v0.0.0-20181220000619-583d854617af/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.2.0 h1:B5VXkdjt7K2Gm6fGBC9C9a1OAKJDT95cTqwet+2zib0= -google.golang.org/api v0.2.0/go.mod h1:IfRCZScioGtypHNTlz3gFk67J8uePVW7uDTBzXuIkhU= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20181219182458-5a97ab628bfb/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19 h1:Lj2SnHtxkRGJDqnGaSjo+CCdIieEnwVazbOXILwQemk= -google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= -google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.19.1 h1:TrBcJ1yqAl1G++wO39nD/qtgpsW9/1+QGrluyMGEYgM= -google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20180920025451-e3ad64cb4ed3/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.0.0-20181213150558-05914d821849 h1:WZFcFPXmLR7g5CxQNmjWv0mg8qulJLxDghbzS4pQtzY= -k8s.io/api v0.0.0-20181213150558-05914d821849/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA= -k8s.io/apiextensions-apiserver v0.0.0-20181213153335-0fe22c71c476 h1:Ws9zfxsgV19Durts9ftyTG7TO0A/QLhmu98VqNWLiH8= -k8s.io/apiextensions-apiserver v0.0.0-20181213153335-0fe22c71c476/go.mod h1:IxkesAMoaCRoLrPJdZNZUQp9NfZnzqaVzLhb2VEQzXE= -k8s.io/apimachinery v0.0.0-20181127025237-2b1284ed4c93 h1:tT6oQBi0qwLbbZSfDkdIsb23EwaLY85hoAV4SpXfdao= -k8s.io/apimachinery v0.0.0-20181127025237-2b1284ed4c93/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0= -k8s.io/client-go v0.0.0-20181213151034-8d9ed539ba31 h1:OH3z6khCtxnJBAc0C5CMYWLl1CoK5R5fngX7wrwdN5c= -k8s.io/client-go v0.0.0-20181213151034-8d9ed539ba31/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s= -k8s.io/code-generator v0.0.0-20181117043124-c2090bec4d9b h1:KH0fUlgdFZH8UMxJ/FDCYHpczfSQKefetq5NjL6BVF0= -k8s.io/code-generator v0.0.0-20181117043124-c2090bec4d9b/go.mod h1:MYiN+ZJZ9HkETbgVZdWw2AsuAi9PZ4V80cwfuf2axe8= -k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= -k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/klog v0.2.0 h1:0ElL0OHzF3N+OhoJTL0uca20SxtYt4X4+bzHeqrB83c= -k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.3.0 h1:0VPpR+sizsiivjIfIAQH/rl8tan6jvWkS7lU+0di3lE= -k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d h1:mn2F9UzCk6KGa7M/d2ibLyRtBQm7n6QvbCjDe/cDWSg= -k8s.io/kube-openapi v0.0.0-20180711000925-0cf8f7e6ed1d/go.mod h1:BXM9ceUBTj2QnfH2MK1odQs778ajze1RxcmP6S8RVVc= -sigs.k8s.io/controller-runtime v0.1.10 h1:amLOmcekVdnsD1uIpmgRqfTbQWJ2qxvQkcdeFhcotn4= -sigs.k8s.io/controller-runtime v0.1.10/go.mod h1:HFAYoOh6XMV+jKF1UjFwrknPbowfyHEHHRdJMf2jMX8= -sigs.k8s.io/controller-tools v0.1.11-0.20190411181648-9d55346c2bde h1:ZkaHf5rNYzIB6CB82keKMQNv7xxkqT0ylOBdfJPfi+k= -sigs.k8s.io/controller-tools v0.1.11-0.20190411181648-9d55346c2bde/go.mod h1:ATWLRP3WGxuAN9HcT2LaKHReXIH+EZGzRuMHuxjXfhQ= -sigs.k8s.io/kind v0.3.0 h1:TUIRsJZy123ejyWECuYOU2XzSsIsauoqaeoUGsfdj6k= -sigs.k8s.io/kind v0.3.0/go.mod h1:bgGo2cWxKGQ7esVxtGp9H17Ttlexju92CTMjCg08HNQ= -sigs.k8s.io/kustomize v2.0.3+incompatible h1:JUufWFNlI44MdtnjUqVnvh29rR37PQFzPbLXqhyOyX0= -sigs.k8s.io/kustomize v2.0.3+incompatible/go.mod h1:MkjgH3RdOWrievjo6c9T245dYlB5QeXV4WCbnt/PEpU= -sigs.k8s.io/testing_frameworks v0.1.0/go.mod h1:VVBKrHmJ6Ekkfz284YKhQePcdycOzNH9qL6ht1zEr/U= -sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= -sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/addtoscheme_onap_v1alpha1.go b/vnfs/DAaaS/collectd-operator/pkg/apis/addtoscheme_onap_v1alpha1.go deleted file mode 100644 index 711a1182..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/addtoscheme_onap_v1alpha1.go +++ /dev/null @@ -1,10 +0,0 @@ -package apis - -import ( - "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1" -) - -func init() { - // Register the types with the Scheme so the components can map objects to GroupVersionKinds and back - AddToSchemes = append(AddToSchemes, v1alpha1.SchemeBuilder.AddToScheme) -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/apis.go b/vnfs/DAaaS/collectd-operator/pkg/apis/apis.go deleted file mode 100644 index 07dc9616..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/apis.go +++ /dev/null @@ -1,13 +0,0 @@ -package apis - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -// AddToSchemes may be used to add all resources defined in the project to a Scheme -var AddToSchemes runtime.SchemeBuilder - -// AddToScheme adds all Resources to the Scheme -func AddToScheme(s *runtime.Scheme) error { - return AddToSchemes.AddToScheme(s) -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/collectdplugin_types.go b/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/collectdplugin_types.go deleted file mode 100644 index d29498e8..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/collectdplugin_types.go +++ /dev/null @@ -1,56 +0,0 @@ -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. - -// CollectdPluginSpec defines the desired state of CollectdPlugin -// +k8s:openapi-gen=true -type CollectdPluginSpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file - // Add custom validation using kubebuilder tags: https://book.kubebuilder.io/beyond_basics/generating_crd.html - PluginName string `json:"pluginName"` - PluginConf string `json:"pluginConf"` -} - -// CollectdPluginStatus defines the observed state of CollectdPlugin -// +k8s:openapi-gen=true -type CollectdPluginStatus struct { - // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - // Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file - // Add custom validation using kubebuilder tags: https://book.kubebuilder.io/beyond_basics/generating_crd.html - // CollectdAgents are the collectd pods in the Daemonset - CollectdAgents []string `json:"collectdAgents"` - CollectdConf corev1.ConfigMap `json:"collectdConf"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CollectdPlugin is the Schema for the collectdplugins API -// +k8s:openapi-gen=true -// +kubebuilder:subresource:status -type CollectdPlugin struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec CollectdPluginSpec `json:"spec,omitempty"` - Status CollectdPluginStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CollectdPluginList contains a list of CollectdPlugin -type CollectdPluginList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []CollectdPlugin `json:"items"` -} - -func init() { - SchemeBuilder.Register(&CollectdPlugin{}, &CollectdPluginList{}) -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/doc.go b/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/doc.go deleted file mode 100644 index 29b3493e..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/doc.go +++ /dev/null @@ -1,4 +0,0 @@ -// Package v1alpha1 contains API Schema definitions for the onap v1alpha1 API group -// +k8s:deepcopy-gen=package,register -// +groupName=onap.org -package v1alpha1 diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/register.go b/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/register.go deleted file mode 100644 index c670eea4..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/register.go +++ /dev/null @@ -1,19 +0,0 @@ -// NOTE: Boilerplate only. Ignore this file. - -// Package v1alpha1 contains API Schema definitions for the onap v1alpha1 API group -// +k8s:deepcopy-gen=package,register -// +groupName=onap.org -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/controller-runtime/pkg/runtime/scheme" -) - -var ( - // SchemeGroupVersion is group version used to register these objects - SchemeGroupVersion = schema.GroupVersion{Group: "onap.org", Version: "v1alpha1"} - - // SchemeBuilder is used to add go types to the GroupVersionKind scheme - SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} -) diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.deepcopy.go b/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 0fe1dcc3..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,108 +0,0 @@ -// +build !ignore_autogenerated - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CollectdPlugin) DeepCopyInto(out *CollectdPlugin) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CollectdPlugin. -func (in *CollectdPlugin) DeepCopy() *CollectdPlugin { - if in == nil { - return nil - } - out := new(CollectdPlugin) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CollectdPlugin) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CollectdPluginList) DeepCopyInto(out *CollectdPluginList) { - *out = *in - out.TypeMeta = in.TypeMeta - out.ListMeta = in.ListMeta - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CollectdPlugin, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CollectdPluginList. -func (in *CollectdPluginList) DeepCopy() *CollectdPluginList { - if in == nil { - return nil - } - out := new(CollectdPluginList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CollectdPluginList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CollectdPluginSpec) DeepCopyInto(out *CollectdPluginSpec) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CollectdPluginSpec. -func (in *CollectdPluginSpec) DeepCopy() *CollectdPluginSpec { - if in == nil { - return nil - } - out := new(CollectdPluginSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CollectdPluginStatus) DeepCopyInto(out *CollectdPluginStatus) { - *out = *in - if in.CollectdAgents != nil { - in, out := &in.CollectdAgents, &out.CollectdAgents - *out = make([]string, len(*in)) - copy(*out, *in) - } - in.CollectdConf.DeepCopyInto(&out.CollectdConf) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CollectdPluginStatus. -func (in *CollectdPluginStatus) DeepCopy() *CollectdPluginStatus { - if in == nil { - return nil - } - out := new(CollectdPluginStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.openapi.go b/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.openapi.go deleted file mode 100644 index a1d401b7..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1/zz_generated.openapi.go +++ /dev/null @@ -1,124 +0,0 @@ -// +build !ignore_autogenerated - -// Code generated by openapi-gen. DO NOT EDIT. - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package v1alpha1 - -import ( - spec "github.com/go-openapi/spec" - common "k8s.io/kube-openapi/pkg/common" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPlugin": schema_pkg_apis_onap_v1alpha1_CollectdPlugin(ref), - "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginSpec": schema_pkg_apis_onap_v1alpha1_CollectdPluginSpec(ref), - "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginStatus": schema_pkg_apis_onap_v1alpha1_CollectdPluginStatus(ref), - } -} - -func schema_pkg_apis_onap_v1alpha1_CollectdPlugin(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CollectdPlugin is the Schema for the collectdplugins API", - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Ref: ref("demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Ref: ref("demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginStatus"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginSpec", "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1.CollectdPluginStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_onap_v1alpha1_CollectdPluginSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CollectdPluginSpec defines the desired state of CollectdPlugin", - Properties: map[string]spec.Schema{ - "pluginName": { - SchemaProps: spec.SchemaProps{ - Description: "INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run \"operator-sdk generate k8s\" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book.kubebuilder.io/beyond_basics/generating_crd.html", - Type: []string{"string"}, - Format: "", - }, - }, - "pluginConf": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"pluginName", "pluginConf"}, - }, - }, - Dependencies: []string{}, - } -} - -func schema_pkg_apis_onap_v1alpha1_CollectdPluginStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "CollectdPluginStatus defines the observed state of CollectdPlugin", - Properties: map[string]spec.Schema{ - "collectdAgents": { - SchemaProps: spec.SchemaProps{ - Description: "INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run \"operator-sdk generate k8s\" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book.kubebuilder.io/beyond_basics/generating_crd.html CollectdAgents are the collectd pods in the Daemonset", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "collectdConf": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/api/core/v1.ConfigMap"), - }, - }, - }, - Required: []string{"collectdAgents", "collectdConf"}, - }, - }, - Dependencies: []string{ - "k8s.io/api/core/v1.ConfigMap"}, - } -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/controller/add_collectdplugin.go b/vnfs/DAaaS/collectd-operator/pkg/controller/add_collectdplugin.go deleted file mode 100644 index da8d1e1d..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/controller/add_collectdplugin.go +++ /dev/null @@ -1,10 +0,0 @@ -package controller - -import ( - "demo/vnfs/DAaaS/collectd-operator/pkg/controller/collectdplugin" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, collectdplugin.Add) -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/controller/collectdplugin/collectdplugin_controller.go b/vnfs/DAaaS/collectd-operator/pkg/controller/collectdplugin/collectdplugin_controller.go deleted file mode 100644 index 77d7e157..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/controller/collectdplugin/collectdplugin_controller.go +++ /dev/null @@ -1,215 +0,0 @@ -package collectdplugin - -import ( - "context" - "crypto/sha256" - - onapv1alpha1 "demo/vnfs/DAaaS/collectd-operator/pkg/apis/onap/v1alpha1" - - corev1 "k8s.io/api/core/v1" - extensionsv1beta1 "k8s.io/api/extensions/v1beta1" - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" - "sigs.k8s.io/controller-runtime/pkg/handler" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_collectdplugin") - -// ResourceMap to hold objects to update/reload -type ResourceMap struct { - configMap *corev1.ConfigMap - daemonSet *extensionsv1beta1.DaemonSet -} - -/** -* USER ACTION REQUIRED: This is a scaffold file intended for the user to modify with their own Controller -* business logic. Delete these comments after modifying this file.* - */ - -// Add creates a new CollectdPlugin Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileCollectdPlugin{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - log.V(1).Info("Creating a new controller for CollectdPlugin") - c, err := controller.New("collectdplugin-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource CollectdPlugin - log.V(1).Info("Add watcher for primary resource CollectdPlugin") - err = c.Watch(&source.Kind{Type: &onapv1alpha1.CollectdPlugin{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - // TODO(user): Modify this to be the types you create that are owned by the primary resource - // Watch for changes to secondary resource Pods and requeue the owner CollectdPlugin - log.V(1).Info("Add watcher for secondary resource ConfigMap") - err = c.Watch(&source.Kind{Type: &corev1.ConfigMap{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &onapv1alpha1.CollectdPlugin{}, - }) - if err != nil { - return err - } - - err = c.Watch(&source.Kind{Type: &extensionsv1beta1.DaemonSet{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &onapv1alpha1.CollectdPlugin{}, - }) - if err != nil { - return err - } - - return nil -} - -// blank assignment to verify that ReconcileCollectdPlugin implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileCollectdPlugin{} - -// ReconcileCollectdPlugin reconciles a CollectdPlugin object -type ReconcileCollectdPlugin struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// Reconcile reads that state of the cluster for a CollectdPlugin object and makes changes based on the state read -// and what is in the CollectdPlugin.Spec -// TODO(user): Modify this Reconcile function to implement your Controller logic. This example creates -// a Pod as an example -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileCollectdPlugin) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling CollectdPlugin") - - // Fetch the CollectdPlugin instance - instance := &onapv1alpha1.CollectdPlugin{} - err := r.client.Get(context.TODO(), request.NamespacedName, instance) - if err != nil { - if errors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - // Owned objects are automatically garbage collected. For additional cleanup logic use finalizers. - // Return and don't requeue - reqLogger.V(1).Info("CollectdPlugin object Not found") - return reconcile.Result{}, nil - } - // Error reading the object - requeue the request. - reqLogger.V(1).Info("Error reading the CollectdPlugin object, Requeuing") - return reconcile.Result{}, err - } - - rmap, err := findResourceMapForCR(r, instance) - if err != nil { - reqLogger.Info("Skip reconcile: ConfigMap not found") - return reconcile.Result{}, err - } - - cm := rmap.configMap - ds := rmap.daemonSet - reqLogger.V(1).Info("Found ResourceMap") - reqLogger.V(1).Info("ConfigMap.Namespace", cm.Namespace, "ConfigMap.Name", cm.Name) - reqLogger.V(1).Info("DaemonSet.Namespace", ds.Namespace, "DaemonSet.Name", ds.Name) - // Set CollectdPlugin instance as the owner and controller - if err := controllerutil.SetControllerReference(instance, cm, r.scheme); err != nil { - return reconcile.Result{}, err - } - // Set CollectdConf instance as the owner and controller - if err := controllerutil.SetControllerReference(instance, ds, r.scheme); err != nil { - return reconcile.Result{}, err - } - - // Update the ConfigMap with new Spec and reload DaemonSets - reqLogger.Info("Updating the ConfigMap", "ConfigMap.Namespace", cm.Namespace, "ConfigMap.Name", cm.Name) - log.Info("Map: ", cm.Data) - err = r.client.Update(context.TODO(), cm) - if err != nil { - return reconcile.Result{}, err - } - - //Restart Collectd Pods - - ds.Spec.Template.SetLabels(map[string]string{ - "daaas-random": ComputeSHA256([]byte("TEST")), - }) - // Reconcile success - reqLogger.Info("Updated the ConfigMap", "ConfigMap.Namespace", cm.Namespace, "ConfigMap.Name", cm.Name) - return reconcile.Result{}, nil -} - -// ComputeSHA256 returns hash of data as string -func ComputeSHA256(data []byte) string { - hash := sha256.Sum256(data) - return string(hash[:]) -} - -// findConfigMapForCR returns the configMap used by collectd Daemonset -func findResourceMapForCR(r *ReconcileCollectdPlugin, cr *onapv1alpha1.CollectdPlugin) (ResourceMap, error) { - cmList := &corev1.ConfigMapList{} - opts := &client.ListOptions{} - rmap := ResourceMap{} - - // Select ConfigMaps with label app=collectd - opts.SetLabelSelector("app=collectd") - opts.InNamespace(cr.Namespace) - err := r.client.List(context.TODO(), opts, cmList) - if err != nil { - return rmap, err - } - - // Select DaemonSets with label app=collectd - dsList := &extensionsv1beta1.DaemonSet{} - err = r.client.List(context.TODO(), opts, dsList) - if err != nil { - return rmap, err - } - - rmap.configMap = &cmList.Items[0] - rmap.daemonSet = dsList - return rmap, err -} - -// newPodForCR returns a busybox pod with the same name/namespace as the cr -func newPodForCR(cr *onapv1alpha1.CollectdPlugin) *corev1.Pod { - labels := map[string]string{ - "app": cr.Name, - } - return &corev1.Pod{ - ObjectMeta: metav1.ObjectMeta{ - Name: cr.Name + "-pod", - Namespace: cr.Namespace, - Labels: labels, - }, - Spec: corev1.PodSpec{ - Containers: []corev1.Container{ - { - Name: "busybox", - Image: "busybox", - Command: []string{"sleep", "3600"}, - }, - }, - }, - } -} diff --git a/vnfs/DAaaS/collectd-operator/pkg/controller/controller.go b/vnfs/DAaaS/collectd-operator/pkg/controller/controller.go deleted file mode 100644 index 7c069f3e..00000000 --- a/vnfs/DAaaS/collectd-operator/pkg/controller/controller.go +++ /dev/null @@ -1,18 +0,0 @@ -package controller - -import ( - "sigs.k8s.io/controller-runtime/pkg/manager" -) - -// AddToManagerFuncs is a list of functions to add all Controllers to the Manager -var AddToManagerFuncs []func(manager.Manager) error - -// AddToManager adds all Controllers to the Manager -func AddToManager(m manager.Manager) error { - for _, f := range AddToManagerFuncs { - if err := f(m); err != nil { - return err - } - } - return nil -} diff --git a/vnfs/DAaaS/collectd-operator/tools.go b/vnfs/DAaaS/collectd-operator/tools.go deleted file mode 100644 index 4da112f6..00000000 --- a/vnfs/DAaaS/collectd-operator/tools.go +++ /dev/null @@ -1,15 +0,0 @@ -// +build tools - -package tools - -import ( - // Code generators built at runtime. - _ "k8s.io/code-generator/cmd/client-gen" - _ "k8s.io/code-generator/cmd/conversion-gen" - _ "k8s.io/code-generator/cmd/deepcopy-gen" - _ "k8s.io/code-generator/cmd/informer-gen" - _ "k8s.io/code-generator/cmd/lister-gen" - _ "k8s.io/gengo/args" - _ "k8s.io/kube-openapi/cmd/openapi-gen" - _ "sigs.k8s.io/controller-tools/pkg/crd/generator" -) diff --git a/vnfs/DAaaS/collectd-operator/version/version.go b/vnfs/DAaaS/collectd-operator/version/version.go deleted file mode 100644 index e3e130bf..00000000 --- a/vnfs/DAaaS/collectd-operator/version/version.go +++ /dev/null @@ -1,5 +0,0 @@ -package version - -var ( - Version = "0.0.1" -) diff --git a/vnfs/DAaaS/collection/.helmignore b/vnfs/DAaaS/collection/.helmignore deleted file mode 100644 index 50af0317..00000000 --- a/vnfs/DAaaS/collection/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/vnfs/DAaaS/collection/Chart.yaml b/vnfs/DAaaS/collection/Chart.yaml deleted file mode 100644 index f21cc894..00000000 --- a/vnfs/DAaaS/collection/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: Helm charts for collection agents and collection service -name: collection -version: 0.1.0 diff --git a/vnfs/DAaaS/collection/charts/cadvisor/.helmignore b/vnfs/DAaaS/collection/charts/cadvisor/.helmignore deleted file mode 100644 index 50af0317..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/vnfs/DAaaS/collection/charts/cadvisor/Chart.yaml b/vnfs/DAaaS/collection/charts/cadvisor/Chart.yaml deleted file mode 100644 index aea55a29..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -appVersion: "1.0" -description: Cadvisor Helm Chart -name: cadvisor -version: 0.1.0 diff --git a/vnfs/DAaaS/collection/charts/cadvisor/templates/NOTES.txt b/vnfs/DAaaS/collection/charts/cadvisor/templates/NOTES.txt deleted file mode 100644 index 3eea9994..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2019 Intel Corporation. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.cadvisor_prometheus.service.type }} - NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "name" . }}) - NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") - visit http://NODE_IP:NODE_PORT -{{- else if contains "LoadBalancer" .Values.cadvisor_prometheus.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.cadvisor_prometheus.service.type }} - export POD_NAME=$(kubectl get pods --namespace={{ .Release.Namespace }} -l "app={{ template "name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.cadvisor_prometheus.service.targetPort }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/cadvisor/templates/_helpers.tpl b/vnfs/DAaaS/collection/charts/cadvisor/templates/_helpers.tpl deleted file mode 100644 index ea2a3266..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/templates/_helpers.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* Workaround for https://github.com/helm/helm/issues/3117 */}} -{{- define "rangeskipempty" -}} -{{- range $key, $value := . }} -{{- if $value }} -{{ $key }}: {{ $value }} -{{- end }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/cadvisor/templates/daemonset.yaml b/vnfs/DAaaS/collection/charts/cadvisor/templates/daemonset.yaml deleted file mode 100644 index e287c7d8..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/templates/daemonset.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1beta2 -kind: DaemonSet -metadata: - name: {{ template "fullname" . }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} -spec: - replicas: {{ .Values.replicaCount }} - updateStrategy: - type: RollingUpdate - selector: - matchLabels: - name: {{ template "fullname" . }} - template: - metadata: - labels: - name: {{ template "fullname" . }} - app: {{ template "name" . }} - collector: cadvisor - release: {{ .Release.Name }} - spec: - hostNetwork: true - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - securityContext: - privileged: true - volumeMounts: - - name: rootfs - mountPath: /rootfs - readOnly: true - - name: var-run - mountPath: /var/run - readOnly: false - - name: sys - mountPath: /sys - readOnly: true - - name: docker - mountPath: /var/lib/docker - readOnly: true - ports: - - name: http - containerPort: 8080 - protocol: TCP - args: - - --housekeeping_interval=10s - terminationGracePeriodSeconds: 30 - volumes: - - name: rootfs - hostPath: - path: / - - name: var-run - hostPath: - path: /var/run - - name: sys - hostPath: - path: /sys - - name: docker - hostPath: - path: /var/lib/docker diff --git a/vnfs/DAaaS/collection/charts/cadvisor/templates/service.yaml b/vnfs/DAaaS/collection/charts/cadvisor/templates/service.yaml deleted file mode 100644 index a8a932d1..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/templates/service.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: cadvisor - labels: - app: cadvisor - release: {{ .Release.Name }} -spec: - type: NodePort - externalTrafficPolicy: Local - selector: -{{ include "rangeskipempty" .Values.cadvisor_prometheus.service.selector | indent 4 }} - ports: - - name: cadvisor-prometheus - {{- if eq .Values.cadvisor_prometheus.service.type "NodePort" }} - nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.cadvisor_prometheus.service.nodePort }} - {{- end }} - protocol: TCP - port: {{ .Values.cadvisor_prometheus.service.port }} - nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.cadvisor_prometheus.service.nodePort }} - targetPort: {{ .Values.cadvisor_prometheus.service.targetPort }} diff --git a/vnfs/DAaaS/collection/charts/cadvisor/values.yaml b/vnfs/DAaaS/collection/charts/cadvisor/values.yaml deleted file mode 100644 index a17c3dd5..00000000 --- a/vnfs/DAaaS/collection/charts/cadvisor/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Default values for cadvisor. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -ingress: - enabled: false -image: - repository: google/cadvisor - tag: latest - pullPolicy: IfNotPresent -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. -cadvisor_prometheus: - service: - type: NodePort - port: 80 - nodePort: 91 - targetPort: 8080 - selector: - app: cadvisor - collector: cadvisor diff --git a/vnfs/DAaaS/collection/charts/collectd/.helmignore b/vnfs/DAaaS/collection/charts/collectd/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/vnfs/DAaaS/collection/charts/collectd/Chart.yaml b/vnfs/DAaaS/collection/charts/collectd/Chart.yaml deleted file mode 100644 index fcdcfde9..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -appVersion: "7.1.0" -description: Collectd Helm Chart -name: collectd -version: 0.2.0 diff --git a/vnfs/DAaaS/collection/charts/collectd/resources/config/collectd.conf b/vnfs/DAaaS/collection/charts/collectd/resources/config/collectd.conf deleted file mode 100644 index f62adb6a..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/resources/config/collectd.conf +++ /dev/null @@ -1,44 +0,0 @@ -FQDNLookup false -LoadPlugin cpu -LoadPlugin memory -LoadPlugin cpufreq -LoadPlugin disk -LoadPlugin ethstat -LoadPlugin ipc -LoadPlugin ipmi -LoadPlugin load -LoadPlugin numa -LoadPlugin processes -LoadPlugin df -LoadPlugin turbostat -LoadPlugin uptime -LoadPlugin contextswitch -LoadPlugin irq -LoadPlugin df -LoadPlugin swap -LoadPlugin write_prometheus - -LoadPlugin logfile - - LogLevel info - File "/var/log/collectd.log" - Timestamp true - PrintSeverity false - - - Interval 5 - ReportByState false - ReportByCpu false - - - - Interval 30 - ValuesAbsolute false - ValuesPercentage true - - - - Port "{{ .Values.prometheus_port }}" - - -#Last line (collectd requires ‘\n’ at the last line) diff --git a/vnfs/DAaaS/collection/charts/collectd/templates/NOTES.txt b/vnfs/DAaaS/collection/charts/collectd/templates/NOTES.txt deleted file mode 100644 index 06ca128b..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright (c) 2019 Intel Corporation. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.collectd_prometheus.service.type }} - NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "name" . }}) - NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") - visit http://NODE_IP:NODE_PORT -{{- else if contains "LoadBalancer" .Values.collectd_prometheus.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.collectd_prometheus.service.type }} - CLUSTER_NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") - CLUSTER_NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].port}" services {{ include "name" . }}) - visit http://CLUSTER_NODE_IP:CLUSTER_NODE_PORT -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/collectd/templates/_helpers.tpl b/vnfs/DAaaS/collection/charts/collectd/templates/_helpers.tpl deleted file mode 100644 index b5e98086..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/templates/_helpers.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* Workaround for https://github.com/helm/helm/issues/3117 */}} -{{- define "rangeskipempty" -}} -{{- range $key, $value := . }} -{{- if $value }} -{{ $key }}: {{ $value }} -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/collectd/templates/configmap.yaml b/vnfs/DAaaS/collection/charts/collectd/templates/configmap.yaml deleted file mode 100644 index 5f5dde01..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/templates/configmap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "fullname" . }}-config - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} -data: - node-collectd.conf: |- - {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/vnfs/DAaaS/collection/charts/collectd/templates/daemonset.yaml b/vnfs/DAaaS/collection/charts/collectd/templates/daemonset.yaml deleted file mode 100644 index 29fdded9..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/templates/daemonset.yaml +++ /dev/null @@ -1,83 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: extensions/v1beta1 -kind: DaemonSet -metadata: - name: {{ template "fullname" . }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} -spec: - replicas: {{ .Values.replicaCount }} - updateStrategy: - type: RollingUpdate - template: - metadata: - labels: - app: {{ template "name" . }} - collector: collectd - release: {{ .Release.Name }} - spec: - hostNetwork: true - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - securityContext: - privileged: true - volumeMounts: - - name: {{ template "fullname" . }}-config - mountPath: /opt/collectd/etc - - name: proc - mountPath: /mnt/proc - readOnly: true - - name: root - mountPath: /hostfs - readOnly: true - - name: etc - mountPath: /mnt/etc - readOnly: true - - name: run - mountPath: /var/run/docker.sock - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - volumes: - - name: {{ template "fullname" . }}-config - configMap: - name: {{ template "fullname" . }}-config - items: - - key: node-collectd.conf - path: collectd.conf - - name: proc - hostPath: - path: /proc - - name: root - hostPath: - path: / - - name: etc - hostPath: - path: /etc - - name: run - hostPath: - path: /var/run/docker.sock diff --git a/vnfs/DAaaS/collection/charts/collectd/templates/service.yaml b/vnfs/DAaaS/collection/charts/collectd/templates/service.yaml deleted file mode 100644 index 7571715d..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/templates/service.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{/* -# Copyright 2019 Intel Corporation, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: collectd - labels: - app: collectd - release: {{ .Release.Name }} -spec: - ports: - - name: collectd-prometheus - port: {{ .Values.collectd_prometheus.service.port }} - protocol: TCP - targetPort: {{ .Values.collectd_prometheus.service.targetPort }} - selector: -{{ include "rangeskipempty" .Values.collectd_prometheus.service.selector | indent 4 }} - type: ClusterIP diff --git a/vnfs/DAaaS/collection/charts/collectd/values.yaml b/vnfs/DAaaS/collection/charts/collectd/values.yaml deleted file mode 100644 index fdfcae71..00000000 --- a/vnfs/DAaaS/collection/charts/collectd/values.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Default values for collectd. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -ingress: - enabled: false -image: - repository: opnfv/barometer-collectd - tag: latest - pullPolicy: IfNotPresent -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi -collectd_prometheus: - service: - type: ClusterIP - port: 9103 - targetPort: 9103 - selector: - app: collectd - collector: collectd diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/.helmignore b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/.helmignore deleted file mode 100755 index f0c13194..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/Chart.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/Chart.yaml deleted file mode 100755 index 2e45b3a3..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/Chart.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -appVersion: 0.17.0 -description: A Helm chart for prometheus node-exporter -home: https://github.com/prometheus/node_exporter/ -keywords: -- node-exporter -- prometheus -- exporter -maintainers: -- email: gianrubio@gmail.com - name: gianrubio -name: prometheus-node-exporter -sources: -- https://github.com/prometheus/node_exporter/ -version: 1.3.2 diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/OWNERS b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/OWNERS deleted file mode 100755 index fe9b2c3d..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -approvers: -- gianrubio -reviewers: -- gianrubio \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/README.md b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/README.md deleted file mode 100755 index b9b50101..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Prometheus Node Exporter - -* Installs prometheus [node exporter](https://github.com/prometheus/node_exporter) - -## TL;DR; - -```console -$ helm install stable/prometheus-node-exporter -``` - -## Introduction - -This chart bootstraps a prometheus [node exporter](http://github.com/prometheus/node_exporter) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm install --name my-release stable/prometheus-node-exporter -``` - -The command deploys node exporter on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```console -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Configuration - -The following table lists the configurable parameters of the Node Exporter chart and their default values. - -| Parameter | Description | Default | | -| --------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | --- | -| `image.repository` | Image repository | `quay.io/prometheus/node-exporter` | | -| `image.tag` | Image tag | `v0.16.0` | | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | | -| `extraArgs` | Additional container arguments | `[]` | | -| `extraHostVolumeMounts` | Additional host volume mounts | {} | | -| `podLabels` | Additional labels to be added to pods | {} | | -| `rbac.create` | If true, create & use RBAC resources | `true` | | -| `rbac.pspEnabled` | Specifies whether a PodSecurityPolicy should be created. | `true` | | -| `resources` | CPU/Memory resource requests/limits | `{}` | | -| `service.type` | Service type | `ClusterIP` | | -| `service.port` | The service port | `9100` | | -| `service.targetPort` | The target port of the container | `9100` | | -| `service.nodePort` | The node port of the service | | | -| `service.annotations` | Kubernetes service annotations | `{prometheus.io/scrape: "true"}` | | -| `serviceAccount.create` | Specifies whether a service account should be created. | `true` | | -| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | | | -| `serviceAccount.imagePullSecrets` | Specify image pull secrets | `[]` | | -| `securityContext` | SecurityContext | `{"runAsNonRoot": true, "runAsUser": 65534}` | | -| `affinity` | A group of affinity scheduling rules for pod assignment | `{}` | | -| `nodeSelector` | Node labels for pod assignment | `{}` | | -| `tolerations` | List of node taints to tolerate | `- effect: NoSchedule operator: Exists` | | -| `priorityClassName` | Name of Priority Class to assign pods | `nil` | | -| `endpoints` | list of addresses that have node exporter deployed outside of the cluster | `[]` | | -| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | | -| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | | -| `prometheus.monitor.namespace` | namespace where servicemonitor resource should be created | `the same namespace as prometheus node exporter` | | - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -$ helm install --name my-release \ - --set serviceAccount.name=node-exporter \ - stable/prometheus-node-exporter -``` - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, - -```console -$ helm install --name my-release -f values.yaml stable/prometheus-node-exporter -``` diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/NOTES.txt b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/NOTES.txt deleted file mode 100755 index 4902798f..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/NOTES.txt +++ /dev/null @@ -1,15 +0,0 @@ -1. Get the application URL by running these commands: -{{- if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "prometheus-node-exporter.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:80 -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/_helpers.tpl b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/_helpers.tpl deleted file mode 100755 index 4f0e2dfe..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/_helpers.tpl +++ /dev/null @@ -1,55 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus-node-exporter.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus-node-exporter.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* Generate basic labels */}} -{{- define "prometheus-node-exporter.labels" }} -app: {{ template "prometheus-node-exporter.name" . }} -heritage: {{.Release.Service }} -release: {{.Release.Name }} -chart: {{ template "prometheus-node-exporter.chart" . }} -{{- if .Values.podLabels}} -{{ toYaml .Values.podLabels }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus-node-exporter.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - - -{{/* -Create the name of the service account to use -*/}} -{{- define "prometheus-node-exporter.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/daemonset.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/daemonset.yaml deleted file mode 100755 index dfb15f1d..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/daemonset.yaml +++ /dev/null @@ -1,98 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: DaemonSet -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }} - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} -spec: - selector: - matchLabels: - app: {{ template "prometheus-node-exporter.name" . }} - release: {{ .Release.Name }} - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - template: - metadata: - labels: {{ include "prometheus-node-exporter.labels" . | indent 8 }} - spec: -{{- if and .Values.rbac.create .Values.serviceAccount.create }} - serviceAccountName: {{ template "prometheus-node-exporter.serviceAccountName" . }} -{{- end }} -{{- if .Values.securityContext }} - securityContext: -{{ toYaml .Values.securityContext | indent 8 }} -{{- end }} -{{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} -{{- end }} - containers: - - name: node-exporter - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --path.procfs=/host/proc - - --path.sysfs=/host/sys - - --web.listen-address=0.0.0.0:{{ .Values.service.port }} -{{- if .Values.extraArgs }} -{{ toYaml .Values.extraArgs | indent 12 }} -{{- end }} - ports: - - name: metrics - containerPort: {{ .Values.service.targetPort }} - protocol: TCP - livenessProbe: - httpGet: - path: / - port: {{ .Values.service.port }} - readinessProbe: - httpGet: - path: / - port: {{ .Values.service.port }} - resources: -{{ toYaml .Values.resources | indent 12 }} - volumeMounts: - - name: proc - mountPath: /host/proc - readOnly: true - - name: sys - mountPath: /host/sys - readOnly: true - {{- if .Values.extraHostVolumeMounts }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - mountPath: {{ $mount.mountPath }} - readOnly: {{ $mount.readOnly }} - {{- if $mount.mountPropagation }} - mountPropagation: {{ $mount.mountPropagation }} - {{- end }} - {{- end }} - {{- end }} - hostNetwork: true - hostPID: true -{{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} -{{- end }} -{{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} -{{- end }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 8 }} - {{- end }} - volumes: - - name: proc - hostPath: - path: /proc - - name: sys - hostPath: - path: /sys - {{- if .Values.extraHostVolumeMounts }} - {{- range $_, $mount := .Values.extraHostVolumeMounts }} - - name: {{ $mount.name }} - hostPath: - path: {{ $mount.hostPath }} - {{- end }} - {{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/endpoints.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/endpoints.yaml deleted file mode 100755 index 4c5c75fa..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/endpoints.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.endpoints }} -apiVersion: v1 -kind: Endpoints -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }} - labels: -{{ include "prometheus-node-exporter.labels" . | indent 4 }} -subsets: - - addresses: - {{- range .Values.endpoints }} - - ip: {{ . }} - {{- end }} - ports: - - name: metrics - port: 9100 - protocol: TCP -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/monitor.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/monitor.yaml deleted file mode 100755 index 9c723e69..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/monitor.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.prometheus.monitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }} - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} - {{- if .Values.prometheus.monitor.additionalLabels }} -{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} - {{- end }} -spec: - selector: - matchLabels: - app: {{ template "prometheus-node-exporter.name" . }} - release: {{ .Release.Name }} - endpoints: - - port: metrics -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml deleted file mode 100755 index 3d0a636a..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.rbac.create }} -{{- if .Values.rbac.pspEnabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} - name: psp-{{ template "prometheus-node-exporter.fullname" . }} -rules: -- apiGroups: ['extensions'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "prometheus-node-exporter.fullname" . }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml deleted file mode 100755 index 50f7a149..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.rbac.create }} -{{- if .Values.rbac.pspEnabled }} -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} - name: psp-{{ template "prometheus-node-exporter.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: psp-{{ template "prometheus-node-exporter.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "prometheus-node-exporter.fullname" . }} - namespace: {{ .Release.Namespace }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp.yaml deleted file mode 100755 index 1fa6f289..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/psp.yaml +++ /dev/null @@ -1,51 +0,0 @@ -{{- if .Values.rbac.create }} -{{- if .Values.rbac.pspEnabled }} -apiVersion: extensions/v1beta1 -kind: PodSecurityPolicy -metadata: - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} - name: {{ template "prometheus-node-exporter.fullname" . }} -spec: - privileged: false - # Required to prevent escalations to root. - # allowPrivilegeEscalation: false - # This is redundant with non-root + disallow privilege escalation, - # but we can provide it for defense in depth. - #requiredDropCapabilities: - # - ALL - # Allow core volume types. - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - - 'hostPath' - hostNetwork: true - hostIPC: false - hostPID: true - hostPorts: - - min: 0 - max: 65535 - runAsUser: - # Permits the container to run with root privileges as well. - rule: 'RunAsAny' - seLinux: - # This policy assumes the nodes are using AppArmor rather than SELinux. - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/service.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/service.yaml deleted file mode 100755 index cffe547b..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "prometheus-node-exporter.fullname" . }} -{{- if .Values.service.annotations }} - annotations: -{{ toYaml .Values.service.annotations | indent 4 }} -{{- end }} - labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} - nodePort: {{ .Values.service.nodePort }} - {{- end }} - targetPort: {{ .Values.service.targetPort }} - protocol: TCP - name: metrics - selector: - app: {{ template "prometheus-node-exporter.name" . }} - release: {{ .Release.Name }} diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml deleted file mode 100755 index b70745aa..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.rbac.create -}} -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "prometheus-node-exporter.serviceAccountName" . }} - labels: - app: {{ template "prometheus-node-exporter.name" . }} - chart: {{ template "prometheus-node-exporter.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -imagePullSecrets: -{{ toYaml .Values.serviceAccount.imagePullSecrets | indent 2 }} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/values.yaml b/vnfs/DAaaS/collection/charts/prometheus-node-exporter/values.yaml deleted file mode 100755 index 14bcfc53..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus-node-exporter/values.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Default values for prometheus-node-exporter. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -image: - repository: quay.io/prometheus/node-exporter - tag: v0.17.0 - pullPolicy: IfNotPresent - -service: - type: ClusterIP - port: 9100 - targetPort: 9100 - nodePort: - annotations: - prometheus.io/scrape: "true" - -prometheus: - monitor: - enabled: false - additionalLabels: {} - namespace: "" - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 200m - # memory: 50Mi - # requests: - # cpu: 100m - # memory: 30Mi - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - imagePullSecrets: [] - -securityContext: - runAsNonRoot: true - runAsUser: 65534 - -rbac: - ## If true, create & use RBAC resources - ## - create: true - ## If true, create & use Pod Security Policy resources - ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ - pspEnabled: true - -# for deployments that have node_exporter deployed outside of the cluster, list -# their addresses here -endpoints: [] - -## Assign a group of affinity scheduling rules -## -affinity: {} -# nodeAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# nodeSelectorTerms: -# - matchFields: -# - key: metadata.name -# operator: In -# values: -# - target-host-name - -## Assign a nodeSelector if operating a hybrid cluster -## -nodeSelector: {} -# beta.kubernetes.io/arch: amd64 -# beta.kubernetes.io/os: linux - -tolerations: - - effect: NoSchedule - operator: Exists - -## Assign a PriorityClassName to pods if set -# priorityClassName: "" - -## Additional container arguments -## -extraArgs: {} -# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$ - -## Additional mounts from the host -## -extraHostVolumeMounts: {} -# - name: -# hostPath: -# mountPath: -# readOnly: true|false -# mountPropagation: None|HostToContainer|Bidirectional diff --git a/vnfs/DAaaS/collection/charts/prometheus/.helmignore b/vnfs/DAaaS/collection/charts/prometheus/.helmignore deleted file mode 100644 index 50af0317..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/vnfs/DAaaS/collection/charts/prometheus/Chart.yaml b/vnfs/DAaaS/collection/charts/prometheus/Chart.yaml deleted file mode 100644 index 6e7ddfbc..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: Prometheus instance with remote storage integrations. -name: prometheus -version: 0.1.0 diff --git a/vnfs/DAaaS/collection/charts/prometheus/templates/NOTES.txt b/vnfs/DAaaS/collection/charts/prometheus/templates/NOTES.txt deleted file mode 100644 index f8882883..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/templates/NOTES.txt +++ /dev/null @@ -1,15 +0,0 @@ -1. Get the application URL by running these commands: -{{ if contains "NodePort" .Values.prometheus.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus.fullname" . }}-prometheus) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.prometheus.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "prometheus.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "prometheus.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.prometheus.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "prometheus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:9090 to use your application" - kubectl port-forward $POD_NAME 9090:80 -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus/templates/_helpers.tpl b/vnfs/DAaaS/collection/charts/prometheus/templates/_helpers.tpl deleted file mode 100644 index 1ac77dd8..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/templates/_helpers.tpl +++ /dev/null @@ -1,47 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "prometheus.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "prometheus.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "prometheus.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* Create chart name and version as used by the chart label. */}} -{{- define "prometheus.chartref" -}} -{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}} -{{- end }} - -{{/* Generate basic labels */}} -{{- define "prometheus.labels" }} -chart: {{ template "prometheus.chartref" . }} -release: {{ .Release.Name | quote }} -heritage: {{ .Release.Service | quote }} -{{- if .Values.commonLabels}} -{{ toYaml .Values.commonLabels }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/collection/charts/prometheus/templates/prometheus.yaml b/vnfs/DAaaS/collection/charts/prometheus/templates/prometheus.yaml deleted file mode 100644 index 9c3d84c2..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/templates/prometheus.yaml +++ /dev/null @@ -1,47 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: Prometheus -metadata: - name: {{ template "prometheus.fullname" . }}-prometheus - labels: - app: {{ template "prometheus.name" . }}-prometheus - "helm.sh/hook": post-install - "helm.sh/hook-weight": "2" -spec: - serviceMonitorSelector: - matchLabels: - app: {{ template "prometheus.name" . }}-prometheus - release: {{ .Release.Name }} - serviceMonitorNamespaceSelector: - matchNames: - - {{ .Release.Namespace | quote }} - - # TODO: Templatizing multiple remote read/write. - # Especially Kafka adapater. - remoteRead: - - url: "{{ .Values.m3db.url }}/api/v1/prom/remote/read" - # To test reading even when local Prometheus has the data - readRecent: true - remoteWrite: - - url: "{{ .Values.m3db.url }}/api/v1/prom/remote/write" - # To differentiate between local and remote storage we will add a storage label - writeRelabelConfigs: - - targetLabel: metrics_storage - replacement: m3db_remote - - url: "{{ .Values.kafkaAdapter.url }}/receive" - containers: - - name: {{ template "prometheus.name" . }}-adapter - image: "{{ .Values.kafkaAdapter.image.repository }}:{{ .Values.kafkaAdapter.image.tag }}" - imagePullPolicy: {{ .Values.kafkaAdapter.image.pullPolicy }} - env: - - name: KAFKA_BROKER_LIST - value: {{ .Values.kafkaAdapter.broker }} - - name: KAFKA_TOPIC - value: {{ .Values.kafkaAdapter.topic }} - - name: SERIALIZATION_FORMAT - value: {{ .Values.kafkaAdapter.serializationFormat }} - - name: PORT - value: {{ quote .Values.kafkaAdapter.port }} - - name: LOG_LEVEL - value: {{ .Values.kafkaAdapter.logLevel }} - resources: -{{ toYaml .Values.kafkaAdapter.resources | indent 6 }} diff --git a/vnfs/DAaaS/collection/charts/prometheus/templates/service.yaml b/vnfs/DAaaS/collection/charts/prometheus/templates/service.yaml deleted file mode 100644 index 0114ed2e..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/templates/service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "prometheus.fullname" . }}-prometheus - labels: - app: {{ template "prometheus.name" . }}-prometheus -{{- if .Values.prometheus.service.annotations }} - annotations: -{{ toYaml .Values.prometheus.service.annotations | indent 4 }} -{{- end }} -spec: -{{- if .Values.prometheus.service.clusterIP }} - clusterIP: {{ .Values.prometheus.service.clusterIP }} -{{- end }} -{{- if .Values.prometheus.service.externalIPs }} - externalIPs: -{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }} -{{- end }} -{{- if .Values.prometheus.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }} -{{- end }} -{{- if .Values.prometheus.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} -{{- end }} - ports: - - name: web - {{- if eq .Values.prometheus.service.type "NodePort" }} - nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.prometheus.service.nodePort }} - {{- end }} - port: 9090 - targetPort: web - selector: - app: prometheus - prometheus: {{ template "prometheus.fullname" . }}-prometheus - type: "{{ .Values.prometheus.service.type }}" diff --git a/vnfs/DAaaS/collection/charts/prometheus/templates/servicemonitor.yaml b/vnfs/DAaaS/collection/charts/prometheus/templates/servicemonitor.yaml deleted file mode 100644 index ea2b81b6..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/templates/servicemonitor.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.prometheus.additionalServiceMonitors }} -apiVersion: v1 -kind: List -items: -{{- range .Values.prometheus.additionalServiceMonitors }} - - apiVersion: "monitoring.coreos.com/v1" - kind: ServiceMonitor - metadata: - name: {{ .name }} - "helm.sh/hook": post-install - "helm.sh/hook-weight": "1" - labels: - app: {{ template "prometheus.name" $ }}-prometheus -{{ include "prometheus.labels" $ | indent 8 }} - {{- if .additionalLabels }} -{{ toYaml .additionalLabels | indent 8 }} - {{- end }} - spec: - endpoints: -{{ toYaml .endpoints | indent 8 }} - {{- if .jobLabel }} - jobLabel: {{ .jobLabel }} - {{- end }} - namespaceSelector: - matchNames: - - {{ $.Release.Namespace | quote }} - selector: -{{ toYaml .selector | indent 8 }} release: {{ $.Release.Name | quote }} -{{- end }} -{{- end }} diff --git a/vnfs/DAaaS/collection/charts/prometheus/values.yaml b/vnfs/DAaaS/collection/charts/prometheus/values.yaml deleted file mode 100644 index 4398f52f..00000000 --- a/vnfs/DAaaS/collection/charts/prometheus/values.yaml +++ /dev/null @@ -1,79 +0,0 @@ -## Deploy a Prometheus instance -## -prometheus: - additionalServiceMonitors: - - name: service-monitor-collectd - additionalLabels: - collector: collectd - jobLabel: collectd - selector: - matchLabels: - app: collectd - endpoints: - - port: collectd-prometheus - interval: 10s - path: /metrics - - name: service-monitor-node-exporter - additionalLabels: - collector: prometheus-node-exporter - jobLabel: node-exporter - selector: - matchLabels: - app: prometheus-node-exporter - endpoints: - - port: metrics - interval: 30s - - name: service-monitor-cadvisor - additionalLabels: - collector: cadvisor - jobLabel: cadvisor - selector: - matchLabels: - app: cadvisor - endpoints: - - port: cadvisor-prometheus - interval: 10s - path: /metrics - - service: - annotations: {} - labels: {} - clusterIP: "" - - ## To be used with a proxy extraContainer port - targetPort: 9090 - - ## List of IP addresses at which the Prometheus server service is available - ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips - ## - externalIPs: [] - - ## Port to expose on each node - ## Only used if service.type is 'NodePort' - ## - nodePort: 90 - - ## Loadbalancer IP - ## Only use if service.type is "loadbalancer" - loadBalancerIP: "" - loadBalancerSourceRanges: [] - ## Service type - ## - type: NodePort - - sessionAffinity: "" -m3db: - url: http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201 - -kafkaAdapter: - image: - repository: telefonica/prometheus-kafka-adapter - tag: 1.2.0 - pullPolicy: IfNotPresent - url: http://localhost:8080 - port: 8080 - broker: my-cluster-kafka-bootstrap.msg.svc.cluster.local:9092 - topic: orders - serializationFormat: json - logLevel: debug - resources: {} diff --git a/vnfs/DAaaS/collection/values.yaml b/vnfs/DAaaS/collection/values.yaml deleted file mode 100644 index 7fd13869..00000000 --- a/vnfs/DAaaS/collection/values.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright © 2019 Intel Corporation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 300 - repository: nexus3.onap.org:10001 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Collection Package Day-0 configuration defaults. -################################################################# diff --git a/vnfs/DAaaS/day2_configs/collectd/README.txt b/vnfs/DAaaS/day2_configs/collectd/README.txt deleted file mode 100644 index e1d6e7da..00000000 --- a/vnfs/DAaaS/day2_configs/collectd/README.txt +++ /dev/null @@ -1,14 +0,0 @@ -Assuming initial/day0 config in namespace "edge1" and helm release name as "cp" (helm install -n cp collection/ --namespace=edge1) - -*******************Day2 config (add more plugins) -This day2 config adds cpu, memory and cpufreq plugins to existing config - -Run below commands to apply day2 config - -1. kubectl patch --namespace=edge1 configmaps cp-collectd-config -p "$(cat add_plugins.yaml)" - -2. Restart pods: kubectl delete pods --namespace=edge1 cp-collectd-db7mf cp-collectd-pfc9t cp-collectd-sqjvq - - -************Day3 config (replace image being used) -1. kubectl patch --namespace=edge1 daemonset cp-collectd -p "$(cat replace_image.yaml)" diff --git a/vnfs/DAaaS/day2_configs/collectd/add_plugins.yaml b/vnfs/DAaaS/day2_configs/collectd/add_plugins.yaml deleted file mode 100644 index 9e80ce8d..00000000 --- a/vnfs/DAaaS/day2_configs/collectd/add_plugins.yaml +++ /dev/null @@ -1,47 +0,0 @@ -data: - node-collectd.conf: |- - FQDNLookup false - - LoadPlugin cpu - LoadPlugin memory - LoadPlugin cpufreq - LoadPlugin disk - LoadPlugin ethstat - LoadPlugin ipc - LoadPlugin ipmi - LoadPlugin load - LoadPlugin numa - LoadPlugin processes - LoadPlugin df - LoadPlugin turbostat - LoadPlugin uptime - LoadPlugin contextswitch - LoadPlugin irq - LoadPlugin df - LoadPlugin swap - LoadPlugin write_prometheus - - LoadPlugin logfile - - LogLevel info - File "/var/log/collectd.log" - Timestamp true - PrintSeverity false - - - Interval 5 - ReportByState false - ReportByCpu false - - - - Interval 30 - ValuesAbsolute false - ValuesPercentage true - - - - Port "{{ .Values.prometheus_port }}" - - - #Last line (collectd requires ‘\n’ at the last line) diff --git a/vnfs/DAaaS/day2_configs/collectd/replace_image.yaml b/vnfs/DAaaS/day2_configs/collectd/replace_image.yaml deleted file mode 100644 index 44e66948..00000000 --- a/vnfs/DAaaS/day2_configs/collectd/replace_image.yaml +++ /dev/null @@ -1,6 +0,0 @@ -spec: - template: - spec: - containers: - - name: collectd - image: "opnfv/barometer-collectd:stable" diff --git a/vnfs/DAaaS/day2_configs/prometheus/README.txt b/vnfs/DAaaS/day2_configs/prometheus/README.txt deleted file mode 100644 index 99b63fac..00000000 --- a/vnfs/DAaaS/day2_configs/prometheus/README.txt +++ /dev/null @@ -1,7 +0,0 @@ -This day2 config adds a remote_write to existing config - -Assuming initial/day0 config in namespace "edge1" and helm release name as "cp" (helm install -n cp collection/ --namespace=edge1) - -Run below command to apply day2 config - -kubectl patch --namespace=edge1 prometheus cp-prometheus-prometheus -p "$(cat add_remote_write.yaml)" --type=merge diff --git a/vnfs/DAaaS/day2_configs/prometheus/add_remote_write.yaml b/vnfs/DAaaS/day2_configs/prometheus/add_remote_write.yaml deleted file mode 100644 index 48af9017..00000000 --- a/vnfs/DAaaS/day2_configs/prometheus/add_remote_write.yaml +++ /dev/null @@ -1,13 +0,0 @@ -spec: - remoteRead: - - url: "http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201/api/v1/prom/remote/read" - readRecent: true - remoteWrite: - - url: "http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201/api/v1/prom/remote/write" - writeRelabelConfigs: - - targetLabel: metrics_storage - replacement: m3db_remote - - url: "http://m3coordinator-m3db-cluster.edge1.svc.cluster.local:7201/api/v1/prom/remote/write" - writeRelabelConfigs: - - targetLabel: metrics_storage_day2 - replacement: m3db_remote_day2 diff --git a/vnfs/DAaaS/deploy/00-init/gloo/.helmignore b/vnfs/DAaaS/deploy/00-init/gloo/.helmignore new file mode 100755 index 00000000..08c5989a --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/.helmignore @@ -0,0 +1,28 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +# template files +*-template.yaml + +# generator files +*.go +generate/ diff --git a/vnfs/DAaaS/deploy/00-init/gloo/Chart.yaml b/vnfs/DAaaS/deploy/00-init/gloo/Chart.yaml new file mode 100755 index 00000000..4f5e9315 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +description: Gloo Helm chart for Kubernetes +home: https://gloo.solo.io/ +icon: https://raw.githubusercontent.com/solo-io/gloo/master/docs/img/Gloo-01.png +name: gloo +sources: +- https://github.com/solo-io/gloo +version: 0.13.18 diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/0-namespace.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/0-namespace.yaml new file mode 100755 index 00000000..92a37f9d --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/0-namespace.yaml @@ -0,0 +1,10 @@ +{{- if .Values.namespace.create -}} +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Release.Namespace }} + labels: + app: gloo + annotations: + "helm.sh/hook": pre-install +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/10-ingress-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/10-ingress-deployment.yaml new file mode 100755 index 00000000..7314b4e3 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/10-ingress-deployment.yaml @@ -0,0 +1,40 @@ +{{- if or (.Values.ingress.enabled) (.Values.settings.integrations.knative.enabled) }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: ingress + name: ingress + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.ingress.deployment.replicas }} + selector: + matchLabels: + gloo: ingress + template: + metadata: + labels: + gloo: ingress + spec: + containers: + - image: "{{ .Values.ingress.deployment.image.repository }}:{{ .Values.ingress.deployment.image.tag }}" + imagePullPolicy: {{ .Values.ingress.deployment.image.pullPolicy }} + name: ingress + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace +{{- if .Values.settings.integrations.knative.enabled }} + - name: "ENABLE_KNATIVE_INGRESS" + value: "true" +{{- end }} + +{{- if not (.Values.ingress.enabled) }} + - name: "DISABLE_KUBE_INGRESS" + value: "true" +{{- end }} + + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/100-gloo-crds.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/100-gloo-crds.yaml new file mode 100755 index 00000000..2c111170 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/100-gloo-crds.yaml @@ -0,0 +1,111 @@ +{{- if .Values.crds.create }} +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: settings.gloo.solo.io + annotations: + "helm.sh/hook": crd-install + labels: + gloo: settings +spec: + group: gloo.solo.io + names: + kind: Settings + listKind: SettingsList + plural: settings + shortNames: + - st + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: gateways.gateway.solo.io + annotations: + "helm.sh/hook": crd-install +spec: + group: gateway.solo.io + names: + kind: Gateway + listKind: GatewayList + plural: gateways + shortNames: + - gw + singular: gateway + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: virtualservices.gateway.solo.io + annotations: + "helm.sh/hook": crd-install +spec: + group: gateway.solo.io + names: + kind: VirtualService + listKind: VirtualServiceList + plural: virtualservices + shortNames: + - vs + singular: virtualservice + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: proxies.gloo.solo.io + annotations: + "helm.sh/hook": crd-install +spec: + group: gloo.solo.io + names: + kind: Proxy + listKind: ProxyList + plural: proxies + shortNames: + - px + singular: proxy + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: upstreams.gloo.solo.io + annotations: + "helm.sh/hook": crd-install +spec: + group: gloo.solo.io + names: + kind: Upstream + listKind: UpstreamList + plural: upstreams + shortNames: + - us + singular: upstream + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: upstreamgroups.gloo.solo.io + annotations: + "helm.sh/hook": crd-install +spec: + group: gloo.solo.io + names: + kind: UpstreamGroup + listKind: UpstreamGroupList + plural: upstreamgroups + shortNames: + - ug + singular: upstreamgroup + scope: Namespaced + version: v1 +--- +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/101-knative-crds-0.5.1.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/101-knative-crds-0.5.1.yaml new file mode 100755 index 00000000..3c9987ef --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/101-knative-crds-0.5.1.yaml @@ -0,0 +1,343 @@ +{{- if .Values.settings.integrations.knative.enabled }} + +--- +# ↓ required as knative dependency on istio crds is hard-coded right now ↓ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: virtualservices.networking.istio.io + annotations: + "helm.sh/hook": crd-install + labels: + app: istio-pilot +spec: + group: networking.istio.io + names: + kind: VirtualService + listKind: VirtualServiceList + plural: virtualservices + singular: virtualservice + categories: + - istio-io + - networking-istio-io + scope: Namespaced + version: v1alpha3 + +# ↑ required as knative dependency on istio crds is hard-coded right now ↑ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: certificates.networking.internal.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + group: networking.internal.knative.dev + names: + categories: + - all + - knative-internal + - networking + kind: Certificate + plural: certificates + shortNames: + - kcert + singular: certificate + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: clusteringresses.networking.internal.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: networking.internal.knative.dev + names: + categories: + - all + - knative-internal + - networking + kind: ClusterIngress + plural: clusteringresses + singular: clusteringress + scope: Cluster + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: configurations.serving.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.latestCreatedRevisionName + name: LatestCreated + type: string + - JSONPath: .status.latestReadyRevisionName + name: LatestReady + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: serving.knative.dev + names: + categories: + - all + - knative + - serving + kind: Configuration + plural: configurations + shortNames: + - config + - cfg + singular: configuration + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + name: images.caching.internal.knative.dev +spec: + group: caching.internal.knative.dev + names: + categories: + - all + - knative-internal + - caching + kind: Image + plural: images + shortNames: + - img + singular: image + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: podautoscalers.autoscaling.internal.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: autoscaling.internal.knative.dev + names: + categories: + - all + - knative-internal + - autoscaling + kind: PodAutoscaler + plural: podautoscalers + shortNames: + - kpa + singular: podautoscaler + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: revisions.serving.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.serviceName + name: Service Name + type: string + - JSONPath: .metadata.labels['serving\.knative\.dev/configurationGeneration'] + name: Generation + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: serving.knative.dev + names: + categories: + - all + - knative + - serving + kind: Revision + plural: revisions + shortNames: + - rev + singular: revision + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: routes.serving.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.domain + name: Domain + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: serving.knative.dev + names: + categories: + - all + - knative + - serving + kind: Route + plural: routes + shortNames: + - rt + singular: route + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: services.serving.knative.dev +spec: + additionalPrinterColumns: + - JSONPath: .status.domain + name: Domain + type: string + - JSONPath: .status.latestCreatedRevisionName + name: LatestCreated + type: string + - JSONPath: .status.latestReadyRevisionName + name: LatestReady + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + group: serving.knative.dev + names: + categories: + - all + - knative + - serving + kind: Service + plural: services + shortNames: + - kservice + - ksvc + singular: service + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/hook": crd-install + labels: + knative.dev/crd-install: "true" + serving.knative.dev/release: devel + name: serverlessservices.networking.internal.knative.dev +spec: + group: networking.internal.knative.dev + names: + categories: + - all + - knative-internal + - networking + kind: ServerlessService + plural: serverlessservices + shortNames: + - sks + singular: serverlessservice + scope: Namespaced + subresources: + status: {} + version: v1alpha1 + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/11-ingress-proxy-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/11-ingress-proxy-deployment.yaml new file mode 100755 index 00000000..5dc131e5 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/11-ingress-proxy-deployment.yaml @@ -0,0 +1,65 @@ +{{- if .Values.ingress.enabled }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: ingress-proxy + name: ingress-proxy + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.ingressProxy.deployment.replicas }} + selector: + matchLabels: + gloo: ingress-proxy + template: + metadata: + labels: + gloo: ingress-proxy +{{- with .Values.ingressProxy.deployment.extraAnnotations }} + annotations: +{{toYaml . | indent 8}}{{- end }} + spec: + containers: + - args: ["--disable-hot-restart"] + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: "{{ .Values.ingressProxy.deployment.image.repository }}:{{ .Values.ingressProxy.deployment.image.tag }}" + imagePullPolicy: {{ .Values.ingressProxy.deployment.image.pullPolicy }} + name: ingress-proxy + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + ports: + - containerPort: {{ .Values.ingressProxy.deployment.httpPort }} + name: http + protocol: TCP + - containerPort: {{ .Values.ingressProxy.deployment.httpsPort }} + name: https + protocol: TCP +{{- with .Values.ingressProxy.deployment.extraPorts }} +{{toYaml . | indent 8}}{{- end }} + volumeMounts: + - mountPath: /etc/envoy + name: envoy-config + {{- if .Values.ingressProxy.deployment.image.pullSecret }} + imagePullSecrets: + - name: {{ .Values.ingressProxy.deployment.image.pullSecret }}{{end}} + volumes: + - configMap: + name: ingress-envoy-config + name: envoy-config + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/12-ingress-proxy-configmap.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/12-ingress-proxy-configmap.yaml new file mode 100755 index 00000000..8938a477 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/12-ingress-proxy-configmap.yaml @@ -0,0 +1,52 @@ +{{- if .Values.ingress.enabled }} +# configmap +apiVersion: v1 +kind: ConfigMap +metadata: + name: ingress-envoy-config + namespace: {{ .Release.Namespace }} + labels: + app: gloo + gloo: gateway-proxy +data: +{{ if (empty .Values.ingressProxy.configMap.data) }} + envoy.yaml: | + node: + cluster: ingress + id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" + metadata: + # this line must match ! + role: "{{ "{{" }}.PodNamespace{{ "}}" }}~ingress-proxy" + static_resources: + clusters: + - name: xds_cluster + connect_timeout: 5.000s + load_assignment: + cluster_name: xds_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: gloo + port_value: {{ .Values.gloo.deployment.xdsPort }} + http2_protocol_options: {} + type: STRICT_DNS + dynamic_resources: + ads_config: + api_type: GRPC + grpc_services: + - envoy_grpc: {cluster_name: xds_cluster} + cds_config: + ads: {} + lds_config: + ads: {} + admin: + access_log_path: /dev/null + address: + socket_address: + address: 127.0.0.1 + port_value: 19000 +{{- else}}{{ toYaml .Values.ingressProxy.configMap.data | indent 2}}{{- end}} + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/13-ingress-proxy-service.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/13-ingress-proxy-service.yaml new file mode 100755 index 00000000..583e8bcd --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/13-ingress-proxy-service.yaml @@ -0,0 +1,23 @@ +{{- if .Values.ingress.enabled }} +apiVersion: v1 +kind: Service +metadata: + labels: + app: gloo + gloo: ingress-proxy + name: ingress-proxy + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: {{ .Values.ingressProxy.deployment.httpPort }} + protocol: TCP + name: http + - port: {{ .Values.ingressProxy.deployment.httpsPort }} + protocol: TCP + name: https + selector: + gloo: ingress-proxy + type: LoadBalancer + + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml new file mode 100755 index 00000000..fb7874eb --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/14-clusteringress-proxy-deployment.yaml @@ -0,0 +1,58 @@ +{{- if .Values.settings.integrations.knative.enabled }} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: clusteringress-proxy + name: clusteringress-proxy + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.settings.integrations.knative.proxy.replicas }} + selector: + matchLabels: + gloo: clusteringress-proxy + template: + metadata: + labels: + gloo: clusteringress-proxy + spec: + containers: + - args: ["--disable-hot-restart"] + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: {{ .Values.settings.integrations.knative.proxy.image.repository }}:{{ .Values.settings.integrations.knative.proxy.image.tag }} + imagePullPolicy: {{ .Values.settings.integrations.knative.proxy.image.pullPolicy }} + name: clusteringress-proxy + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + ports: + - containerPort: {{ .Values.settings.integrations.knative.proxy.httpPort }} + name: http + protocol: TCP + - containerPort: {{ .Values.settings.integrations.knative.proxy.httpsPort }} + name: https + protocol: TCP + volumeMounts: + - mountPath: /etc/envoy + name: envoy-config + volumes: + - configMap: + name: clusteringress-envoy-config + name: envoy-config + +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml new file mode 100755 index 00000000..85a6421f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/15-clusteringress-proxy-configmap.yaml @@ -0,0 +1,49 @@ +{{- if .Values.settings.integrations.knative.enabled }} +# configmap +apiVersion: v1 +kind: ConfigMap +metadata: + name: clusteringress-envoy-config + namespace: {{ .Release.Namespace }} + labels: + app: gloo + gloo: clusteringress-proxy +data: + envoy.yaml: | + node: + cluster: clusteringress + id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" + metadata: + # this line must match ! + role: "{{ "{{" }}.PodNamespace{{ "}}" }}~clusteringress-proxy" + static_resources: + clusters: + - name: xds_cluster + connect_timeout: 5.000s + load_assignment: + cluster_name: xds_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: gloo + port_value: {{ .Values.gloo.deployment.xdsPort }} + http2_protocol_options: {} + type: STRICT_DNS + dynamic_resources: + ads_config: + api_type: GRPC + grpc_services: + - envoy_grpc: {cluster_name: xds_cluster} + cds_config: + ads: {} + lds_config: + ads: {} + admin: + access_log_path: /dev/null + address: + socket_address: + address: 127.0.0.1 + port_value: 19000 +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/16-clusteringress-proxy-service.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/16-clusteringress-proxy-service.yaml new file mode 100755 index 00000000..7e25bee9 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/16-clusteringress-proxy-service.yaml @@ -0,0 +1,21 @@ +{{- if .Values.settings.integrations.knative.enabled }} +apiVersion: v1 +kind: Service +metadata: + labels: + app: gloo + gloo: clusteringress-proxy + name: clusteringress-proxy + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: {{ .Values.settings.integrations.knative.proxy.httpPort }} + protocol: TCP + name: http + - port: {{ .Values.settings.integrations.knative.proxy.httpsPort }} + protocol: TCP + name: https + selector: + gloo: clusteringress-proxy + type: LoadBalancer +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml new file mode 100755 index 00000000..a73cf1f2 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/17-knative-no-istio-0.5.1.yaml @@ -0,0 +1,982 @@ +{{- if .Values.settings.integrations.knative.enabled }} +apiVersion: v1 +kind: Namespace +metadata: + labels: + app: gloo + istio-injection: enabled + serving.knative.dev/release: devel + name: knative-serving + +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + serving.knative.dev/controller: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + serving.knative.dev/release: devel + name: knative-serving-admin +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + serving.knative.dev/controller: "true" + serving.knative.dev/release: devel + name: knative-serving-core +rules: + - apiGroups: + - "" + resources: + - pods + - namespaces + - secrets + - configmaps + - endpoints + - services + - events + - serviceaccounts + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - extensions + resources: + - ingresses + - deployments + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - apps + resources: + - deployments + - deployments/scale + - statefulsets + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - serving.knative.dev + resources: + - configurations + - routes + - revisions + - services + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - serving.knative.dev + resources: + - configurations/status + - routes/status + - revisions/status + - services/status + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - autoscaling.internal.knative.dev + resources: + - podautoscalers + - podautoscalers/status + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - caching.internal.knative.dev + resources: + - images + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + - apiGroups: + - networking.internal.knative.dev + resources: + - clusteringresses + - clusteringresses/status + - serverlessservices + - serverlessservices/status + verbs: + - get + - list + - create + - update + - delete + - deletecollection + - patch + - watch + - apiGroups: + - networking.istio.io + resources: + - virtualservices + verbs: + - get + - list + - create + - update + - delete + - patch + - watch + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + serving.knative.dev/release: devel + name: controller + namespace: knative-serving + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + serving.knative.dev/release: devel + name: knative-serving-controller-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: knative-serving-admin +subjects: + - kind: ServiceAccount + name: controller + namespace: knative-serving + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: activator + serving.knative.dev/release: devel + name: activator-service + namespace: knative-serving +spec: + ports: + - name: http + nodePort: null + port: 80 + protocol: TCP + targetPort: 8080 + - name: http2 + port: 81 + protocol: TCP + targetPort: 8081 + - name: metrics + nodePort: null + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + app: activator + type: ClusterIP + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: controller + serving.knative.dev/release: devel + name: controller + namespace: knative-serving +spec: + ports: + - name: metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + app: controller + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + role: webhook + serving.knative.dev/release: devel + name: webhook + namespace: knative-serving +spec: + ports: + - port: 443 + targetPort: 443 + selector: + role: webhook + +--- +apiVersion: caching.internal.knative.dev/v1alpha1 +kind: Image +metadata: + labels: + serving.knative.dev/release: devel + name: queue-proxy + namespace: knative-serving +spec: + image: gcr.io/knative-releases/github.com/knative/serving/cmd/queue@sha256:b5c759e4ea6f36ae4498c1ec794653920345b9ad7492731fb1d6087e3b95dc43 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + serving.knative.dev/release: devel + name: activator + namespace: knative-serving +spec: + selector: + matchLabels: + app: activator + role: activator + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: activator + role: activator + serving.knative.dev/release: devel + spec: + containers: + - args: + - -logtostderr=false + - -stderrthreshold=FATAL + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + image: gcr.io/knative-releases/github.com/knative/serving/cmd/activator@sha256:60630ac88d8cb67debd1e2ab1ecd6ec3ff6cbab2336dda8e7ae1c01ebead76c0 + livenessProbe: + httpGet: + path: /healthz + port: 8080 + name: activator + ports: + - containerPort: 8080 + name: http1-port + - containerPort: 8081 + name: h2c-port + - containerPort: 9090 + name: metrics-port + readinessProbe: + httpGet: + path: /healthz + port: 8080 + resources: + limits: + cpu: 200m + memory: 600Mi + requests: + cpu: 20m + memory: 60Mi + volumeMounts: + - mountPath: /etc/config-logging + name: config-logging + - mountPath: /etc/config-observability + name: config-observability + serviceAccountName: controller + volumes: + - configMap: + name: config-logging + name: config-logging + - configMap: + name: config-observability + name: config-observability + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: autoscaler + serving.knative.dev/release: devel + name: autoscaler + namespace: knative-serving +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + - name: metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + app: autoscaler + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + serving.knative.dev/release: devel + name: autoscaler + namespace: knative-serving +spec: + replicas: 1 + selector: + matchLabels: + app: autoscaler + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: autoscaler + spec: + containers: + - env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + image: gcr.io/knative-releases/github.com/knative/serving/cmd/autoscaler@sha256:442f99e3a55653b19137b44c1d00f681b594d322cb39c1297820eb717e2134ba + name: autoscaler + ports: + - containerPort: 8080 + name: websocket + - containerPort: 9090 + name: metrics + resources: + limits: + cpu: 300m + memory: 400Mi + requests: + cpu: 30m + memory: 40Mi + volumeMounts: + - mountPath: /etc/config-autoscaler + name: config-autoscaler + - mountPath: /etc/config-logging + name: config-logging + - mountPath: /etc/config-observability + name: config-observability + serviceAccountName: controller + volumes: + - configMap: + name: config-autoscaler + name: config-autoscaler + - configMap: + name: config-logging + name: config-logging + - configMap: + name: config-observability + name: config-observability + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # The Revision ContainerConcurrency field specifies the maximum number + # of requests the Container can handle at once. Container concurrency + # target percentage is how much of that maximum to use in a stable + # state. E.g. if a Revision specifies ContainerConcurrency of 10, then + # the Autoscaler will try to maintain 7 concurrent connections per pod + # on average. A value of 0.7 is chosen because the Autoscaler panics + # when concurrency exceeds 2x the desired set point. So we will panic + # before we reach the limit. + container-concurrency-target-percentage: "1.0" + + # The container concurrency target default is what the Autoscaler will + # try to maintain when the Revision specifies unlimited concurrency. + # Even when specifying unlimited concurrency, the autoscaler will + # horizontally scale the application based on this target concurrency. + # + # A value of 100 is chosen because it's enough to allow vertical pod + # autoscaling to tune resource requests. E.g. maintaining 1 concurrent + # "hello world" request doesn't consume enough resources to allow VPA + # to achieve efficient resource usage (VPA CPU minimum is 300m). + container-concurrency-target-default: "100" + + # When operating in a stable mode, the autoscaler operates on the + # average concurrency over the stable window. + stable-window: "60s" + + # When observed average concurrency during the panic window reaches 2x + # the target concurrency, the autoscaler enters panic mode. When + # operating in panic mode, the autoscaler operates on the average + # concurrency over the panic window. + panic-window: "6s" + + # Max scale up rate limits the rate at which the autoscaler will + # increase pod count. It is the maximum ratio of desired pods versus + # observed pods. + max-scale-up-rate: "10" + + # Scale to zero feature flag + enable-scale-to-zero: "true" + + # Tick interval is the time between autoscaling calculations. + tick-interval: "2s" + + # Dynamic parameters (take effect when config map is updated): + + # Scale to zero grace period is the time an inactive revision is left + # running before it is scaled to zero (min: 30s). + scale-to-zero-grace-period: "30s" +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-autoscaler + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # List of repositories for which tag to digest resolving should be skipped + registriesSkippingTagResolving: "ko.local,dev.local" + queueSidecarImage: gcr.io/knative-releases/github.com/knative/serving/cmd/queue@sha256:b5c759e4ea6f36ae4498c1ec794653920345b9ad7492731fb1d6087e3b95dc43 +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-controller + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # revision-timeout-seconds contains the default number of + # seconds to use for the revision's per-request timeout, if + # none is specified. + revision-timeout-seconds: "300" # 5 minutes + + # revision-cpu-request contains the cpu allocation to assign + # to revisions by default. + revision-cpu-request: "400m" # 0.4 of a CPU (aka 400 milli-CPU) +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-defaults + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # Default value for domain. + # Although it will match all routes, it is the least-specific rule so it + # will only be used if no other domain matches. + example.com: | + + # These are example settings of domain. + # example.org will be used for routes having app=nonprofit. + example.org: | + selector: + app: nonprofit + + # Routes having domain suffix of 'svc.cluster.local' will not be exposed + # through Ingress. You can define your own label selector to assign that + # domain suffix to your Route here, or you can set the label + # "serving.knative.dev/visibility=cluster-local" + # to achieve the same effect. This shows how to make routes having + # the label app=secret only exposed to the local cluster. + svc.cluster.local: | + selector: + app: secret +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-domain + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # Delay after revision creation before considering it for GC + stale-revision-create-delay: "24h" + + # Duration since a route has been pointed at a revision before it should be GC'd + # This minus lastpinned-debounce be longer than the controller resync period (10 hours) + stale-revision-timeout: "15h" + + # Minimum number of generations of revisions to keep before considering for GC + stale-revision-minimum-generations: "1" + + # To avoid constant updates, we allow an existing annotation to be stale by this + # amount before we update the timestamp + stale-revision-lastpinned-debounce: "5h" +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-gc + namespace: knative-serving + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + networking.knative.dev/ingress-provider: istio + serving.knative.dev/release: devel + name: config-istio + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # Common configuration for all Knative codebase + zap-logger-config: | + { + "level": "info", + "development": false, + "outputPaths": ["stdout"], + "errorOutputPaths": ["stderr"], + "encoding": "json", + "encoderConfig": { + "timeKey": "ts", + "levelKey": "level", + "nameKey": "logger", + "callerKey": "caller", + "messageKey": "msg", + "stacktraceKey": "stacktrace", + "lineEnding": "", + "levelEncoder": "", + "timeEncoder": "iso8601", + "durationEncoder": "", + "callerEncoder": "" + } + } + + # Log level overrides + # For all components except the autoscaler and queue proxy, + # changes are be picked up immediately. + # For autoscaler and queue proxy, changes require recreation of the pods. + loglevel.controller: "info" + loglevel.autoscaler: "info" + loglevel.queueproxy: "info" + loglevel.webhook: "info" + loglevel.activator: "info" +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-logging + namespace: knative-serving + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-network + namespace: knative-serving + +--- +apiVersion: v1 +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this block and unindented to actually change the configuration. + + # logging.enable-var-log-collection defaults to false. + # A fluentd sidecar will be set up to collect var log if + # this flag is true. + logging.enable-var-log-collection: false + + # logging.fluentd-sidecar-image provides the fluentd sidecar image + # to inject as a sidecar to collect logs from /var/log. + # Must be presented if logging.enable-var-log-collection is true. + logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 + + # logging.fluentd-sidecar-output-config provides the configuration + # for the fluentd sidecar, which will be placed into a configmap and + # mounted into the fluentd sidecar image. + logging.fluentd-sidecar-output-config: | + # Parse json log before sending to Elastic Search + + @type parser + key_name log + + @type multi_format + + format json + time_key fluentd-time # fluentd-time is reserved for structured logs + time_format %Y-%m-%dT%H:%M:%S.%NZ + + + format none + message_key log + + + + # Send to Elastic Search + + @id elasticsearch + @type elasticsearch + @log_level info + include_tag_key true + # Elasticsearch service is in monitoring namespace. + host elasticsearch-logging.knative-monitoring + port 9200 + logstash_format true + + @type file + path /var/log/fluentd-buffers/kubernetes.system.buffer + flush_mode interval + retry_type exponential_backoff + flush_thread_count 2 + flush_interval 5s + retry_forever + retry_max_interval 30 + chunk_limit_size 2M + queue_limit_length 8 + overflow_action block + + + + # logging.revision-url-template provides a template to use for producing the + # logging URL that is injected into the status of each Revision. + # This value is what you might use the the Knative monitoring bundle, and provides + # access to Kibana after setting up kubectl proxy. + logging.revision-url-template: | + http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) + + # If non-empty, this enables queue proxy writing request logs to stdout. + # The value determines the shape of the request logs and it must be a valid go text/template. + # It is important to keep this as a single line. Multiple lines are parsed as separate entities + # by most collection agents and will split the request logs into multiple records. + # + # The following fields and functions are available to the template: + # + # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) + # representing an HTTP request received by the server. + # + # Response: + # struct { + # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) + # Size int // An int representing the size of the response. + # Latency float64 // A float64 representing the latency of the response in seconds. + # } + # + # Revision: + # struct { + # Name string // Knative revision name + # Namespace string // Knative revision namespace + # Service string // Knative service name + # Configuration string // Knative configuration name + # PodName string // Name of the pod hosting the revision + # PodIP string // IP of the pod hosting the revision + # } + # + logging.request-log-template: '{"httpRequest": {"requestMethod": "{{ "{{" }}.Request.Method{{ "{{" }}", "requestUrl": "{{ "{{" }}js .Request.RequestURI{{ "{{" }}", "requestSize": "{{ "{{" }}.Request.ContentLength{{ "{{" }}", "status": {{ "{{" }}.Response.Code{{ "{{" }}, "responseSize": "{{ "{{" }}.Response.Size{{ "{{" }}", "userAgent": "{{ "{{" }}js .Request.UserAgent{{ "{{" }}", "remoteIp": "{{ "{{" }}js .Request.RemoteAddr{{ "{{" }}", "serverIp": "{{ "{{" }}.Revision.PodIP{{ "{{" }}", "referer": "{{ "{{" }}js .Request.Referer{{ "{{" }}", "latency": "{{ "{{" }}.Response.Latency{{ "{{" }}s", "protocol": "{{ "{{" }}.Request.Proto{{ "{{" }}"}, "traceId": "{{ "{{" }}index .Request.Header "X-B3-Traceid"{{ "{{" }}"}' + + # metrics.backend-destination field specifies the system metrics destination. + # It supports either prometheus (the default) or stackdriver. + # Note: Using stackdriver will incur additional charges + metrics.backend-destination: prometheus + + # metrics.request-metrics-backend-destination specifies the request metrics + # destination. If non-empty, it enables queue proxy to send request metrics. + # Currently supported values: prometheus, stackdriver. + metrics.request-metrics-backend-destination: prometheus + + # metrics.stackdriver-project-id field specifies the stackdriver project ID. This + # field is optional. When running on GCE, application default credentials will be + # used if this field is not provided. + metrics.stackdriver-project-id: "" + + # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to + # Stackdriver using "global" resource type and custom metric type if the + # metrics are not supported by "knative_revision" resource type. Setting this + # flag to "true" could cause extra Stackdriver charge. + # If metrics.backend-destination is not Stackdriver, this is ignored. + metrics.allow-stackdriver-custom-metrics: "false" +kind: ConfigMap +metadata: + labels: + serving.knative.dev/release: devel + name: config-observability + namespace: knative-serving + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + serving.knative.dev/release: devel + name: controller + namespace: knative-serving +spec: + replicas: 1 + selector: + matchLabels: + app: controller + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + app: controller + spec: + containers: + - env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + image: gcr.io/knative-releases/github.com/knative/serving/cmd/controller@sha256:25af5f3adad8b65db3126e0d6e90aa36835c124c24d9d72ffbdd7ee739a7f571 + name: controller + ports: + - containerPort: 9090 + name: metrics + resources: + limits: + cpu: 1000m + memory: 1000Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /etc/config-logging + name: config-logging + serviceAccountName: controller + volumes: + - configMap: + name: config-logging + name: config-logging + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + serving.knative.dev/release: devel + name: webhook + namespace: knative-serving +spec: + replicas: 1 + selector: + matchLabels: + app: webhook + role: webhook + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + app: webhook + role: webhook + spec: + containers: + - env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + image: gcr.io/knative-releases/github.com/knative/serving/cmd/webhook@sha256:d1ba3e2c0d739084ff508629db001619cea9cc8780685e85dd910363774eaef6 + name: webhook + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 20m + memory: 20Mi + volumeMounts: + - mountPath: /etc/config-logging + name: config-logging + serviceAccountName: controller + volumes: + - configMap: + name: config-logging + name: config-logging + +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/18-settings.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/18-settings.yaml new file mode 100755 index 00000000..a2eec087 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/18-settings.yaml @@ -0,0 +1,30 @@ +{{ if .Values.settings.create }} + +apiVersion: gloo.solo.io/v1 +kind: Settings +metadata: + name: default + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install +spec: + bindAddr: 0.0.0.0:{{ .Values.gloo.deployment.xdsPort }} + discoveryNamespace: {{ .Values.settings.writeNamespace }} + kubernetesArtifactSource: {} + kubernetesConfigSource: {} + kubernetesSecretSource: {} + refreshRate: 60s + +{{- if .Values.settings.extensions }} + extensions: +{{- toYaml .Values.settings.extensions | nindent 4 }} +{{- end }} + +{{- with .Values.settings.watchNamespaces }} + watchNamespaces: + {{- range . }} + - {{ . }} + {{- end }} +{{- end }} + +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml new file mode 100755 index 00000000..35fb5eb0 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/20-namespace-clusterrole-gateway.yaml @@ -0,0 +1,29 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.gateway.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-gateway + labels: + app: gloo + gloo: rbac +rules: +- apiGroups: [""] + resources: ["pods", "services", "secrets", "endpoints", "configmaps"] + verbs: ["*"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "create"] +- apiGroups: ["gloo.solo.io"] + resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] + verbs: ["*"] +- apiGroups: ["gateway.solo.io"] + resources: ["virtualservices", "gateways"] + verbs: ["*"] +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml new file mode 100755 index 00000000..15215b9f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/21-namespace-clusterrole-ingress.yaml @@ -0,0 +1,29 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.ingress.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-ingress + labels: + app: gloo + gloo: rbac +rules: +- apiGroups: [""] + resources: ["pods", "services", "secrets", "endpoints", "configmaps"] + verbs: ["*"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "create"] +- apiGroups: ["gloo.solo.io"] + resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] + verbs: ["*"] +- apiGroups: ["extensions", ""] + resources: ["ingresses"] + verbs: ["*"] +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml new file mode 100755 index 00000000..1bd2b95d --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/22-namespace-clusterrole-knative.yaml @@ -0,0 +1,29 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.settings.integrations.knative.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-knative + labels: + app: gloo + gloo: rbac +rules: +- apiGroups: [""] + resources: ["pods", "services", "secrets", "endpoints", "configmaps"] + verbs: ["*"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "create"] +- apiGroups: ["gloo.solo.io"] + resources: ["settings", "upstreams","upstreamgroups", "proxies","virtualservices"] + verbs: ["*"] +- apiGroups: ["networking.internal.knative.dev"] + resources: ["clusteringresses"] + verbs: ["get", "list", "watch"] +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml new file mode 100755 index 00000000..62198913 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/23-namespace-clusterrolebinding-gateway.yaml @@ -0,0 +1,22 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.gateway.enabled }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-binding-gateway-{{ .Release.Namespace }} + labels: + app: gloo + gloo: rbac +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: gloo-role-gateway + apiGroup: rbac.authorization.k8s.io + +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml new file mode 100755 index 00000000..7ef5cbae --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/24-namespace-clusterrolebinding-ingress.yaml @@ -0,0 +1,22 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.ingress.enabled }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-binding-ingress-{{ .Release.Namespace }} + labels: + app: gloo + gloo: rbac +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: gloo-role-ingress + apiGroup: rbac.authorization.k8s.io + +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml new file mode 100755 index 00000000..5f05de96 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/25-namespace-clusterrolebinding-knative.yaml @@ -0,0 +1,21 @@ +{{- if .Values.rbac.create }} + +{{- if .Values.settings.integrations.knative.enabled }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: gloo-role-binding-knative-{{ .Release.Namespace }} + labels: + app: gloo + gloo: rbac +subjects: +- kind: ServiceAccount + name: default + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: gloo-role-knative + apiGroup: rbac.authorization.k8s.io +{{- end -}} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/3-gloo-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/3-gloo-deployment.yaml new file mode 100755 index 00000000..b3d8423f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/3-gloo-deployment.yaml @@ -0,0 +1,57 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: gloo + name: gloo + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.gloo.deployment.replicas }} + selector: + matchLabels: + gloo: gloo + template: + metadata: + labels: + gloo: gloo + {{- if .Values.gloo.deployment.stats }} + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "9091" + prometheus.io/scrape: "true" + {{- end}} + spec: + containers: + - image: "{{ .Values.gloo.deployment.image.repository }}:{{ .Values.gloo.deployment.image.tag }}" + imagePullPolicy: {{ .Values.gloo.deployment.image.pullPolicy }} + name: gloo + resources: + requests: + cpu: 1 + memory: 256Mi + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + runAsUser: 10101 + capabilities: + drop: + - ALL + ports: + - containerPort: {{ .Values.gloo.deployment.xdsPort }} + name: grpc + protocol: TCP + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.gloo.deployment.stats }} + - name: START_STATS_SERVER + value: "true" + {{- end}} + {{- if .Values.gloo.deployment.image.pullSecret }} + imagePullSecrets: + - name: {{ .Values.gloo.deployment.image.pullSecret }}{{end}} + diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/4-gloo-service.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/4-gloo-service.yaml new file mode 100755 index 00000000..ab49ea3f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/4-gloo-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: gloo + gloo: gloo + name: gloo + namespace: {{ .Release.Namespace }} +spec: +{{ if .Values.gloo.deployment.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.gloo.deployment.externalTrafficPolicy }} +{{- end }} + ports: + - name: grpc + port: {{ .Values.gloo.deployment.xdsPort }} + protocol: TCP + selector: + gloo: gloo diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/5-discovery-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/5-discovery-deployment.yaml new file mode 100755 index 00000000..1a44e922 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/5-discovery-deployment.yaml @@ -0,0 +1,46 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: discovery + name: discovery + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.discovery.deployment.replicas }} + selector: + matchLabels: + gloo: discovery + template: + metadata: + labels: + gloo: discovery + {{- if .Values.discovery.deployment.stats }} + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "9091" + prometheus.io/scrape: "true" + {{- end}} + spec: + containers: + - image: "{{ .Values.discovery.deployment.image.repository }}:{{ .Values.discovery.deployment.image.tag }}" + imagePullPolicy: {{ .Values.discovery.deployment.image.pullPolicy }} + name: discovery + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + runAsUser: 10101 + capabilities: + drop: + - ALL + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.discovery.deployment.stats }} + - name: START_STATS_SERVER + value: "true" + {{- end}} + diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/6-gateway-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/6-gateway-deployment.yaml new file mode 100755 index 00000000..0a32241e --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/6-gateway-deployment.yaml @@ -0,0 +1,47 @@ +{{- if .Values.gateway.enabled }} +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: gateway + name: gateway + namespace: {{ .Release.Namespace }} +spec: + replicas: {{ .Values.gateway.deployment.replicas }} + selector: + matchLabels: + gloo: gateway + template: + metadata: + labels: + gloo: gateway + {{- if .Values.gateway.deployment.stats }} + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "9091" + prometheus.io/scrape: "true" + {{- end}} + spec: + containers: + - image: "{{ .Values.gateway.deployment.image.repository }}:{{ .Values.gateway.deployment.image.tag }}" + imagePullPolicy: {{ .Values.gateway.deployment.image.pullPolicy }} + name: gateway + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + runAsUser: 10101 + capabilities: + drop: + - ALL + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.gateway.deployment.stats }} + - name: START_STATS_SERVER + value: "true" + {{- end}} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/7-gateway-proxy-deployment.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/7-gateway-proxy-deployment.yaml new file mode 100755 index 00000000..bb54e8f3 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/7-gateway-proxy-deployment.yaml @@ -0,0 +1,67 @@ +{{- if .Values.gateway.enabled }} +{{- range $key, $spec := .Values.gatewayProxies }} +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: gloo + gloo: {{ $key }} + name: {{ $key }} + namespace: {{ $.Release.Namespace }} +spec: + replicas: {{ $spec.deployment.replicas }} + selector: + matchLabels: + gloo: {{ $key }} + template: + metadata: + labels: + gloo: {{ $key }} +{{- with $spec.deployment.extraAnnotations }} + annotations: +{{toYaml . | indent 8}}{{- end }} + spec: + containers: + - args: ["--disable-hot-restart"] + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: {{ $spec.deployment.image.repository }}:{{ $spec.deployment.image.tag }} + imagePullPolicy: {{ $spec.deployment.image.pullPolicy }} + name: gateway-proxy + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + ports: + - containerPort: {{ $spec.deployment.httpPort }} + name: http + protocol: TCP + - containerPort: {{ $spec.deployment.httpsPort }} + name: https + protocol: TCP +{{- with $spec.deployment.extraPorts }} +{{toYaml . | indent 8}}{{- end }} + volumeMounts: + - mountPath: /etc/envoy + name: envoy-config + {{- if $spec.deployment.image.pullSecret }} + imagePullSecrets: + - name: {{ $spec.deployment.image.pullSecret }}{{end}} + volumes: + - configMap: + name: {{ $key }}-envoy-config + name: envoy-config +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/8-gateway-proxy-service.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/8-gateway-proxy-service.yaml new file mode 100755 index 00000000..f0b7d347 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/8-gateway-proxy-service.yaml @@ -0,0 +1,35 @@ +{{- if .Values.gateway.enabled }} +{{- range $key, $spec := .Values.gatewayProxies }} +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: gloo + gloo: {{ $key }} + name: {{ $key }} + namespace: {{ $.Release.Namespace }} + {{- with $spec.service.extraAnnotations }} + annotations: +{{toYaml . | indent 8}}{{- end }} +spec: + ports: + - port: {{ $spec.service.httpPort }} + targetPort: {{ $spec.deployment.httpPort }} + protocol: TCP + name: http + - port: {{ $spec.service.httpsPort }} + targetPort: {{ $spec.deployment.httpsPort }} + protocol: TCP + name: https + selector: + gloo: {{ $key }} + type: {{ $spec.service.type }} + {{- if and (eq $spec.service.type "ClusterIP") $spec.service.clusterIP }} + clusterIP: {{ $spec.service.clusterIP }} + {{- end }} + {{- if and (eq $spec.service.type "LoadBalancer") $spec.service.loadBalancerIP }} + loadBalancerIP: {{ $spec.service.loadBalancerIP }} + {{- end }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/gloo/templates/9-gateway-proxy-configmap.yaml b/vnfs/DAaaS/deploy/00-init/gloo/templates/9-gateway-proxy-configmap.yaml new file mode 100755 index 00000000..03c5a920 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/templates/9-gateway-proxy-configmap.yaml @@ -0,0 +1,54 @@ +{{- if .Values.gateway.enabled }} +{{- range $key, $spec := .Values.gatewayProxies }} +--- +# config_map +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $key }}-envoy-config + namespace: {{ $.Release.Namespace }} + labels: + app: gloo + gloo: {{ $key }} +data: +{{ if (empty $spec.configMap.data) }} + envoy.yaml: | + node: + cluster: gateway + id: "{{ "{{" }}.PodName{{ "}}" }}.{{ "{{" }}.PodNamespace{{ "}}" }}" + metadata: + # this line must match ! + role: "{{ "{{" }}.PodNamespace{{ "}}" }}~gateway-proxy" + static_resources: + clusters: + - name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }} + connect_timeout: 5.000s + load_assignment: + cluster_name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }} + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: gloo.{{ $.Release.Namespace }}.svc.cluster.local + port_value: {{ $.Values.gloo.deployment.xdsPort }} + http2_protocol_options: {} + type: STRICT_DNS + dynamic_resources: + ads_config: + api_type: GRPC + grpc_services: + - envoy_grpc: {cluster_name: gloo.{{ $.Release.Namespace }}.svc.cluster.local:{{ $.Values.gloo.deployment.xdsPort }}} + cds_config: + ads: {} + lds_config: + ads: {} + admin: + access_log_path: /dev/null + address: + socket_address: + address: 127.0.0.1 + port_value: 19000 +{{- else}}{{ toYaml $spec.configMap.data | indent 2}}{{- end}} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/gloo/values-ingress.yaml b/vnfs/DAaaS/deploy/00-init/gloo/values-ingress.yaml new file mode 100755 index 00000000..98dd42ae --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/values-ingress.yaml @@ -0,0 +1,74 @@ +crds: + create: true +discovery: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/discovery + tag: 0.13.18 + replicas: 1 + stats: false +gateway: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gateway + tag: "" + replicas: 1 + stats: false + enabled: false +gatewayProxies: + gateway-proxy: + configMap: + data: null + deployment: + httpPort: "8080" + httpsPort: "8443" + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo-envoy-wrapper + tag: "" + replicas: 1 + stats: false + service: + httpPort: "80" + httpsPort: "443" + type: LoadBalancer +gloo: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo + tag: 0.13.18 + replicas: 1 + stats: false + xdsPort: "9977" +ingress: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/ingress + tag: 0.13.18 + replicas: 1 + stats: false + enabled: true +ingressProxy: + configMap: {} + deployment: + httpPort: "80" + httpsPort: "443" + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo-envoy-wrapper + tag: 0.13.18 + replicas: 1 + stats: false +namespace: + create: false +rbac: + create: true +settings: + integrations: + knative: + enabled: false + writeNamespace: gloo-system diff --git a/vnfs/DAaaS/deploy/00-init/gloo/values-knative.yaml b/vnfs/DAaaS/deploy/00-init/gloo/values-knative.yaml new file mode 100755 index 00000000..c53ca1a9 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/values-knative.yaml @@ -0,0 +1,72 @@ +crds: + create: true +discovery: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/discovery + tag: 0.13.18 + replicas: 1 + stats: false +gateway: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gateway + tag: "" + replicas: 1 + stats: false + enabled: false +gatewayProxies: + gateway-proxy: + configMap: + data: null + deployment: + httpPort: "8080" + httpsPort: "8443" + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo-envoy-wrapper + tag: "" + replicas: 1 + stats: false + service: + httpPort: "80" + httpsPort: "443" + type: LoadBalancer +gloo: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo + tag: 0.13.18 + replicas: 1 + stats: false + xdsPort: "9977" +ingress: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/ingress + tag: 0.13.18 + replicas: 1 + stats: false + enabled: false +namespace: + create: false +rbac: + create: true +settings: + integrations: + knative: + enabled: true + proxy: + httpPort: "80" + httpsPort: "443" + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo-envoy-wrapper + tag: 0.13.18 + replicas: 1 + stats: false + writeNamespace: gloo-system diff --git a/vnfs/DAaaS/deploy/00-init/gloo/values.yaml b/vnfs/DAaaS/deploy/00-init/gloo/values.yaml new file mode 100755 index 00000000..daeab0c3 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/gloo/values.yaml @@ -0,0 +1,56 @@ +crds: + create: true +discovery: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/discovery + tag: 0.13.18 + replicas: 1 + stats: false +gateway: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gateway + tag: 0.13.18 + replicas: 1 + stats: false + enabled: true +gatewayProxies: + gateway-proxy: + configMap: + data: null + deployment: + httpPort: "8080" + httpsPort: "8443" + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo-envoy-wrapper + tag: 0.13.18 + replicas: 1 + stats: false + service: + httpPort: "80" + httpsPort: "443" + type: LoadBalancer +gloo: + deployment: + image: + pullPolicy: Always + repository: quay.io/solo-io/gloo + tag: 0.13.18 + replicas: 1 + stats: false + xdsPort: "9977" +ingress: + enabled: false +namespace: + create: false +rbac: + create: true +settings: + integrations: + knative: + enabled: false + writeNamespace: gloo-system diff --git a/vnfs/DAaaS/deploy/00-init/istio/README.md b/vnfs/DAaaS/deploy/00-init/istio/README.md new file mode 100644 index 00000000..d19bcce0 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/istio/README.md @@ -0,0 +1,31 @@ +Istio Installation + +1. Download the Source code +curl -L https://git.io/getLatestIstio | ISTIO_VERSION=1.1.7 sh - + +2. Add the ISTIO helm chart repository. “helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.1.7/charts/” + + NOTE : Make sure the helm client and helm server (tiller) is installed + + Create a namespace istio-system where all the istio components are installed “kubectl create namespace istio-system” + +3. Install all the Istio Custom Resource Definitions (CRDs) using kubectl apply + + + “helm template install/kubernetes/helm/istio-init --name istio-init --namespace istio-system | kubectl apply -f -”. + +4. Verify that all 53 Istio CRDs were committed to the Kubernetes api-server using the following command: + + “kubectl get crds | grep 'istio.io\|certmanager.k8s.io' | wc -l” + +5. Install istio with the sds as the configuration profile. + + “helm template install/kubernetes/helm/istio --name istio --namespace istio-system --values install/kubernetes/helm/istio/values-istio-sds-auth.yaml | kubectl apply -f -” + +6. Verify the Installation + + “kubectl get svc -n istio-system” && “kubectl get pods -n istio-system” + + Reference - +1. https://istio.io/docs/setup/kubernetes/install/helm/ +2. https://istio.io/docs/tasks/security/auth-sds/ diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/Chart.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/Chart.yaml new file mode 100644 index 00000000..21e90098 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +description: File, Block, and Object Storage Services for your Cloud-Native Environment +name: rook-ceph +version: 0.0.1 +icon: https://rook.io/images/logos/rook/rook-logo-color-on-transparent.png +sources: + - https://github.com/rook/rook diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/NOTES.txt b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/NOTES.txt new file mode 100644 index 00000000..0509b574 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/NOTES.txt @@ -0,0 +1,5 @@ +The Rook Operator has been installed. Check its status by running: + kubectl --namespace {{ .Release.Namespace }} get pods -l "app=rook-ceph-operator" + +Visit https://rook.io/docs/rook/master for instructions on how +to create & configure Rook clusters diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/_helpers.tpl b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/_helpers.tpl new file mode 100644 index 00000000..f0d83d2e --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/_helpers.tpl @@ -0,0 +1,16 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/cluster.yml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/cluster.yml new file mode 100644 index 00000000..1cd33e8c --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/cluster.yml @@ -0,0 +1,180 @@ +################################################################################# +# This example first defines some necessary namespace and RBAC security objects. +# The actual Ceph Cluster CRD example can be found at the bottom of this example. +################################################################################# +apiVersion: v1 +kind: Namespace +metadata: + name: rook-ceph +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rook-ceph-osd + namespace: rook-ceph +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rook-ceph-mgr + namespace: rook-ceph +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-osd + namespace: rook-ceph +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: [ "get", "list", "watch", "create", "update", "delete" ] +--- +# Aspects of ceph-mgr that require access to the system namespace +kind: Role +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr-system + namespace: rook-ceph +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch +--- +# Aspects of ceph-mgr that operate within the cluster's namespace +kind: Role +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr + namespace: rook-ceph +rules: +- apiGroups: + - "" + resources: + - pods + - services + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - get + - list + - watch + - create + - update + - delete +- apiGroups: + - ceph.rook.io + resources: + - "*" + verbs: + - "*" +--- +# Allow the operator to create resources in this cluster's namespace +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-cluster-mgmt + namespace: rook-ceph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-cluster-mgmt +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: rook-ceph-system +--- +# Allow the osd pods in this namespace to work with configmaps +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-osd + namespace: rook-ceph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rook-ceph-osd +subjects: +- kind: ServiceAccount + name: rook-ceph-osd + namespace: rook-ceph +--- +# Allow the ceph mgr to access the cluster-specific resources necessary for the mgr modules +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr + namespace: rook-ceph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rook-ceph-mgr +subjects: +- kind: ServiceAccount + name: rook-ceph-mgr + namespace: rook-ceph +--- +# Allow the ceph mgr to access the rook system resources necessary for the mgr modules +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr-system + namespace: rook-ceph-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rook-ceph-mgr-system +subjects: +- kind: ServiceAccount + name: rook-ceph-mgr + namespace: rook-ceph +--- +# Allow the ceph mgr to access cluster-wide resources necessary for the mgr modules +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr-cluster + namespace: rook-ceph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-mgr-cluster +subjects: +- kind: ServiceAccount + name: rook-ceph-mgr + namespace: rook-ceph +--- +################################################################################# +# The Ceph Cluster CRD example +################################################################################# +apiVersion: ceph.rook.io/v1 +kind: CephCluster +metadata: + name: rook-ceph + namespace: rook-ceph +spec: + cephVersion: + # For the latest ceph images, see https://hub.docker.com/r/ceph/ceph/tags + image: ceph/ceph:v13.2.2-20181023 + dataDirHostPath: /var/lib/rook + dashboard: + enabled: true + mon: + count: 3 + allowMultiplePerNode: true + storage: + useAllNodes: true + useAllDevices: false + config: + databaseSizeMB: "1024" + journalSizeMB: "1024" \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrole.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrole.yaml new file mode 100644 index 00000000..58a24d47 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrole.yaml @@ -0,0 +1,165 @@ +{{- if .Values.rbacEnable }} +# The cluster role for managing all the cluster-specific resources in a namespace +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: rook-ceph-cluster-mgmt + labels: + operator: rook + storage-backend: ceph +rules: +- apiGroups: + - "" + resources: + - secrets + - pods + - pods/log + - services + - configmaps + verbs: + - get + - list + - watch + - patch + - create + - update + - delete +- apiGroups: + - extensions + resources: + - deployments + - daemonsets + - replicasets + verbs: + - get + - list + - watch + - create + - update + - delete +--- +# The cluster role for managing the Rook CRDs +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: rook-ceph-global + labels: + operator: rook + storage-backend: ceph +rules: +- apiGroups: + - "" + resources: + # Pod access is needed for fencing + - pods + # Node access is needed for determining nodes where mons should run + - nodes + - nodes/proxy + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + # PVs and PVCs are managed by the Rook provisioner + - persistentvolumes + - persistentvolumeclaims + verbs: + - get + - list + - watch + - patch + - create + - update + - delete +- apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - get + - list + - watch + - create + - update + - delete +- apiGroups: + - ceph.rook.io + resources: + - "*" + verbs: + - "*" +- apiGroups: + - rook.io + resources: + - "*" + verbs: + - "*" +--- +# Aspects of ceph-mgr that require cluster-wide access +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-mgr-cluster + labels: + operator: rook + storage-backend: ceph +rules: +- apiGroups: + - "" + resources: + - configmaps + - nodes + - nodes/proxy + verbs: + - get + - list + - watch +{{- if ((.Values.agent) and .Values.agent.mountSecurityMode) and ne .Values.agent.mountSecurityMode "Any" }} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: rook-ceph-agent-mount + labels: + operator: rook + storage-backend: ceph +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +{{- end }} +{{- if .Values.pspEnable }} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: rook-ceph-system-psp-user + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +rules: +- apiGroups: + - extensions + resources: + - podsecuritypolicies + resourceNames: + - 00-rook-ceph-operator + verbs: + - use +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrolebinding.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..845eb6d7 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/clusterrolebinding.yaml @@ -0,0 +1,38 @@ +{{- if .Values.rbacEnable }} +# Grant the rook system daemons cluster-wide access to manage the Rook CRDs, PVCs, and storage classes +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-global + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-global +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: {{ .Release.Namespace }} +{{- if .Values.pspEnable }} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: rook-ceph-system-psp-users + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: rook-ceph-system-psp-user +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/dashboard-external-http.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/dashboard-external-http.yaml new file mode 100644 index 00000000..ee521152 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/dashboard-external-http.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: rook-ceph-mgr-dashboard-external-http + namespace: rook-ceph + labels: + app: rook-ceph-mgr + rook_cluster: rook-ceph + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-weight": "10" +spec: + ports: + - name: dashboard + port: 7000 + protocol: TCP + targetPort: 7000 + selector: + app: rook-ceph-mgr + rook_cluster: rook-ceph + sessionAffinity: None + type: NodePort diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/deployment.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/deployment.yaml new file mode 100644 index 00000000..13c6a763 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/deployment.yaml @@ -0,0 +1,108 @@ +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: rook-ceph-operator + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: 1 + selector: + matchLabels: + app: rook-ceph-operator + template: + metadata: + labels: + app: rook-ceph-operator + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +{{- if .Values.annotations }} + annotations: +{{ toYaml .Values.annotations | indent 8 }} +{{- end }} + spec: + containers: + - name: rook-ceph-operator + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: ["ceph", "operator"] + env: +{{- if not .Values.rbacEnable }} + - name: RBAC_ENABLED + value: "false" +{{- end }} +{{- if .Values.agent }} +{{- if .Values.agent.toleration }} + - name: AGENT_TOLERATION + value: {{ .Values.agent.toleration }} +{{- end }} +{{- if .Values.agent.tolerationKey }} + - name: AGENT_TOLERATION_KEY + value: {{ .Values.agent.tolerationKey }} +{{- end }} +{{- if .Values.agent.mountSecurityMode }} + - name: AGENT_MOUNT_SECURITY_MODE + value: {{ .Values.agent.mountSecurityMode }} +{{- end }} +{{- if .Values.agent.flexVolumeDirPath }} + - name: FLEXVOLUME_DIR_PATH + value: {{ .Values.agent.flexVolumeDirPath }} +{{- end }} +{{- if .Values.agent.libModulesDirPath }} + - name: LIB_MODULES_DIR_PATH + value: {{ .Values.agent.libModulesDirPath }} +{{- end }} +{{- if .Values.agent.mounts }} + - name: AGENT_MOUNTS + value: {{ .Values.agent.mounts }} +{{- end }} +{{- end }} +{{- if .Values.discover }} +{{- if .Values.discover.toleration }} + - name: DISCOVER_TOLERATION + value: {{ .Values.agent.toleration }} +{{- end }} +{{- if .Values.discover.tolerationKey }} + - name: DISCOVER_TOLERATION_KEY + value: {{ .Values.discover.tolerationKey }} +{{- end }} +{{- end }} + - name: ROOK_LOG_LEVEL + value: {{ .Values.logLevel }} + - name: ROOK_ENABLE_SELINUX_RELABELING + value: {{ .Values.enableSelinuxRelabeling | quote }} + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace +{{- if .Values.mon }} +{{- if .Values.mon.healthCheckInterval }} + - name: ROOK_MON_HEALTHCHECK_INTERVAL + value: {{ .Values.mon.healthCheckInterval }} +{{- end }} +{{- if .Values.mon.monOutTimeout }} + - name: ROOK_MON_OUT_TIMEOUT + value: {{ .Values.mon.monOutTimeout }} +{{- end }} +{{- end }} + resources: +{{ toYaml .Values.resources | indent 10 }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} +{{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} +{{- if .Values.rbacEnable }} + serviceAccountName: rook-ceph-system +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/psp.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/psp.yaml new file mode 100644 index 00000000..412b2437 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/psp.yaml @@ -0,0 +1,35 @@ +{{- if .Values.pspEnable }} +# PSP for rook-ceph-operator + +# Most of the teams follow the kubernetes docs and have these PSPs. +# * privileged (for kube-system namespace) +# * restricted (for all logged in users) +# +# If we name it as `rook-ceph-operator`, it comes next to `restricted` PSP alphabetically, +# and applies `restricted` capabilities to `rook-system`. Thats reason this is named with `00-rook-ceph-operator`, +# so it stays somewhere close to top and `rook-system` gets the intended PSP. +# +# More info on PSP ordering : https://kubernetes.io/docs/concepts/policy/pod-security-policy/#policy-order + +apiVersion: extensions/v1beta1 +kind: PodSecurityPolicy +metadata: + name: 00-rook-ceph-operator +spec: + fsGroup: + rule: RunAsAny + privileged: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - '*' + allowedCapabilities: + - '*' + hostPID: true + hostIPC: true + hostNetwork: true +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/resources.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/resources.yaml new file mode 100644 index 00000000..e296663f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/resources.yaml @@ -0,0 +1,177 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: cephclusters.ceph.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: ceph.rook.io + names: + kind: CephCluster + listKind: CephClusterList + plural: cephclusters + singular: cephcluster + scope: Namespaced + version: v1 + validation: + openAPIV3Schema: + properties: + spec: + properties: + cephVersion: + properties: + allowUnsupported: + type: boolean + image: + type: string + name: + pattern: ^(luminous|mimic|nautilus)$ + type: string + dashboard: + properties: + enabled: + type: boolean + urlPrefix: + type: string + port: + type: integer + minimum: 0 + maximum: 65535 + dataDirHostPath: + pattern: ^/(\S+) + type: string + mon: + properties: + allowMultiplePerNode: + type: boolean + count: + maximum: 9 + minimum: 1 + type: integer + required: + - count + network: + properties: + hostNetwork: + type: boolean + storage: + properties: + nodes: + items: {} + type: array + useAllDevices: {} + useAllNodes: + type: boolean + required: + - mon + additionalPrinterColumns: + - name: DataDirHostPath + type: string + description: Directory used on the K8s nodes + JSONPath: .spec.dataDirHostPath + - name: MonCount + type: string + description: Number of MONs + JSONPath: .spec.mon.count + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + - name: State + type: string + description: Current State + JSONPath: .status.state +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: cephfilesystems.ceph.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: ceph.rook.io + names: + kind: CephFilesystem + listKind: CephFilesystemList + plural: cephfilesystems + singular: cephfilesystem + scope: Namespaced + version: v1 + additionalPrinterColumns: + - name: MdsCount + type: string + description: Number of MDSs + JSONPath: .spec.metadataServer.activeCount + - name: Age + type: date + JSONPath: .metadata.creationTimestamp +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: cephobjectstores.ceph.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: ceph.rook.io + names: + kind: CephObjectStore + listKind: CephObjectStoreList + plural: cephobjectstores + singular: cephobjectstore + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: cephobjectstoreusers.ceph.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: ceph.rook.io + names: + kind: CephObjectStoreUser + listKind: CephObjectStoreUserList + plural: cephobjectstoreusers + singular: cephobjectstoreuser + shortNames: + - rcou + - objectuser + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: cephblockpools.ceph.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: ceph.rook.io + names: + kind: CephBlockPool + listKind: CephBlockPoolList + plural: cephblockpools + singular: cephblockpool + scope: Namespaced + version: v1 +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: volumes.rook.io + annotations: + "helm.sh/hook": crd-install +spec: + group: rook.io + names: + kind: Volume + listKind: VolumeList + plural: volumes + singular: volume + shortNames: + - rv + scope: Namespaced + version: v1alpha2 +--- diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/role.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/role.yaml new file mode 100644 index 00000000..45122d32 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/role.yaml @@ -0,0 +1,35 @@ +{{- if .Values.rbacEnable }} +# The role for the operator to manage resources in the system namespace +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: rook-ceph-system + labels: + operator: rook + storage-backend: ceph +rules: +- apiGroups: + - "" + resources: + - pods + - configmaps + verbs: + - get + - list + - watch + - patch + - create + - update + - delete +- apiGroups: + - extensions + resources: + - daemonsets + verbs: + - get + - list + - watch + - create + - update + - delete +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/rolebinding.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/rolebinding.yaml new file mode 100644 index 00000000..3ef5897f --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.rbacEnable }} +# Grant the operator, agent, and discovery agents access to resources in the rook-ceph-system namespace +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: rook-ceph-system + namespace: {{ .Release.Namespace }} + labels: + operator: rook + storage-backend: ceph +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rook-ceph-system +subjects: +- kind: ServiceAccount + name: rook-ceph-system + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/serviceaccount.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/serviceaccount.yaml new file mode 100644 index 00000000..7b42de17 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/serviceaccount.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rook-ceph-system + labels: + operator: rook + storage-backend: ceph + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/storageclass.yml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/storageclass.yml new file mode 100644 index 00000000..38ddf5d7 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/storageclass.yml @@ -0,0 +1,28 @@ +apiVersion: ceph.rook.io/v1 +kind: CephBlockPool +metadata: + name: replicapool + namespace: rook-ceph + annotations: + storageclass.kubernetes.io/is-default-class: "true" + "helm.sh/hook": post-install +spec: + failureDomain: host + replicated: + size: 1 +--- +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: rook-ceph-block + annotations: + storageclass.kubernetes.io/is-default-class: "true" + "helm.sh/hook": post-install +provisioner: ceph.rook.io/block +parameters: + blockPool: replicapool + # The value of "clusterNamespace" MUST be the same as the one in which your rook cluster exist + clusterNamespace: rook-ceph + # Specify the filesystem type of the volume. If not specified, it will use `ext4`. + fstype: xfs +# Optional, default reclaimPolicy is "Delete". Other options are: "Retain", "Recycle" as documented in https://kubernetes.io/docs/concepts/storage/storage-classes/ \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/tool-box.yml b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/tool-box.yml new file mode 100644 index 00000000..98bc3c98 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/templates/tool-box.yml @@ -0,0 +1,62 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rook-ceph-tools + namespace: rook-ceph + labels: + app: rook-ceph-tools + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-weight": "10" +spec: + replicas: 1 + selector: + matchLabels: + app: rook-ceph-tools + template: + metadata: + labels: + app: rook-ceph-tools + spec: + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: rook-ceph-tools + image: rook/ceph:v0.9.1 + command: ["/tini"] + args: ["-g", "--", "/usr/local/bin/toolbox.sh"] + imagePullPolicy: IfNotPresent + env: + - name: ROOK_ADMIN_SECRET + valueFrom: + secretKeyRef: + name: rook-ceph-mon + key: admin-secret + securityContext: + privileged: true + volumeMounts: + - mountPath: /dev + name: dev + - mountPath: /sys/bus + name: sysbus + - mountPath: /lib/modules + name: libmodules + - name: mon-endpoint-volume + mountPath: /etc/rook + # if hostNetwork: false, the "rbd map" command hangs, see https://github.com/rook/rook/issues/2021 + hostNetwork: true + volumes: + - name: dev + hostPath: + path: /dev + - name: sysbus + hostPath: + path: /sys/bus + - name: libmodules + hostPath: + path: /lib/modules + - name: mon-endpoint-volume + configMap: + name: rook-ceph-mon-endpoints + items: + - key: data + path: mon-endpoints diff --git a/vnfs/DAaaS/deploy/00-init/rook-ceph/values.yaml b/vnfs/DAaaS/deploy/00-init/rook-ceph/values.yaml new file mode 100644 index 00000000..7b4d07bd --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/rook-ceph/values.yaml @@ -0,0 +1,75 @@ +# Default values for rook-ceph-operator +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + prefix: rook + repository: rook/ceph + tag: v0.9.1 + pullPolicy: IfNotPresent + +hyperkube: + repository: k8s.gcr.io/hyperkube + tag: v1.7.12 + pullPolicy: IfNotPresent + +resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +nodeSelector: +# Constraint rook-ceph-operator Deployment to nodes with label `disktype: ssd`. +# For more info, see https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +# disktype: ssd + +# Tolerations for the rook-ceph-operator to allow it to run on nodes with particular taints +tolerations: [] + +mon: + healthCheckInterval: "45s" + monOutTimeout: "300s" + +## Annotations to be added to pod +annotations: {} + +## LogLevel can be set to: TRACE, DEBUG, INFO, NOTICE, WARNING, ERROR or CRITICAL +logLevel: INFO + +## If true, create & use RBAC resources +## +rbacEnable: false + +## If true, create & use PSP resources +## +pspEnable: true + +## Rook Agent configuration +## toleration: NoSchedule, PreferNoSchedule or NoExecute +## tolerationKey: Set this to the specific key of the taint to tolerate +## flexVolumeDirPath: The path where the Rook agent discovers the flex volume plugins +## libModulesDirPath: The path where the Rook agent can find kernel modules +# agent: +# toleration: NoSchedule +# tolerationKey: key +# mountSecurityMode: Any +## For information on FlexVolume path, please refer to https://rook.io/docs/rook/master/flexvolume.html +# flexVolumeDirPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec/ +# libModulesDirPath: /lib/modules +# mounts: mount1=/host/path:/container/path,/host/path2:/container/path2 +agent: + flexVolumeDirPath: /var/lib/kubelet/volumeplugins +## Rook Discover configuration +## toleration: NoSchedule, PreferNoSchedule or NoExecute +## tolerationKey: Set this to the specific key of the taint to tolerate +# discover: +# toleration: NoSchedule +# tolerationKey: key + +# In some situations SELinux relabelling breaks (times out) on large filesystems, and doesn't work with cephfs ReadWriteMany volumes (last relabel wins). +# Disable it here if you have similiar issues. +# For more details see https://github.com/rook/rook/issues/2417 +enableSelinuxRelabeling: true diff --git a/vnfs/DAaaS/deploy/collection/.helmignore b/vnfs/DAaaS/deploy/collection/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/collection/Chart.yaml b/vnfs/DAaaS/deploy/collection/Chart.yaml new file mode 100644 index 00000000..f21cc894 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Helm charts for collection agents and collection service +name: collection +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/.helmignore b/vnfs/DAaaS/deploy/collection/charts/cadvisor/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/Chart.yaml b/vnfs/DAaaS/deploy/collection/charts/cadvisor/Chart.yaml new file mode 100644 index 00000000..aea55a29 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +appVersion: "1.0" +description: Cadvisor Helm Chart +name: cadvisor +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/NOTES.txt b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/NOTES.txt new file mode 100644 index 00000000..3eea9994 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.cadvisor_prometheus.service.type }} + NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "name" . }}) + NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") + visit http://NODE_IP:NODE_PORT +{{- else if contains "LoadBalancer" .Values.cadvisor_prometheus.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.cadvisor_prometheus.service.type }} + export POD_NAME=$(kubectl get pods --namespace={{ .Release.Namespace }} -l "app={{ template "name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.cadvisor_prometheus.service.targetPort }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/_helpers.tpl b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/_helpers.tpl new file mode 100644 index 00000000..ea2a3266 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Workaround for https://github.com/helm/helm/issues/3117 */}} +{{- define "rangeskipempty" -}} +{{- range $key, $value := . }} +{{- if $value }} +{{ $key }}: {{ $value }} +{{- end }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/daemonset.yaml b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/daemonset.yaml new file mode 100644 index 00000000..e287c7d8 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/daemonset.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: apps/v1beta2 +kind: DaemonSet +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ .Values.replicaCount }} + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + name: {{ template "fullname" . }} + template: + metadata: + labels: + name: {{ template "fullname" . }} + app: {{ template "name" . }} + collector: cadvisor + release: {{ .Release.Name }} + spec: + hostNetwork: true + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + privileged: true + volumeMounts: + - name: rootfs + mountPath: /rootfs + readOnly: true + - name: var-run + mountPath: /var/run + readOnly: false + - name: sys + mountPath: /sys + readOnly: true + - name: docker + mountPath: /var/lib/docker + readOnly: true + ports: + - name: http + containerPort: 8080 + protocol: TCP + args: + - --housekeeping_interval=10s + terminationGracePeriodSeconds: 30 + volumes: + - name: rootfs + hostPath: + path: / + - name: var-run + hostPath: + path: /var/run + - name: sys + hostPath: + path: /sys + - name: docker + hostPath: + path: /var/lib/docker diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/service.yaml b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/service.yaml new file mode 100644 index 00000000..a8a932d1 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/templates/service.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: cadvisor + labels: + app: cadvisor + release: {{ .Release.Name }} +spec: + type: NodePort + externalTrafficPolicy: Local + selector: +{{ include "rangeskipempty" .Values.cadvisor_prometheus.service.selector | indent 4 }} + ports: + - name: cadvisor-prometheus + {{- if eq .Values.cadvisor_prometheus.service.type "NodePort" }} + nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.cadvisor_prometheus.service.nodePort }} + {{- end }} + protocol: TCP + port: {{ .Values.cadvisor_prometheus.service.port }} + nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.cadvisor_prometheus.service.nodePort }} + targetPort: {{ .Values.cadvisor_prometheus.service.targetPort }} diff --git a/vnfs/DAaaS/deploy/collection/charts/cadvisor/values.yaml b/vnfs/DAaaS/deploy/collection/charts/cadvisor/values.yaml new file mode 100644 index 00000000..a17c3dd5 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/cadvisor/values.yaml @@ -0,0 +1,23 @@ +# Default values for cadvisor. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +ingress: + enabled: false +image: + repository: google/cadvisor + tag: latest + pullPolicy: IfNotPresent +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. +cadvisor_prometheus: + service: + type: NodePort + port: 80 + nodePort: 91 + targetPort: 8080 + selector: + app: cadvisor + collector: cadvisor diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/.helmignore b/vnfs/DAaaS/deploy/collection/charts/collectd/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/Chart.yaml b/vnfs/DAaaS/deploy/collection/charts/collectd/Chart.yaml new file mode 100644 index 00000000..fcdcfde9 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +appVersion: "7.1.0" +description: Collectd Helm Chart +name: collectd +version: 0.2.0 diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/resources/config/collectd.conf b/vnfs/DAaaS/deploy/collection/charts/collectd/resources/config/collectd.conf new file mode 100644 index 00000000..f62adb6a --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/resources/config/collectd.conf @@ -0,0 +1,44 @@ +FQDNLookup false +LoadPlugin cpu +LoadPlugin memory +LoadPlugin cpufreq +LoadPlugin disk +LoadPlugin ethstat +LoadPlugin ipc +LoadPlugin ipmi +LoadPlugin load +LoadPlugin numa +LoadPlugin processes +LoadPlugin df +LoadPlugin turbostat +LoadPlugin uptime +LoadPlugin contextswitch +LoadPlugin irq +LoadPlugin df +LoadPlugin swap +LoadPlugin write_prometheus + +LoadPlugin logfile + + LogLevel info + File "/var/log/collectd.log" + Timestamp true + PrintSeverity false + + + Interval 5 + ReportByState false + ReportByCpu false + + + + Interval 30 + ValuesAbsolute false + ValuesPercentage true + + + + Port "{{ .Values.prometheus_port }}" + + +#Last line (collectd requires ‘\n’ at the last line) diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/templates/NOTES.txt b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/NOTES.txt new file mode 100644 index 00000000..06ca128b --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/NOTES.txt @@ -0,0 +1,34 @@ +# Copyright (c) 2019 Intel Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.collectd_prometheus.service.type }} + NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "name" . }}) + NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") + visit http://NODE_IP:NODE_PORT +{{- else if contains "LoadBalancer" .Values.collectd_prometheus.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.collectd_prometheus.service.type }} + CLUSTER_NODE_IPS=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[*].status.addresses[0].address}") + CLUSTER_NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].port}" services {{ include "name" . }}) + visit http://CLUSTER_NODE_IP:CLUSTER_NODE_PORT +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/templates/_helpers.tpl b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/_helpers.tpl new file mode 100644 index 00000000..b5e98086 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/_helpers.tpl @@ -0,0 +1,25 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Workaround for https://github.com/helm/helm/issues/3117 */}} +{{- define "rangeskipempty" -}} +{{- range $key, $value := . }} +{{- if $value }} +{{ $key }}: {{ $value }} +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/templates/configmap.yaml b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/configmap.yaml new file mode 100644 index 00000000..5f5dde01 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/configmap.yaml @@ -0,0 +1,27 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }}-config + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +data: + node-collectd.conf: |- + {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/templates/daemonset.yaml b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/daemonset.yaml new file mode 100644 index 00000000..29fdded9 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/daemonset.yaml @@ -0,0 +1,83 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: {{ template "fullname" . }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} +spec: + replicas: {{ .Values.replicaCount }} + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + app: {{ template "name" . }} + collector: collectd + release: {{ .Release.Name }} + spec: + hostNetwork: true + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + securityContext: + privileged: true + volumeMounts: + - name: {{ template "fullname" . }}-config + mountPath: /opt/collectd/etc + - name: proc + mountPath: /mnt/proc + readOnly: true + - name: root + mountPath: /hostfs + readOnly: true + - name: etc + mountPath: /mnt/etc + readOnly: true + - name: run + mountPath: /var/run/docker.sock + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + volumes: + - name: {{ template "fullname" . }}-config + configMap: + name: {{ template "fullname" . }}-config + items: + - key: node-collectd.conf + path: collectd.conf + - name: proc + hostPath: + path: /proc + - name: root + hostPath: + path: / + - name: etc + hostPath: + path: /etc + - name: run + hostPath: + path: /var/run/docker.sock diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/templates/service.yaml b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/service.yaml new file mode 100644 index 00000000..7571715d --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/templates/service.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: collectd + labels: + app: collectd + release: {{ .Release.Name }} +spec: + ports: + - name: collectd-prometheus + port: {{ .Values.collectd_prometheus.service.port }} + protocol: TCP + targetPort: {{ .Values.collectd_prometheus.service.targetPort }} + selector: +{{ include "rangeskipempty" .Values.collectd_prometheus.service.selector | indent 4 }} + type: ClusterIP diff --git a/vnfs/DAaaS/deploy/collection/charts/collectd/values.yaml b/vnfs/DAaaS/deploy/collection/charts/collectd/values.yaml new file mode 100644 index 00000000..fdfcae71 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/collectd/values.yaml @@ -0,0 +1,28 @@ +# Default values for collectd. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +ingress: + enabled: false +image: + repository: opnfv/barometer-collectd + tag: latest + pullPolicy: IfNotPresent +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi +collectd_prometheus: + service: + type: ClusterIP + port: 9103 + targetPort: 9103 + selector: + app: collectd + collector: collectd diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/.helmignore b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/Chart.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/Chart.yaml new file mode 100755 index 00000000..2e45b3a3 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +appVersion: 0.17.0 +description: A Helm chart for prometheus node-exporter +home: https://github.com/prometheus/node_exporter/ +keywords: +- node-exporter +- prometheus +- exporter +maintainers: +- email: gianrubio@gmail.com + name: gianrubio +name: prometheus-node-exporter +sources: +- https://github.com/prometheus/node_exporter/ +version: 1.3.2 diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/OWNERS b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/OWNERS new file mode 100755 index 00000000..fe9b2c3d --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/OWNERS @@ -0,0 +1,4 @@ +approvers: +- gianrubio +reviewers: +- gianrubio \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/README.md b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/README.md new file mode 100755 index 00000000..b9b50101 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/README.md @@ -0,0 +1,80 @@ +# Prometheus Node Exporter + +* Installs prometheus [node exporter](https://github.com/prometheus/node_exporter) + +## TL;DR; + +```console +$ helm install stable/prometheus-node-exporter +``` + +## Introduction + +This chart bootstraps a prometheus [node exporter](http://github.com/prometheus/node_exporter) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm install --name my-release stable/prometheus-node-exporter +``` + +The command deploys node exporter on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the Node Exporter chart and their default values. + +| Parameter | Description | Default | | +| --------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | --- | +| `image.repository` | Image repository | `quay.io/prometheus/node-exporter` | | +| `image.tag` | Image tag | `v0.16.0` | | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | | +| `extraArgs` | Additional container arguments | `[]` | | +| `extraHostVolumeMounts` | Additional host volume mounts | {} | | +| `podLabels` | Additional labels to be added to pods | {} | | +| `rbac.create` | If true, create & use RBAC resources | `true` | | +| `rbac.pspEnabled` | Specifies whether a PodSecurityPolicy should be created. | `true` | | +| `resources` | CPU/Memory resource requests/limits | `{}` | | +| `service.type` | Service type | `ClusterIP` | | +| `service.port` | The service port | `9100` | | +| `service.targetPort` | The target port of the container | `9100` | | +| `service.nodePort` | The node port of the service | | | +| `service.annotations` | Kubernetes service annotations | `{prometheus.io/scrape: "true"}` | | +| `serviceAccount.create` | Specifies whether a service account should be created. | `true` | | +| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | | | +| `serviceAccount.imagePullSecrets` | Specify image pull secrets | `[]` | | +| `securityContext` | SecurityContext | `{"runAsNonRoot": true, "runAsUser": 65534}` | | +| `affinity` | A group of affinity scheduling rules for pod assignment | `{}` | | +| `nodeSelector` | Node labels for pod assignment | `{}` | | +| `tolerations` | List of node taints to tolerate | `- effect: NoSchedule operator: Exists` | | +| `priorityClassName` | Name of Priority Class to assign pods | `nil` | | +| `endpoints` | list of addresses that have node exporter deployed outside of the cluster | `[]` | | +| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | | +| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | | +| `prometheus.monitor.namespace` | namespace where servicemonitor resource should be created | `the same namespace as prometheus node exporter` | | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install --name my-release \ + --set serviceAccount.name=node-exporter \ + stable/prometheus-node-exporter +``` + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +$ helm install --name my-release -f values.yaml stable/prometheus-node-exporter +``` diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/NOTES.txt b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/NOTES.txt new file mode 100755 index 00000000..4902798f --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/NOTES.txt @@ -0,0 +1,15 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "prometheus-node-exporter.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/_helpers.tpl b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/_helpers.tpl new file mode 100755 index 00000000..4f0e2dfe --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/_helpers.tpl @@ -0,0 +1,55 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-node-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-node-exporter.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Generate basic labels */}} +{{- define "prometheus-node-exporter.labels" }} +app: {{ template "prometheus-node-exporter.name" . }} +heritage: {{.Release.Service }} +release: {{.Release.Name }} +chart: {{ template "prometheus-node-exporter.chart" . }} +{{- if .Values.podLabels}} +{{ toYaml .Values.podLabels }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-node-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-node-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/daemonset.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/daemonset.yaml new file mode 100755 index 00000000..dfb15f1d --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -0,0 +1,98 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + template: + metadata: + labels: {{ include "prometheus-node-exporter.labels" . | indent 8 }} + spec: +{{- if and .Values.rbac.create .Values.serviceAccount.create }} + serviceAccountName: {{ template "prometheus-node-exporter.serviceAccountName" . }} +{{- end }} +{{- if .Values.securityContext }} + securityContext: +{{ toYaml .Values.securityContext | indent 8 }} +{{- end }} +{{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} +{{- end }} + containers: + - name: node-exporter + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --web.listen-address=0.0.0.0:{{ .Values.service.port }} +{{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} +{{- end }} + ports: + - name: metrics + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: {{ .Values.service.port }} + readinessProbe: + httpGet: + path: / + port: {{ .Values.service.port }} + resources: +{{ toYaml .Values.resources | indent 12 }} + volumeMounts: + - name: proc + mountPath: /host/proc + readOnly: true + - name: sys + mountPath: /host/sys + readOnly: true + {{- if .Values.extraHostVolumeMounts }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} + {{- if $mount.mountPropagation }} + mountPropagation: {{ $mount.mountPropagation }} + {{- end }} + {{- end }} + {{- end }} + hostNetwork: true + hostPID: true +{{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} +{{- end }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: proc + hostPath: + path: /proc + - name: sys + hostPath: + path: /sys + {{- if .Values.extraHostVolumeMounts }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + hostPath: + path: {{ $mount.hostPath }} + {{- end }} + {{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/endpoints.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/endpoints.yaml new file mode 100755 index 00000000..4c5c75fa --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/endpoints.yaml @@ -0,0 +1,17 @@ +{{- if .Values.endpoints }} +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + labels: +{{ include "prometheus-node-exporter.labels" . | indent 4 }} +subsets: + - addresses: + {{- range .Values.endpoints }} + - ip: {{ . }} + {{- end }} + ports: + - name: metrics + port: 9100 + protocol: TCP +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/monitor.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/monitor.yaml new file mode 100755 index 00000000..9c723e69 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/monitor.yaml @@ -0,0 +1,17 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} + {{- if .Values.prometheus.monitor.additionalLabels }} +{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} + endpoints: + - port: metrics +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml new file mode 100755 index 00000000..3d0a636a --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} + name: psp-{{ template "prometheus-node-exporter.fullname" . }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-node-exporter.fullname" . }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml new file mode 100755 index 00000000..50f7a149 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} + name: psp-{{ template "prometheus-node-exporter.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: psp-{{ template "prometheus-node-exporter.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp.yaml new file mode 100755 index 00000000..1fa6f289 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/psp.yaml @@ -0,0 +1,51 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +apiVersion: extensions/v1beta1 +kind: PodSecurityPolicy +metadata: + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} + name: {{ template "prometheus-node-exporter.fullname" . }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + - 'hostPath' + hostNetwork: true + hostIPC: false + hostPID: true + hostPorts: + - min: 0 + max: 65535 + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/service.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/service.yaml new file mode 100755 index 00000000..cffe547b --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: metrics + selector: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml new file mode 100755 index 00000000..b70745aa --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/templates/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create -}} +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-node-exporter.serviceAccountName" . }} + labels: + app: {{ template "prometheus-node-exporter.name" . }} + chart: {{ template "prometheus-node-exporter.chart" . }} + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +imagePullSecrets: +{{ toYaml .Values.serviceAccount.imagePullSecrets | indent 2 }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/values.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/values.yaml new file mode 100755 index 00000000..14bcfc53 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus-node-exporter/values.yaml @@ -0,0 +1,96 @@ +# Default values for prometheus-node-exporter. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: quay.io/prometheus/node-exporter + tag: v0.17.0 + pullPolicy: IfNotPresent + +service: + type: ClusterIP + port: 9100 + targetPort: 9100 + nodePort: + annotations: + prometheus.io/scrape: "true" + +prometheus: + monitor: + enabled: false + additionalLabels: {} + namespace: "" + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 200m + # memory: 50Mi + # requests: + # cpu: 100m + # memory: 30Mi + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + imagePullSecrets: [] + +securityContext: + runAsNonRoot: true + runAsUser: 65534 + +rbac: + ## If true, create & use RBAC resources + ## + create: true + ## If true, create & use Pod Security Policy resources + ## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ + pspEnabled: true + +# for deployments that have node_exporter deployed outside of the cluster, list +# their addresses here +endpoints: [] + +## Assign a group of affinity scheduling rules +## +affinity: {} +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchFields: +# - key: metadata.name +# operator: In +# values: +# - target-host-name + +## Assign a nodeSelector if operating a hybrid cluster +## +nodeSelector: {} +# beta.kubernetes.io/arch: amd64 +# beta.kubernetes.io/os: linux + +tolerations: + - effect: NoSchedule + operator: Exists + +## Assign a PriorityClassName to pods if set +# priorityClassName: "" + +## Additional container arguments +## +extraArgs: {} +# - --collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v)d[a-z]|nvme\\d+n\\d+p)\\d+$ + +## Additional mounts from the host +## +extraHostVolumeMounts: {} +# - name: +# hostPath: +# mountPath: +# readOnly: true|false +# mountPropagation: None|HostToContainer|Bidirectional diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/.helmignore b/vnfs/DAaaS/deploy/collection/charts/prometheus/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/Chart.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus/Chart.yaml new file mode 100644 index 00000000..6e7ddfbc --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Prometheus instance with remote storage integrations. +name: prometheus +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/NOTES.txt b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/NOTES.txt new file mode 100644 index 00000000..f8882883 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/NOTES.txt @@ -0,0 +1,15 @@ +1. Get the application URL by running these commands: +{{ if contains "NodePort" .Values.prometheus.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus.fullname" . }}-prometheus) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.prometheus.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "prometheus.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "prometheus.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.prometheus.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "prometheus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:9090 to use your application" + kubectl port-forward $POD_NAME 9090:80 +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/_helpers.tpl b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/_helpers.tpl new file mode 100644 index 00000000..1ac77dd8 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/_helpers.tpl @@ -0,0 +1,47 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Create chart name and version as used by the chart label. */}} +{{- define "prometheus.chartref" -}} +{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}} +{{- end }} + +{{/* Generate basic labels */}} +{{- define "prometheus.labels" }} +chart: {{ template "prometheus.chartref" . }} +release: {{ .Release.Name | quote }} +heritage: {{ .Release.Service | quote }} +{{- if .Values.commonLabels}} +{{ toYaml .Values.commonLabels }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/prometheus.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/prometheus.yaml new file mode 100644 index 00000000..9c3d84c2 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/prometheus.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: Prometheus +metadata: + name: {{ template "prometheus.fullname" . }}-prometheus + labels: + app: {{ template "prometheus.name" . }}-prometheus + "helm.sh/hook": post-install + "helm.sh/hook-weight": "2" +spec: + serviceMonitorSelector: + matchLabels: + app: {{ template "prometheus.name" . }}-prometheus + release: {{ .Release.Name }} + serviceMonitorNamespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + + # TODO: Templatizing multiple remote read/write. + # Especially Kafka adapater. + remoteRead: + - url: "{{ .Values.m3db.url }}/api/v1/prom/remote/read" + # To test reading even when local Prometheus has the data + readRecent: true + remoteWrite: + - url: "{{ .Values.m3db.url }}/api/v1/prom/remote/write" + # To differentiate between local and remote storage we will add a storage label + writeRelabelConfigs: + - targetLabel: metrics_storage + replacement: m3db_remote + - url: "{{ .Values.kafkaAdapter.url }}/receive" + containers: + - name: {{ template "prometheus.name" . }}-adapter + image: "{{ .Values.kafkaAdapter.image.repository }}:{{ .Values.kafkaAdapter.image.tag }}" + imagePullPolicy: {{ .Values.kafkaAdapter.image.pullPolicy }} + env: + - name: KAFKA_BROKER_LIST + value: {{ .Values.kafkaAdapter.broker }} + - name: KAFKA_TOPIC + value: {{ .Values.kafkaAdapter.topic }} + - name: SERIALIZATION_FORMAT + value: {{ .Values.kafkaAdapter.serializationFormat }} + - name: PORT + value: {{ quote .Values.kafkaAdapter.port }} + - name: LOG_LEVEL + value: {{ .Values.kafkaAdapter.logLevel }} + resources: +{{ toYaml .Values.kafkaAdapter.resources | indent 6 }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/service.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/service.yaml new file mode 100644 index 00000000..0114ed2e --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/service.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus.fullname" . }}-prometheus + labels: + app: {{ template "prometheus.name" . }}-prometheus +{{- if .Values.prometheus.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if .Values.prometheus.service.clusterIP }} + clusterIP: {{ .Values.prometheus.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: web + {{- if eq .Values.prometheus.service.type "NodePort" }} + nodePort: {{ .Values.global.nodePortPrefix }}{{ .Values.prometheus.service.nodePort }} + {{- end }} + port: 9090 + targetPort: web + selector: + app: prometheus + prometheus: {{ template "prometheus.fullname" . }}-prometheus + type: "{{ .Values.prometheus.service.type }}" diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/servicemonitor.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/servicemonitor.yaml new file mode 100644 index 00000000..ea2b81b6 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/templates/servicemonitor.yaml @@ -0,0 +1,30 @@ +{{- if .Values.prometheus.additionalServiceMonitors }} +apiVersion: v1 +kind: List +items: +{{- range .Values.prometheus.additionalServiceMonitors }} + - apiVersion: "monitoring.coreos.com/v1" + kind: ServiceMonitor + metadata: + name: {{ .name }} + "helm.sh/hook": post-install + "helm.sh/hook-weight": "1" + labels: + app: {{ template "prometheus.name" $ }}-prometheus +{{ include "prometheus.labels" $ | indent 8 }} + {{- if .additionalLabels }} +{{ toYaml .additionalLabels | indent 8 }} + {{- end }} + spec: + endpoints: +{{ toYaml .endpoints | indent 8 }} + {{- if .jobLabel }} + jobLabel: {{ .jobLabel }} + {{- end }} + namespaceSelector: + matchNames: + - {{ $.Release.Namespace | quote }} + selector: +{{ toYaml .selector | indent 8 }} release: {{ $.Release.Name | quote }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/collection/charts/prometheus/values.yaml b/vnfs/DAaaS/deploy/collection/charts/prometheus/values.yaml new file mode 100644 index 00000000..4398f52f --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/charts/prometheus/values.yaml @@ -0,0 +1,79 @@ +## Deploy a Prometheus instance +## +prometheus: + additionalServiceMonitors: + - name: service-monitor-collectd + additionalLabels: + collector: collectd + jobLabel: collectd + selector: + matchLabels: + app: collectd + endpoints: + - port: collectd-prometheus + interval: 10s + path: /metrics + - name: service-monitor-node-exporter + additionalLabels: + collector: prometheus-node-exporter + jobLabel: node-exporter + selector: + matchLabels: + app: prometheus-node-exporter + endpoints: + - port: metrics + interval: 30s + - name: service-monitor-cadvisor + additionalLabels: + collector: cadvisor + jobLabel: cadvisor + selector: + matchLabels: + app: cadvisor + endpoints: + - port: cadvisor-prometheus + interval: 10s + path: /metrics + + service: + annotations: {} + labels: {} + clusterIP: "" + + ## To be used with a proxy extraContainer port + targetPort: 9090 + + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## + nodePort: 90 + + ## Loadbalancer IP + ## Only use if service.type is "loadbalancer" + loadBalancerIP: "" + loadBalancerSourceRanges: [] + ## Service type + ## + type: NodePort + + sessionAffinity: "" +m3db: + url: http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201 + +kafkaAdapter: + image: + repository: telefonica/prometheus-kafka-adapter + tag: 1.2.0 + pullPolicy: IfNotPresent + url: http://localhost:8080 + port: 8080 + broker: my-cluster-kafka-bootstrap.msg.svc.cluster.local:9092 + topic: orders + serializationFormat: json + logLevel: debug + resources: {} diff --git a/vnfs/DAaaS/deploy/collection/values.yaml b/vnfs/DAaaS/deploy/collection/values.yaml new file mode 100644 index 00000000..7fd13869 --- /dev/null +++ b/vnfs/DAaaS/deploy/collection/values.yaml @@ -0,0 +1,28 @@ +# Copyright © 2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 300 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Collection Package Day-0 configuration defaults. +################################################################# diff --git a/vnfs/DAaaS/deploy/day2_configs/collectd/README.txt b/vnfs/DAaaS/deploy/day2_configs/collectd/README.txt new file mode 100644 index 00000000..e1d6e7da --- /dev/null +++ b/vnfs/DAaaS/deploy/day2_configs/collectd/README.txt @@ -0,0 +1,14 @@ +Assuming initial/day0 config in namespace "edge1" and helm release name as "cp" (helm install -n cp collection/ --namespace=edge1) + +*******************Day2 config (add more plugins) +This day2 config adds cpu, memory and cpufreq plugins to existing config + +Run below commands to apply day2 config + +1. kubectl patch --namespace=edge1 configmaps cp-collectd-config -p "$(cat add_plugins.yaml)" + +2. Restart pods: kubectl delete pods --namespace=edge1 cp-collectd-db7mf cp-collectd-pfc9t cp-collectd-sqjvq + + +************Day3 config (replace image being used) +1. kubectl patch --namespace=edge1 daemonset cp-collectd -p "$(cat replace_image.yaml)" diff --git a/vnfs/DAaaS/deploy/day2_configs/collectd/add_plugins.yaml b/vnfs/DAaaS/deploy/day2_configs/collectd/add_plugins.yaml new file mode 100644 index 00000000..9e80ce8d --- /dev/null +++ b/vnfs/DAaaS/deploy/day2_configs/collectd/add_plugins.yaml @@ -0,0 +1,47 @@ +data: + node-collectd.conf: |- + FQDNLookup false + + LoadPlugin cpu + LoadPlugin memory + LoadPlugin cpufreq + LoadPlugin disk + LoadPlugin ethstat + LoadPlugin ipc + LoadPlugin ipmi + LoadPlugin load + LoadPlugin numa + LoadPlugin processes + LoadPlugin df + LoadPlugin turbostat + LoadPlugin uptime + LoadPlugin contextswitch + LoadPlugin irq + LoadPlugin df + LoadPlugin swap + LoadPlugin write_prometheus + + LoadPlugin logfile + + LogLevel info + File "/var/log/collectd.log" + Timestamp true + PrintSeverity false + + + Interval 5 + ReportByState false + ReportByCpu false + + + + Interval 30 + ValuesAbsolute false + ValuesPercentage true + + + + Port "{{ .Values.prometheus_port }}" + + + #Last line (collectd requires ‘\n’ at the last line) diff --git a/vnfs/DAaaS/deploy/day2_configs/collectd/replace_image.yaml b/vnfs/DAaaS/deploy/day2_configs/collectd/replace_image.yaml new file mode 100644 index 00000000..44e66948 --- /dev/null +++ b/vnfs/DAaaS/deploy/day2_configs/collectd/replace_image.yaml @@ -0,0 +1,6 @@ +spec: + template: + spec: + containers: + - name: collectd + image: "opnfv/barometer-collectd:stable" diff --git a/vnfs/DAaaS/deploy/day2_configs/prometheus/README.txt b/vnfs/DAaaS/deploy/day2_configs/prometheus/README.txt new file mode 100644 index 00000000..99b63fac --- /dev/null +++ b/vnfs/DAaaS/deploy/day2_configs/prometheus/README.txt @@ -0,0 +1,7 @@ +This day2 config adds a remote_write to existing config + +Assuming initial/day0 config in namespace "edge1" and helm release name as "cp" (helm install -n cp collection/ --namespace=edge1) + +Run below command to apply day2 config + +kubectl patch --namespace=edge1 prometheus cp-prometheus-prometheus -p "$(cat add_remote_write.yaml)" --type=merge diff --git a/vnfs/DAaaS/deploy/day2_configs/prometheus/add_remote_write.yaml b/vnfs/DAaaS/deploy/day2_configs/prometheus/add_remote_write.yaml new file mode 100644 index 00000000..48af9017 --- /dev/null +++ b/vnfs/DAaaS/deploy/day2_configs/prometheus/add_remote_write.yaml @@ -0,0 +1,13 @@ +spec: + remoteRead: + - url: "http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201/api/v1/prom/remote/read" + readRecent: true + remoteWrite: + - url: "http://m3coordinator-m3db.m3db-operator.svc.cluster.local:7201/api/v1/prom/remote/write" + writeRelabelConfigs: + - targetLabel: metrics_storage + replacement: m3db_remote + - url: "http://m3coordinator-m3db-cluster.edge1.svc.cluster.local:7201/api/v1/prom/remote/write" + writeRelabelConfigs: + - targetLabel: metrics_storage_day2 + replacement: m3db_remote_day2 diff --git a/vnfs/DAaaS/deploy/inference-core/.helmignore b/vnfs/DAaaS/deploy/inference-core/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/inference-core/Chart.yaml b/vnfs/DAaaS/deploy/inference-core/Chart.yaml new file mode 100644 index 00000000..836b1a84 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for inference framework components +name: inference-core +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/.helmignore b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/Chart.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/Chart.yaml new file mode 100644 index 00000000..2db1a483 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Helm chart for Tensorflow serving model server +name: tf-serving +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/NOTES.txt b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/NOTES.txt new file mode 100644 index 00000000..2dcf639e --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/NOTES.txt @@ -0,0 +1,20 @@ +1. Get the tensorflow serving URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range $.Values.ingress.paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "tf-serving.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "tf-serving.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "tf-serving.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export SVC_NAME=$(kubectl get svc --namespace {{ .Release.Namespace }} -l "app={{ include "tf-serving.name" . }},modelName={{ .Values.modelName }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + kubectl port-forward svc/$SVC_NAME 8500 +{{- end }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/_helpers.tpl b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/_helpers.tpl new file mode 100644 index 00000000..ce3ce917 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/_helpers.tpl @@ -0,0 +1,41 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "tf-serving.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tf-serving.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.modelName | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "tf-serving.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* Create the name of tf-serving service account to use */}} +{{- define "tf-serving.serviceAccountName" -}} +{{- if and .Values.global.rbac .Values.serviceAccount.create -}} + {{ default (include "tf-serving.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/deployment.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/deployment.yaml new file mode 100644 index 00000000..0a909e9f --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/deployment.yaml @@ -0,0 +1,138 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "tf-serving.fullname" . }} + labels: + app: {{ include "tf-serving.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service | quote }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ include "tf-serving.name" . }} + release: {{ .Release.Name }} + modelName: {{ .Values.modelName }} + template: + metadata: + labels: + app: {{ include "tf-serving.name" . }} + release: {{ .Release.Name }} + modelName: {{ .Values.modelName }} + spec: + serviceAccountName: {{ template "tf-serving.serviceAccountName" . }} + containers: + - name: tf-serving + image: "{{ .Values.image.tensorflowServing.repository }}:{{ .Values.image.tensorflowServing.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - "/usr/bin/tensorflow_model_server" + args: + - "--port={{ .Values.service.tensorflowServingPort }}" + - "--model_name={{ .Values.modelName }}" + - "--model_base_path={{ .Values.modelBasePath }}" + ports: + - name: tf-serving + containerPort: {{ .Values.service.tensorflowServingPort }} + protocol: TCP + env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "tf-serving.fullname" . }}{{ end }} + key: accesskey + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "tf-serving.fullname" . }}{{ end }} + key: secretkey + {{- range $key, $val := .Values.minio.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + readinessProbe: + tcpSocket: + port: tf-serving + initialDelaySeconds: 15 + timeoutSeconds: 1 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: /models + name: models + - name: tensorboard + image: "{{ .Values.image.tensorboard.repository }}:{{ .Values.image.tensorboard.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - tensorboard + args: + - --logdir + - {{ .Values.modelBasePath }} + - --host + - 0.0.0.0 + ports: + - name: tensorboard + containerPort: {{ .Values.service.tensorboardPort }} + protocol: TCP + env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "tf-serving.fullname" . }}{{ end }} + key: accesskey + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.minio.existingSecret }}{{ .Values.minio.existingSecret }}{{ else }}{{ template "tf-serving.fullname" . }}{{ end }} + key: secretkey + {{- range $key, $val := .Values.minio.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + livenessProbe: + httpGet: + path: / + port: {{ .Values.service.tensorboardPort }} + readinessProbe: + httpGet: + path: / + port: {{ .Values.service.tensorboardPort }} + volumeMounts: + - mountPath: /output/training_logs + name: training-logs-volume + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: models + emptyDir: {} + - name: training-logs-volume + emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/ingress.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/ingress.yaml new file mode 100644 index 00000000..b02fc8bb --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/ingress.yaml @@ -0,0 +1,55 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "tf-serving.fullname" . -}} +{{- $ingressPaths := .Values.ingress.paths -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ include "tf-serving.name" . }} + release: {{ .Release.Name }} + modelName: {{ .Values.modelName }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + {{- range $ingressPaths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: http + {{- end }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/secrets.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/secrets.yaml new file mode 100644 index 00000000..f4b8fe89 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/secrets.yaml @@ -0,0 +1,31 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if not .Values.minio.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "tf-serving.fullname" . }} + labels: + app: {{ include "tf-serving.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service | quote }} +type: Opaque +data: + accesskey: {{ .Values.minio.accessKey | b64enc }} + secretkey: {{ .Values.minio.secretKey | b64enc }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/service.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/service.yaml new file mode 100644 index 00000000..3ddcca66 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/service.yaml @@ -0,0 +1,39 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "tf-serving.fullname" . }} + labels: + app: {{ include "tf-serving.name" . }} + release: {{ .Release.Name }} + modelName: {{ .Values.modelName }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.tensorflowServingPort }} + targetPort: tf-serving + protocol: TCP + name: tf-serving + - port: {{ .Values.service.tensorboardPort }} + targetPort: tensorboard + protocol: TCP + name: tensorboard + selector: + app: {{ include "tf-serving.name" . }} + release: {{ .Release.Name }} + modelName: {{ .Values.modelName }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/serviceaccount.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/serviceaccount.yaml new file mode 100644 index 00000000..af4987d8 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/templates/serviceaccount.yaml @@ -0,0 +1,25 @@ +{{/* +# Copyright 2019 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "tf-serving.fullname" . }} + labels: + app: {{ include "tf-serving.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service | quote }} diff --git a/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/values.yaml b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/values.yaml new file mode 100644 index 00000000..ebf88683 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/charts/tf-serving/values.yaml @@ -0,0 +1,71 @@ +# Default values for tf-serving. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + tensorflowServing: + repository: tensorflow/serving + tag: latest + tensorboard: + repository: tensorflow/tensorflow + tag: latest + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" + +## Model information for tf-serving +modelName: "mnist" +modelBasePath: "s3://models/mnist" + +## Model repository information (Minio) +minio: + existingSecret: "" + accessKey: "onapdaas" + secretKey: "onapsecretdaas" + environment: + AWS_REGION: "" + S3_REGION: "" + S3_ENDPOINT: "minio.minio.svc.cluster.local:9000" + AWS_ENDPOINT_URL: "http://minio.minio.svc.cluster.local:9000" + S3_USE_HTTPS: 0 + S3_VERIFY_SSL: 0 + + +## Service account for tf-serving to use. +serviceAccount: + create: true + name: "" + +service: + type: ClusterIP + tensorflowServingPort: 8500 + tensorboardPort: 6006 + +ingress: + enabled: false + annotations: {} + paths: [] + hosts: + - chart-example.local + tls: [] + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/vnfs/DAaaS/deploy/inference-core/values.yaml b/vnfs/DAaaS/deploy/inference-core/values.yaml new file mode 100644 index 00000000..10714b88 --- /dev/null +++ b/vnfs/DAaaS/deploy/inference-core/values.yaml @@ -0,0 +1,30 @@ +# Copyright © 2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 310 + rbac: true + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# k8s Operator Day-0 configuration defaults. +################################################################# + diff --git a/vnfs/DAaaS/deploy/messaging/.helmignore b/vnfs/DAaaS/deploy/messaging/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/messaging/Chart.yaml b/vnfs/DAaaS/deploy/messaging/Chart.yaml new file mode 100644 index 00000000..a2e468f8 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Helm chart for messaging and data distribution components +name: messaging +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/messaging/charts/kafka/.helmignore b/vnfs/DAaaS/deploy/messaging/charts/kafka/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/kafka/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/messaging/charts/kafka/Chart.yaml b/vnfs/DAaaS/deploy/messaging/charts/kafka/Chart.yaml new file mode 100644 index 00000000..b0558bb8 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/kafka/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Helm chart for kafka operator +name: kafka +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/messaging/charts/kafka/templates/kafka-cluster.yaml b/vnfs/DAaaS/deploy/messaging/charts/kafka/templates/kafka-cluster.yaml new file mode 100644 index 00000000..cf71fca7 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/kafka/templates/kafka-cluster.yaml @@ -0,0 +1,29 @@ +apiVersion: kafka.strimzi.io/v1alpha1 +kind: Kafka +metadata: + name: {{ .Values.cluster_name }} +spec: + kafka: + version: {{ .Values.version }} + replicas: {{ .Values.replicas }} + listeners: + plain: {} + tls: {} + config: + offsets.topic.replication.factor: {{ .Values.topic.replicationFactor }} + transaction.state.log.replication.factor: 3 + transaction.state.log.min.isr: 2 + log.message.format.version: "2.1" + storage: + type: persistent-claim + size: {{ .Values.storage }} + deleteClaim: false + zookeeper: + replicas: {{ .Values.zookeeper.replicas }} + storage: + type: persistent-claim + size: {{ .Values.zookeeper.storage }} + deleteClaim: false + entityOperator: + topicOperator: {} + userOperator: {} diff --git a/vnfs/DAaaS/deploy/messaging/charts/kafka/values.yaml b/vnfs/DAaaS/deploy/messaging/charts/kafka/values.yaml new file mode 100644 index 00000000..a5e615c9 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/kafka/values.yaml @@ -0,0 +1,30 @@ +# Default values for kafka. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +cluster_name: my-cluster +version: 2.1.0 +replicas: 3 +topic: + replicationFactor: 3 +storage: 100Gi +zookeeper: + replicas: 3 + storage: 100Gi +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/.helmignore b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/Chart.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/Chart.yaml new file mode 100644 index 00000000..64915c66 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +appVersion: "0.1.0" +description: "Strimzi: Kafka as a Service" +name: strimzi-kafka-operator +version: 0.1.0 +icon: https://raw.githubusercontent.com/strimzi/strimzi-kafka-operator/master/documentation/logo/strimzi_logo.png +keywords: +- kafka +- queue +- stream +- event +- messaging +- datastore +- topic +home: http://strimzi.io/ +sources: +- https://github.com/strimzi/strimzi-kafka-operator +maintainers: +- name: ppatierno +- name: scholzj +- name: tombentley \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/OWNERS b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/OWNERS new file mode 100644 index 00000000..2aeed6e5 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/OWNERS @@ -0,0 +1,8 @@ +approvers: +- ppatierno +- scholzj +- tombentley +reviewers: +- ppatierno +- scholzj +- tombentley \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/README.md b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/README.md new file mode 100644 index 00000000..35226be0 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/README.md @@ -0,0 +1,105 @@ +# Strimzi: Kafka as a Service + +Strimzi provides a way to run an [Apache Kafka](https://kafka.apache.org/) cluster on +[Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.com/) in various deployment configurations. +See our [website](https://github.com/strimzi/strimzi-kafka-operator) for more details about the project. + +## Introduction + +This chart bootstraps the Strimzi Cluster Operator Deployment, Cluster Roles, Cluster Role Bindings, Service Accounts, and +Custom Resource Definitions for running [Apache Kafka](https://kafka.apache.org/) on [Kubernetes](http://kubernetes.io) +cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.9+ +- PV provisioner support in the underlying infrastructure + +## Installing the Chart + +Add the Strimzi Helm Chart repository: + +```bash +$ helm repo add strimzi http://strimzi.io/charts/ +``` + +To install the chart with the release name `my-release`: + +```bash +$ helm install --name my-release strimzi/strimzi-kafka-operator +``` + +The command deploys the Strimzi Cluster Operator on the Kubernetes cluster with the default configuration. +The [configuration](#configuration) section lists the parameters that can be configured during installation. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the operator and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the Strimzi chart and their default values. Runtime +configuration of Kafka and other components are defined within their respective Custom Resource Definitions. See +the documentation for more details. + +| Parameter | Description | Default | +| ------------------------------------ | ----------------------------------------- | ---------------------------------------------------- | +| `watchNamespaces` | Comma separated list of additional namespaces for the strimzi-operator to watch | [] | +| `image.repository` | Cluster Operator image repository | `strimzi` | +| `image.name` | Cluster Operator image name | `cluster-operator` | +| `image.tag` | Cluster Operator image tag | `0.11.0` | +| `image.imagePullPolicy` | Cluster Operator image pull policy | `IfNotPresent` | +| `logLevel` | Cluster Operator log level | `INFO` | +| `fullReconciliationIntervalMs` | Full reconciliation interval in milliseconds | 120000 | +| `operationTimeoutMs` | Operation timeout in milliseconds | 300000 | +| `zookeeper.image.repository` | ZooKeeper image repository | `strimzi` | +| `zookeeper.image.name` | ZooKeeper image name | `zookeeper` | +| `zookeeper.image.tag` | ZooKeeper image tag | `0.11.0` | +| `kafka.image.repository` | Kafka image repository | `strimzi` | +| `kafka.image.name` | Kafka image name | `kafka` | +| `kafka.image.tagPrefix` | Kafka image tag prefix | `0.11.0` | +| `kafkaConnect.image.repository` | Kafka Connect image repository | `strimzi` | +| `kafkaConnect.image.name` | Kafka Connect image name | `kafka-connect` | +| `kafkaConnect.image.tagPrefix` | Kafka Connect image tag prefix | `0.11.0` | +| `kafkaConnects2i.image.repository` | Kafka Connect s2i image repository | `strimzi` | +| `kafkaConnects2i.image.name` | Kafka Connect s2i image name | `kafka-connect-s2i` | +| `kafkaConnects2i.image.tagPrefix` | Kafka Connect s2i image tag prefix | `0.11.0` | +| `kafkaMirrorMaker.image.repository` | Kafka Mirror Maker image repository | `strimzi` | +| `kafkaMirrorMaker.image.name` | Kafka Mirror Maker image name | `kafka` | +| `kafkaMirrorMaker.image.tagPrefix` | Kafka Mirror Maker image tag prefix | `0.11.0` | +| `topicOperator.image.repository` | Topic Operator image repository | `strimzi` | +| `topicOperator.image.name` | Topic Operator s2i image name | `topic-operator` | +| `topicOperator.image.tag` | Topic Operator s2i image tag | `0.11.0` | +| `kafkaInit.image.repository` | Init Kafka image repository | `strimzi` | +| `kafkaInit.image.name` | Init Kafka image name | `kafka-init` | +| `kafkaInit.image.tag` | Init Kafka image tag | `0.11.0` | +| `tlsSidecarZookeeper.image.repository` | TLS Sidecar for ZooKeeper image repository | `strimzi` | +| `tlsSidecarZookeeper.image.name` | TLS Sidecar for ZooKeeper image name | `zookeeper-stunnel` | +| `tlsSidecarZookeeper.image.tag` | TLS Sidecar for ZooKeeper image tag | `0.11.0` | +| `tlsSidecarKafka.image.repository` | TLS Sidecar for Kafka image repository | `strimzi` | +| `tlsSidecarKafka.image.name` | TLS Sidecar for Kafka image name | `kafka-stunnel` | +| `tlsSidecarKafka.image.tag` | TLS Sidecar for Kafka image tag | `0.11.0` | +| `tlsSidecarTopicOperator.image.repository` | TLS Sidecar for Topic Operator image repository | `strimzi` | +| `tlsSidecarTopicOperator.image.name` | TLS Sidecar for Topic Operator image name | `topic-operator-stunnel` | +| `tlsSidecarTopicOperator.image.tag` | TLS Sidecar for Topic Operator image tag | `0.11.0` | +| `resources.limits.memory` | Memory constraint for limits | `256Mi` | +| `resources.limits.cpu` | CPU constraint for limits | `1000m` | +| `resources.requests.memory` | Memory constraint for requests | `256Mi` | +| `livenessProbe.initialDelaySeconds` | Liveness probe initial delay in seconds | 10 | +| `livenessProbe.periodSeconds` | Liveness probe period in seconds | 30 | +| `readinessProbe.initialDelaySeconds` | Readiness probe initial delay in seconds | 10 | +| `readinessProbe.periodSeconds` | Readiness probe period in seconds | 30 | +| `imageRepositoryOverride` | Override all image repository config | `nil` | +| `imageTagOverride` | Override all image tag config | `nil` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```bash +$ helm install --name my-release --set logLevel=DEBUG,fullReconciliationIntervalMs=240000 strimzi/strimzi-kafka-operator +``` diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/010-ServiceAccount-strimzi-cluster-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/010-ServiceAccount-strimzi-cluster-operator.yaml new file mode 100644 index 00000000..45367ad2 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/010-ServiceAccount-strimzi-cluster-operator.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: strimzi-cluster-operator + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: service-account + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-ClusterRole-strimzi-cluster-operator-role.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-ClusterRole-strimzi-cluster-operator-role.yaml new file mode 100644 index 00000000..12663c74 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-ClusterRole-strimzi-cluster-operator-role.yaml @@ -0,0 +1,259 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: strimzi-cluster-operator-namespaced + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: role + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - create + - delete + - patch + - update +- apiGroups: + - "rbac.authorization.k8s.io" + resources: + - rolebindings + verbs: + - get + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "kafka.strimzi.io" + resources: + - kafkas + - kafkaconnects + - kafkaconnects2is + - kafkamirrormakers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - delete +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch +- apiGroups: + - "extensions" + resources: + - deployments + - deployments/scale + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "apps" + resources: + - deployments + - deployments/scale + - deployments/status + - statefulsets + - replicasets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create +# OpenShift S2I requirements +- apiGroups: + - "extensions" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + - deploymentconfigs/scale + - deploymentconfigs/status + - deploymentconfigs/finalizers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - create + - delete + - get + - list + - patch + - watch + - update +- apiGroups: + - image.openshift.io + resources: + - imagestreams + - imagestreams/status + verbs: + - create + - delete + - get + - list + - watch + - patch + - update +- apiGroups: + - "" + resources: + - replicationcontrollers + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - delete + - patch + - update +- apiGroups: + - extensions + resources: + - networkpolicies + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - get + - list + - watch + - create + - delete + - patch + - update +- apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - get + - list + - create + - delete + - patch + - update +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - create + - delete + - patch + - update +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - create + - delete + - patch + - update \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-RoleBinding-strimzi-cluster-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-RoleBinding-strimzi-cluster-operator.yaml new file mode 100644 index 00000000..647774b5 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/020-RoleBinding-strimzi-cluster-operator.yaml @@ -0,0 +1,25 @@ +{{- $root := . -}} +{{- range append .Values.watchNamespaces .Release.Namespace }} +{{- if ne . "*" -}} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: strimzi-cluster-operator + namespace: {{ . }} + labels: + app: {{ template "strimzi.name" $root }} + chart: {{ template "strimzi.chart" $root }} + component: role-binding + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +subjects: + - kind: ServiceAccount + name: strimzi-cluster-operator + namespace: {{ $root.Release.Namespace }} +roleRef: + kind: ClusterRole + name: strimzi-cluster-operator-namespaced + apiGroup: rbac.authorization.k8s.io +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRole-strimzi-cluster-operator-role.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRole-strimzi-cluster-operator-role.yaml new file mode 100644 index 00000000..da7f2cda --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRole-strimzi-cluster-operator-role.yaml @@ -0,0 +1,21 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: strimzi-cluster-operator-global + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: role + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "rbac.authorization.k8s.io" + resources: + - clusterrolebindings + verbs: + - get + - create + - delete + - patch + - update \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRoleBinding-strimzi-cluster-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRoleBinding-strimzi-cluster-operator.yaml new file mode 100644 index 00000000..5e32c34c --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/021-ClusterRoleBinding-strimzi-cluster-operator.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: strimzi-cluster-operator + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: role-binding + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: strimzi-cluster-operator + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: strimzi-cluster-operator-global + apiGroup: rbac.authorization.k8s.io diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRole-strimzi-kafka-broker.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRole-strimzi-kafka-broker.yaml new file mode 100644 index 00000000..7ef0faf2 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRole-strimzi-kafka-broker.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: strimzi-kafka-broker + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: broker-role + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "" + resources: + - nodes + verbs: + - get diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRoleBinding-strimzi-cluster-operator-kafka-broker-delegation.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRoleBinding-strimzi-cluster-operator-kafka-broker-delegation.yaml new file mode 100644 index 00000000..744238c9 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/030-ClusterRoleBinding-strimzi-cluster-operator-kafka-broker-delegation.yaml @@ -0,0 +1,18 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: strimzi-cluster-operator-kafka-broker-delegation + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: broker-role-binding + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +subjects: + - kind: ServiceAccount + name: strimzi-cluster-operator + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: strimzi-kafka-broker + apiGroup: rbac.authorization.k8s.io diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-ClusterRole-strimzi-entity-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-ClusterRole-strimzi-entity-operator.yaml new file mode 100644 index 00000000..d6d6453a --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-ClusterRole-strimzi-entity-operator.yaml @@ -0,0 +1,52 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: strimzi-entity-operator + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: entity-operator-role + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "kafka.strimzi.io" + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - "kafka.strimzi.io" + resources: + - kafkausers + verbs: + - get + - list + - watch + - create + - patch + - update + - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - create + - patch + - update + - delete diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-RoleBinding-strimzi-cluster-operator-entity-operator-delegation.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-RoleBinding-strimzi-cluster-operator-entity-operator-delegation.yaml new file mode 100644 index 00000000..20b163de --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/031-RoleBinding-strimzi-cluster-operator-entity-operator-delegation.yaml @@ -0,0 +1,25 @@ +{{- $root := . -}} +{{- range append .Values.watchNamespaces .Release.Namespace }} +{{- if ne . "*" -}} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: strimzi-cluster-operator-entity-operator-delegation + namespace: {{ . }} + labels: + app: {{ template "strimzi.name" $root }} + chart: {{ template "strimzi.chart" $root }} + component: entity-operator-role-binding + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +subjects: + - kind: ServiceAccount + name: strimzi-cluster-operator + namespace: {{ $root.Release.Namespace }} +roleRef: + kind: ClusterRole + name: strimzi-entity-operator + apiGroup: rbac.authorization.k8s.io +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-ClusterRole-strimzi-topic-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-ClusterRole-strimzi-topic-operator.yaml new file mode 100644 index 00000000..4d470e40 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-ClusterRole-strimzi-topic-operator.yaml @@ -0,0 +1,29 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: strimzi-topic-operator + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: topic-operator-role + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "kafka.strimzi.io" + resources: + - kafkatopics + verbs: + - get + - list + - watch + - create + - patch + - update + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-RoleBinding-strimzi-cluster-operator-topic-operator-delegation.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-RoleBinding-strimzi-cluster-operator-topic-operator-delegation.yaml new file mode 100644 index 00000000..29f3d36b --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/032-RoleBinding-strimzi-cluster-operator-topic-operator-delegation.yaml @@ -0,0 +1,25 @@ +{{- $root := . -}} +{{- range append .Values.watchNamespaces .Release.Namespace }} +{{- if ne . "*" -}} +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: strimzi-cluster-operator-topic-operator-delegation + namespace: {{ . }} + labels: + app: {{ template "strimzi.name" $root }} + chart: {{ template "strimzi.chart" $root }} + component: topic-operator-role-binding + release: {{ $root.Release.Name }} + heritage: {{ $root.Release.Service }} +subjects: + - kind: ServiceAccount + name: strimzi-cluster-operator + namespace: {{ $root.Release.Namespace }} +roleRef: + kind: ClusterRole + name: strimzi-topic-operator + apiGroup: rbac.authorization.k8s.io +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/040-Crd-kafka.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/040-Crd-kafka.yaml new file mode 100644 index 00000000..d2e72949 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/040-Crd-kafka.yaml @@ -0,0 +1,2123 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkas.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkas.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: Kafka + listKind: KafkaList + singular: kafka + plural: kafkas + shortNames: + - k + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + kafka: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + id: + type: integer + minimum: 0 + selector: + type: object + size: + type: string + type: + type: string + enum: + - ephemeral + - persistent-claim + - jbod + volumes: + type: array + items: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + id: + type: integer + minimum: 0 + selector: + type: object + size: + type: string + type: + type: string + enum: + - ephemeral + - persistent-claim + required: + - type + required: + - type + listeners: + type: object + properties: + plain: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + enum: + - tls + - scram-sha-512 + required: + - type + networkPolicyPeers: + type: array + items: + type: object + properties: + ipBlock: + type: object + properties: + cidr: + type: string + except: + type: array + items: + type: string + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + tls: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + enum: + - tls + - scram-sha-512 + required: + - type + networkPolicyPeers: + type: array + items: + type: object + properties: + ipBlock: + type: object + properties: + cidr: + type: string + except: + type: array + items: + type: string + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + external: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + enum: + - tls + - scram-sha-512 + required: + - type + networkPolicyPeers: + type: array + items: + type: object + properties: + ipBlock: + type: object + properties: + cidr: + type: string + except: + type: array + items: + type: string + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + overrides: + type: object + properties: + bootstrap: + type: object + properties: + address: + type: string + nodePort: + type: integer + brokers: + type: array + items: + type: object + properties: + broker: + type: integer + advertisedHost: + type: string + advertisedPort: + type: integer + nodePort: + type: integer + tls: + type: boolean + type: + type: string + enum: + - route + - loadbalancer + - nodeport + required: + - type + authorization: + type: object + properties: + superUsers: + type: array + items: + type: string + type: + type: string + enum: + - simple + required: + - type + config: + type: object + rack: + type: object + properties: + topologyKey: + type: string + example: failure-domain.beta.kubernetes.io/zone + required: + - topologyKey + brokerRackInitImage: + type: string + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + gcLoggingEnabled: + type: boolean + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + tlsSidecar: + type: object + properties: + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + logLevel: + type: string + enum: + - emerg + - alert + - crit + - err + - warning + - notice + - info + - debug + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + template: + type: object + properties: + statefulset: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + bootstrapService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + brokersService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + externalBootstrapRoute: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + externalBootstrapService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + perPodRoute: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + perPodService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + podDisruptionBudget: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + maxUnavailable: + type: integer + minimum: 0 + version: + type: string + required: + - replicas + - storage + - listeners + zookeeper: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + storage: + type: object + properties: + class: + type: string + deleteClaim: + type: boolean + id: + type: integer + minimum: 0 + selector: + type: object + size: + type: string + type: + type: string + enum: + - ephemeral + - persistent-claim + required: + - type + config: + type: object + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + gcLoggingEnabled: + type: boolean + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + metrics: + type: object + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + tlsSidecar: + type: object + properties: + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + logLevel: + type: string + enum: + - emerg + - alert + - crit + - err + - warning + - notice + - info + - debug + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + template: + type: object + properties: + statefulset: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + clientService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + nodesService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + podDisruptionBudget: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + maxUnavailable: + type: integer + minimum: 0 + required: + - replicas + - storage + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + tlsSidecar: + type: object + properties: + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + logLevel: + type: string + enum: + - emerg + - alert + - crit + - err + - warning + - notice + - info + - debug + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + jvmOptions: + type: object + properties: + gcLoggingEnabled: + type: boolean + entityOperator: + type: object + properties: + topicOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + topicMetadataMaxAttempts: + type: integer + minimum: 0 + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + jvmOptions: + type: object + properties: + gcLoggingEnabled: + type: boolean + userOperator: + type: object + properties: + watchedNamespace: + type: string + image: + type: string + reconciliationIntervalSeconds: + type: integer + minimum: 0 + zookeeperSessionTimeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + jvmOptions: + type: object + properties: + gcLoggingEnabled: + type: boolean + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + tlsSidecar: + type: object + properties: + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + logLevel: + type: string + enum: + - emerg + - alert + - crit + - err + - warning + - notice + - info + - debug + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + template: + type: object + properties: + deployment: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + clusterCa: + type: object + properties: + generateCertificateAuthority: + type: boolean + validityDays: + type: integer + minimum: 1 + renewalDays: + type: integer + minimum: 1 + certificateExpirationPolicy: + type: string + enum: + - renew-certificate + - replace-key + clientsCa: + type: object + properties: + generateCertificateAuthority: + type: boolean + validityDays: + type: integer + minimum: 1 + renewalDays: + type: integer + minimum: 1 + certificateExpirationPolicy: + type: string + enum: + - renew-certificate + - replace-key + maintenanceTimeWindows: + type: array + items: + type: string + required: + - kafka + - zookeeper diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/041-Crd-kafkaconnect.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/041-Crd-kafkaconnect.yaml new file mode 100644 index 00000000..b08ac001 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/041-Crd-kafkaconnect.yaml @@ -0,0 +1,559 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkaconnects.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkaconnects.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnect + listKind: KafkaConnectList + singular: kafkaconnect + plural: kafkaconnects + shortNames: + - kc + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + gcLoggingEnabled: + type: boolean + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + metrics: + type: object + template: + type: object + properties: + deployment: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + apiService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + podDisruptionBudget: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + maxUnavailable: + type: integer + minimum: 0 + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + passwordSecret: + type: object + properties: + password: + type: string + secretName: + type: string + required: + - password + - secretName + type: + type: string + enum: + - tls + - scram-sha-512 + username: + type: string + required: + - type + bootstrapServers: + type: string + config: + type: object + externalConfiguration: + type: object + properties: + env: + type: array + items: + type: object + properties: + name: + type: string + valueFrom: + type: object + properties: + configMapKeyRef: + type: object + properties: + key: + type: string + name: + type: string + optional: + type: boolean + secretKeyRef: + type: object + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - name + - valueFrom + volumes: + type: array + items: + type: object + properties: + configMap: + type: object + properties: + defaultMode: + type: integer + items: + type: array + items: + type: object + properties: + key: + type: string + mode: + type: integer + path: + type: string + name: + type: string + optional: + type: boolean + name: + type: string + secret: + type: object + properties: + defaultMode: + type: integer + items: + type: array + items: + type: object + properties: + key: + type: string + mode: + type: integer + path: + type: string + optional: + type: boolean + secretName: + type: string + required: + - name + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + version: + type: string + required: + - bootstrapServers diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/042-Crd-kafkaconnects2i.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/042-Crd-kafkaconnects2i.yaml new file mode 100644 index 00000000..0b95c7ef --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/042-Crd-kafkaconnects2i.yaml @@ -0,0 +1,561 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkaconnects2is.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkaconnects2is.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaConnectS2I + listKind: KafkaConnectS2IList + singular: kafkaconnects2i + plural: kafkaconnects2is + shortNames: + - kcs2i + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + image: + type: string + livenessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + readinessProbe: + type: object + properties: + initialDelaySeconds: + type: integer + minimum: 0 + timeoutSeconds: + type: integer + minimum: 0 + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + gcLoggingEnabled: + type: boolean + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + metrics: + type: object + template: + type: object + properties: + deployment: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + apiService: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + podDisruptionBudget: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + maxUnavailable: + type: integer + minimum: 0 + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + passwordSecret: + type: object + properties: + password: + type: string + secretName: + type: string + required: + - password + - secretName + type: + type: string + enum: + - tls + - scram-sha-512 + username: + type: string + required: + - type + bootstrapServers: + type: string + config: + type: object + externalConfiguration: + type: object + properties: + env: + type: array + items: + type: object + properties: + name: + type: string + valueFrom: + type: object + properties: + configMapKeyRef: + type: object + properties: + key: + type: string + name: + type: string + optional: + type: boolean + secretKeyRef: + type: object + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - name + - valueFrom + volumes: + type: array + items: + type: object + properties: + configMap: + type: object + properties: + defaultMode: + type: integer + items: + type: array + items: + type: object + properties: + key: + type: string + mode: + type: integer + path: + type: string + name: + type: string + optional: + type: boolean + name: + type: string + secret: + type: object + properties: + defaultMode: + type: integer + items: + type: array + items: + type: object + properties: + key: + type: string + mode: + type: integer + path: + type: string + optional: + type: boolean + secretName: + type: string + required: + - name + insecureSourceRepository: + type: boolean + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + version: + type: string + required: + - bootstrapServers diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/043-Crd-kafkatopic.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/043-Crd-kafkatopic.yaml new file mode 100644 index 00000000..69bf8efa --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/043-Crd-kafkatopic.yaml @@ -0,0 +1,44 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkatopics.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkatopics.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaTopic + listKind: KafkaTopicList + singular: kafkatopic + plural: kafkatopics + shortNames: + - kt + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + partitions: + type: integer + minimum: 1 + replicas: + type: integer + minimum: 1 + maximum: 32767 + config: + type: object + topicName: + type: string + required: + - partitions + - replicas diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/044-Crd-kafkauser.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/044-Crd-kafkauser.yaml new file mode 100644 index 00000000..2c0bd552 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/044-Crd-kafkauser.yaml @@ -0,0 +1,100 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkausers.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkausers.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaUser + listKind: KafkaUserList + singular: kafkauser + plural: kafkausers + shortNames: + - ku + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + authentication: + type: object + properties: + type: + type: string + enum: + - tls + - scram-sha-512 + required: + - type + authorization: + type: object + properties: + acls: + type: array + items: + type: object + properties: + host: + type: string + operation: + type: string + enum: + - Read + - Write + - Create + - Delete + - Alter + - Describe + - ClusterAction + - AlterConfigs + - DescribeConfigs + - IdempotentWrite + - All + resource: + type: object + properties: + name: + type: string + patternType: + type: string + enum: + - literal + - prefix + type: + type: string + enum: + - topic + - group + - cluster + - transactionalId + required: + - type + type: + type: string + enum: + - allow + - deny + required: + - operation + - resource + type: + type: string + enum: + - simple + required: + - acls + - type + required: + - authentication diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/045-Crd-kafkamirrormaker.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/045-Crd-kafkamirrormaker.yaml new file mode 100644 index 00000000..eeefe116 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/045-Crd-kafkamirrormaker.yaml @@ -0,0 +1,526 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kafkamirrormakers.kafka.strimzi.io + labels: + app: '{{ template "strimzi.name" . }}' + chart: '{{ template "strimzi.chart" . }}' + component: kafkamirrormakers.kafka.strimzi.io-crd + release: '{{ .Release.Name }}' + heritage: '{{ .Release.Service }}' + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: kafka.strimzi.io + version: v1alpha1 + scope: Namespaced + names: + kind: KafkaMirrorMaker + listKind: KafkaMirrorMakerList + singular: kafkamirrormaker + plural: kafkamirrormakers + shortNames: + - kmm + validation: + openAPIV3Schema: + properties: + spec: + type: object + properties: + replicas: + type: integer + minimum: 1 + image: + type: string + whitelist: + type: string + consumer: + type: object + properties: + numStreams: + type: integer + minimum: 1 + groupId: + type: string + bootstrapServers: + type: string + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + passwordSecret: + type: object + properties: + password: + type: string + secretName: + type: string + required: + - password + - secretName + type: + type: string + enum: + - tls + - scram-sha-512 + username: + type: string + required: + - type + config: + type: object + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - groupId + - bootstrapServers + producer: + type: object + properties: + bootstrapServers: + type: string + authentication: + type: object + properties: + certificateAndKey: + type: object + properties: + certificate: + type: string + key: + type: string + secretName: + type: string + required: + - certificate + - key + - secretName + passwordSecret: + type: object + properties: + password: + type: string + secretName: + type: string + required: + - password + - secretName + type: + type: string + enum: + - tls + - scram-sha-512 + username: + type: string + required: + - type + config: + type: object + tls: + type: object + properties: + trustedCertificates: + type: array + items: + type: object + properties: + certificate: + type: string + secretName: + type: string + required: + - certificate + - secretName + required: + - trustedCertificates + required: + - bootstrapServers + resources: + type: object + properties: + limits: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + requests: + type: object + properties: + cpu: + type: string + pattern: '[0-9]+m?$' + memory: + type: string + pattern: '[0-9]+([kKmMgGtTpPeE]i?)?$' + affinity: + type: object + properties: + nodeAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + preference: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: object + properties: + nodeSelectorTerms: + type: array + items: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchFields: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + podAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + weight: + type: integer + requiredDuringSchedulingIgnoredDuringExecution: + type: array + items: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + type: string + matchLabels: + type: object + namespaces: + type: array + items: + type: string + topologyKey: + type: string + tolerations: + type: array + items: + type: object + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + jvmOptions: + type: object + properties: + -XX: + type: object + -Xms: + type: string + pattern: '[0-9]+[mMgG]?' + -Xmx: + type: string + pattern: '[0-9]+[mMgG]?' + gcLoggingEnabled: + type: boolean + logging: + type: object + properties: + loggers: + type: object + name: + type: string + type: + type: string + enum: + - inline + - external + required: + - type + metrics: + type: object + template: + type: object + properties: + deployment: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + pod: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + imagePullSecrets: + type: array + items: + type: object + properties: + name: + type: string + securityContext: + type: object + properties: + fsGroup: + type: integer + runAsGroup: + type: integer + runAsNonRoot: + type: boolean + runAsUser: + type: integer + seLinuxOptions: + type: object + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + supplementalGroups: + type: array + items: + type: integer + sysctls: + type: array + items: + type: object + properties: + name: + type: string + value: + type: string + terminationGracePeriodSeconds: + type: integer + minimum: 0 + podDisruptionBudget: + type: object + properties: + metadata: + type: object + properties: + labels: + type: object + annotations: + type: object + maxUnavailable: + type: integer + minimum: 0 + version: + type: string + required: + - replicas + - whitelist + - consumer + - producer diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/050-Deployment-strimzi-cluster-operator.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/050-Deployment-strimzi-cluster-operator.yaml new file mode 100644 index 00000000..2f9b570d --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/050-Deployment-strimzi-cluster-operator.yaml @@ -0,0 +1,74 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: strimzi-cluster-operator + labels: + app: {{ template "strimzi.name" . }} + chart: {{ template "strimzi.chart" . }} + component: deployment + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + template: + metadata: + labels: + name: strimzi-cluster-operator + spec: + serviceAccountName: strimzi-cluster-operator + containers: + - name: strimzi-cluster-operator + image: {{ default .Values.image.repository .Values.imageRepositoryOverride }}/{{ .Values.image.name }}:{{ default .Values.image.tag .Values.imageTagOverride }} + imagePullPolicy: {{ .Values.image.imagePullPolicy | quote }} + env: + - name: STRIMZI_NAMESPACE + {{- if .Values.watchNamespaces -}} + {{- $ns := .Values.watchNamespaces -}} + {{- if has "*" $ns }} + value: "*" + {{- else -}} + {{- $ns := append $ns .Release.Namespace }} + value: "{{ join "," $ns }}" + {{- end }} + {{- else }} + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- end }} + - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS + value: {{ .Values.fullReconciliationIntervalMs | quote }} + - name: STRIMZI_OPERATION_TIMEOUT_MS + value: {{ .Values.operationTimeoutMs | quote }} + - name: STRIMZI_DEFAULT_ZOOKEEPER_IMAGE + value: "{{ default .Values.zookeeper.image.repository .Values.imageRepositoryOverride }}/{{ .Values.zookeeper.image.name }}:{{ default .Values.zookeeper.image.tag .Values.imageTagOverride }}-kafka-2.0.0" + {{- template "strimzi.kafka.image.map" . }} + - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE + value: "{{ default .Values.topicOperator.image.repository .Values.imageRepositoryOverride }}/{{ .Values.topicOperator.image.name }}:{{ default .Values.topicOperator.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE + value: "{{ default .Values.userOperator.image.repository .Values.imageRepositoryOverride }}/{{ .Values.userOperator.image.name }}:{{ default .Values.userOperator.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE + value: "{{ default .Values.kafkaInit.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaInit.image.name }}:{{ default .Values.kafkaInit.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ZOOKEEPER_IMAGE + value: "{{ default .Values.tlsSidecarZookeeper.image.repository .Values.imageRepositoryOverride }}/{{ .Values.tlsSidecarZookeeper.image.name }}:{{ default .Values.tlsSidecarZookeeper.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_DEFAULT_TLS_SIDECAR_KAFKA_IMAGE + value: "{{ default .Values.tlsSidecarKafka.image.repository .Values.imageRepositoryOverride }}/{{ .Values.tlsSidecarKafka.image.name }}:{{ default .Values.tlsSidecarKafka.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE + value: "{{ default .Values.tlsSidecarEntityOperator.image.repository .Values.imageRepositoryOverride }}/{{ .Values.tlsSidecarEntityOperator.image.name }}:{{ default .Values.tlsSidecarEntityOperator.image.tag .Values.imageTagOverride }}" + - name: STRIMZI_LOG_LEVEL + value: {{ .Values.logLevel | quote }} + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + resources: +{{ toYaml .Values.resources | indent 12 }} + strategy: + type: Recreate diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/NOTES.txt b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/NOTES.txt new file mode 100644 index 00000000..b49a9787 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/NOTES.txt @@ -0,0 +1,5 @@ +Thank you for installing {{ .Chart.Name }}-{{ .Chart.Version }} + +To create a Kafka cluster refer to the following documentation. + +http://strimzi.io/docs/{{ .Chart.Version }}/#kafka-cluster-str diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_helpers.tpl b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_helpers.tpl new file mode 100644 index 00000000..c2aac512 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_helpers.tpl @@ -0,0 +1,49 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "strimzi.name" -}} +{{- default "strimzi" .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "strimzi.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "strimzi.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Generate a docker registry prefix or empty string. + +NOTE: Not currently being used. Is this useful? +*/}} +{{- define "dockerRegistryOverride" -}} +{{- if .Values.dockerRegistryOverride -}} +{{- printf "%s/" .Values.image.dockerRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{- define "imageRepositoryOverride" -}} +{{- .Values.imageRepositoryOverride -}} +{{- end -}} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_kafka_image_map.tpl b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_kafka_image_map.tpl new file mode 100644 index 00000000..fa22632e --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/templates/_kafka_image_map.tpl @@ -0,0 +1,28 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* This file is generated in helm-charts/Makefile */}} +{{/* DO NOT EDIT BY HAND */}} + +{{/* Generate the kafka image map */}} +{{- define "strimzi.kafka.image.map" }} + - name: STRIMZI_KAFKA_IMAGES + value: | + 2.0.0={{ default .Values.kafka.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafka.image.name }}:{{ default .Values.kafka.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.0 + 2.0.1={{ default .Values.kafka.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafka.image.name }}:{{ default .Values.kafka.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.1 + 2.1.0={{ default .Values.kafka.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafka.image.name }}:{{ default .Values.kafka.image.tagPrefix .Values.imageTagOverride }}-kafka-2.1.0 + - name: STRIMZI_KAFKA_CONNECT_IMAGES + value: | + 2.0.0={{ default .Values.kafkaConnect.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.kafkaConnect.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.0 + 2.0.1={{ default .Values.kafkaConnect.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.kafkaConnect.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.1 + 2.1.0={{ default .Values.kafkaConnect.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnect.image.name }}:{{ default .Values.kafkaConnect.image.tagPrefix .Values.imageTagOverride }}-kafka-2.1.0 + - name: STRIMZI_KAFKA_CONNECT_S2I_IMAGES + value: | + 2.0.0={{ default .Values.kafkaConnects2i.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnects2i.image.name }}:{{ default .Values.kafkaConnects2i.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.0 + 2.0.1={{ default .Values.kafkaConnects2i.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnects2i.image.name }}:{{ default .Values.kafkaConnects2i.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.1 + 2.1.0={{ default .Values.kafkaConnects2i.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaConnects2i.image.name }}:{{ default .Values.kafkaConnects2i.image.tagPrefix .Values.imageTagOverride }}-kafka-2.1.0 + - name: STRIMZI_KAFKA_MIRROR_MAKER_IMAGES + value: | + 2.0.0={{ default .Values.kafkaMirrorMaker.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.kafkaMirrorMaker.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.0 + 2.0.1={{ default .Values.kafkaMirrorMaker.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.kafkaMirrorMaker.image.tagPrefix .Values.imageTagOverride }}-kafka-2.0.1 + 2.1.0={{ default .Values.kafkaMirrorMaker.image.repository .Values.imageRepositoryOverride }}/{{ .Values.kafkaMirrorMaker.image.name }}:{{ default .Values.kafkaMirrorMaker.image.tagPrefix .Values.imageTagOverride }}-kafka-2.1.0 +{{- end -}} diff --git a/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/values.yaml b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/values.yaml new file mode 100644 index 00000000..74a7c581 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/charts/strimzi-kafka-operator/values.yaml @@ -0,0 +1,89 @@ +# Default values for strimzi-kafka-operator. + +watchNamespaces: + - "*" + +image: + repository: strimzi + name: cluster-operator + tag: 0.11.0 + imagePullPolicy: IfNotPresent +logLevel: INFO +fullReconciliationIntervalMs: 120000 +operationTimeoutMs: 300000 +# Docker images that operator uses to provision various components of Strimzi. To use your own registry prefix the +# repository name with your registry URL. +# Ex) repository: registry.xyzcorp.com/strimzi/zookeeper +zookeeper: + image: + repository: strimzi + name: zookeeper + tag: 0.11.0 +kafka: + image: + repository: strimzi + name: kafka + tagPrefix: 0.11.0 +kafkaConnect: + image: + repository: strimzi + name: kafka-connect + tagPrefix: 0.11.0 +kafkaConnects2i: + image: + repository: strimzi + name: kafka-connect-s2i + tagPrefix: 0.11.0 +topicOperator: + image: + repository: strimzi + name: topic-operator + tag: 0.11.0 +userOperator: + image: + repository: strimzi + name: user-operator + tag: 0.11.0 +kafkaInit: + image: + repository: strimzi + name: kafka-init + tag: 0.11.0 +tlsSidecarZookeeper: + image: + repository: strimzi + name: zookeeper-stunnel + tag: 0.11.0 +tlsSidecarKafka: + image: + repository: strimzi + name: kafka-stunnel + tag: 0.11.0 +tlsSidecarEntityOperator: + image: + repository: strimzi + name: entity-operator-stunnel + tag: 0.11.0 +kafkaMirrorMaker: + image: + repository: strimzi + name: kafka-mirror-maker + tagPrefix: 0.11.0 +resources: + limits: + memory: 256Mi + cpu: 1000m + requests: + memory: 256Mi + cpu: 200m +livenessProbe: + initialDelaySeconds: 10 + periodSeconds: 30 +readinessProbe: + initialDelaySeconds: 10 + periodSeconds: 30 + +# Override the docker image repository used by all Strimzi images +# imageRepositoryOverride: foobar +# Override the docker image tag used by all Strimzi images +# imageTagOverride: latest diff --git a/vnfs/DAaaS/deploy/messaging/values.yaml b/vnfs/DAaaS/deploy/messaging/values.yaml new file mode 100644 index 00000000..5872bdf9 --- /dev/null +++ b/vnfs/DAaaS/deploy/messaging/values.yaml @@ -0,0 +1,29 @@ +# Copyright © 2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 370 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# k8s Operator Day-0 configuration defaults. +################################################################# + diff --git a/vnfs/DAaaS/deploy/minio/.helmignore b/vnfs/DAaaS/deploy/minio/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/minio/Chart.yaml b/vnfs/DAaaS/deploy/minio/Chart.yaml new file mode 100755 index 00000000..aefd5629 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +description: Minio is a high performance distributed object storage server, designed for large-scale private cloud infrastructure. +name: minio +version: 2.4.6 +appVersion: RELEASE.2019-02-12T21-58-47Z +keywords: +- storage +- object-storage +- S3 +home: https://minio.io +icon: https://www.minio.io/img/logo_160x160.png +sources: +- https://github.com/minio/minio +maintainers: +- name: Acaleph + email: hello@acale.ph +- name: Minio + email: dev@minio.io +- name: nitisht + email: nitish@min.io +- name: wlan0 + email: sid@min.io diff --git a/vnfs/DAaaS/deploy/minio/README.md b/vnfs/DAaaS/deploy/minio/README.md new file mode 100755 index 00000000..1b101647 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/README.md @@ -0,0 +1,330 @@ +Minio +===== + +[Minio](https://minio.io) is a distributed object storage service for high performance, high scale data infrastructures. It is a drop in replacement for AWS S3 in your own environment. It uses erasure coding to provide highly resilient storage that can tolerate failures of upto n/2 nodes. It runs on cloud, container, kubernetes and bare-metal environments. It is simple enough to be deployed in seconds, and can scale to 100s of peta bytes. Minio is suitable for storing objects such as photos, videos, log files, backups, VM and container images. + +Minio supports [distributed mode](https://docs.minio.io/docs/distributed-minio-quickstart-guide). In distributed mode, you can pool multiple drives (even on different machines) into a single object storage server. + +Introduction +------------ + +This chart bootstraps Minio deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Prerequisites +------------- + +- Kubernetes 1.4+ with Beta APIs enabled for default standalone mode. +- Kubernetes 1.5+ with Beta APIs enabled to run Minio in [distributed mode](#distributed-minio). +- PV provisioner support in the underlying infrastructure. + +Installing the Chart +-------------------- + +Install this chart using: + +```bash +$ helm install stable/minio +``` + +The command deploys Minio on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +### Release name + +An instance of a chart running in a Kubernetes cluster is called a release. Each release is identified by a unique name within the cluster. Helm automatically assigns a unique release name after installing the chart. You can also set your preferred name by: + +```bash +$ helm install --name my-release stable/minio +``` + +### Access and Secret keys + +By default a pre-generated access and secret key will be used. To override the default keys, pass the access and secret keys as arguments to helm install. + +```bash +$ helm install --set accessKey=myaccesskey,secretKey=mysecretkey \ + stable/minio +``` + +### Updating Minio configuration via Helm + +[ConfigMap](https://kubernetes.io/docs/user-guide/configmap/) allows injecting containers with configuration data even while a Helm release is deployed. + +To update your Minio server configuration while it is deployed in a release, you need to + +1. Check all the configurable values in the Minio chart using `helm inspect values stable/minio`. +2. Override the `minio_server_config` settings in a YAML formatted file, and then pass that file like this `helm upgrade -f config.yaml stable/minio`. +3. Restart the Minio server(s) for the changes to take effect. + +You can also check the history of upgrades to a release using `helm history my-release`. Replace `my-release` with the actual release name. + +Uninstalling the Chart +---------------------- + +Assuming your release is named as `my-release`, delete it using the command: + +```bash +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +Upgrading the Chart +------------------- + +You can use Helm to update Minio version in a live release. Assuming your release is named as `my-release`, get the values using the command: + +```bash +$ helm get values my-release > old_values.yaml +``` + +Then change the field `image.tag` in `old_values.yaml` file with Minio image tag you want to use. Now update the chart using + +```bash +$ helm upgrade -f old_values.yaml my-release stable/minio +``` + +Default upgrade strategies are specified in the `values.yaml` file. Update these fields if you'd like to use a different strategy. + +Configuration +------------- + +The following table lists the configurable parameters of the Minio chart and their default values. + +| Parameter | Description | Default | +|----------------------------|-------------------------------------|---------------------------------------------------------| +| `image.repository` | Image repository | `minio/minio` | +| `image.tag` | Minio image tag. Possible values listed [here](https://hub.docker.com/r/minio/minio/tags/).| `RELEASE.2019-02-12T21-58-47Z`| +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `mcImage.repository` | Client image repository | `minio/mc` | +| `mcImage.tag` | mc image tag. Possible values listed [here](https://hub.docker.com/r/minio/mc/tags/).| `RELEASE.2019-02-13T19-48-27Z`| +| `mcImage.pullPolicy` | mc Image pull policy | `IfNotPresent` | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.hosts` | Ingress accepted hostnames | `[]` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `mode` | Minio server mode (`standalone` or `distributed`)| `standalone` | +| `replicas` | Number of nodes (applicable only for Minio distributed mode). Should be 4 <= x <= 32 | `4` | +| `existingSecret` | Name of existing secret with access and secret key.| `""` | +| `accessKey` | Default access key (5 to 20 characters) | `AKIAIOSFODNN7EXAMPLE` | +| `secretKey` | Default secret key (8 to 40 characters) | `wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY` | +| `configPath` | Default config file location | `~/.minio` | +| `configPathmc` | Default config file location for minio client - mc | `~/.mc` | +| `mountPath` | Default mount location for persistent drive| `/export` | +| `clusterDomain` | domain name of kubernetes cluster where pod is running.| `cluster.local` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.port` | Kubernetes port where service is exposed| `9000` | +| `service.externalIPs` | service external IP addresses | `nil` | +| `service.annotations` | Service annotations | `{}` | +| `persistence.enabled` | Use persistent volume to store data | `true` | +| `persistence.size` | Size of persistent volume claim | `10Gi` | +| `persistence.existingClaim`| Use an existing PVC to persist data | `nil` | +| `persistence.storageClass` | Storage class name of PVC | `nil` | +| `persistence.accessMode` | ReadWriteOnce or ReadOnly | `ReadWriteOnce` | +| `persistence.subPath` | Mount a sub directory of the persistent volume if set | `""` | +| `resources` | CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` | +| `priorityClassName` | Pod priority settings | `""` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `affinity` | Affinity settings for pod assignment | `{}` | +| `tolerations` | Toleration labels for pod assignment | `[]` | +| `podAnnotations` | Pod annotations | `{}` | +| `tls.enabled` | Enable TLS for Minio server | `false` | +| `tls.certSecret` | Kubernetes Secret with `public.crt` and `private.key` files. | `""` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `5` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `30` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `1` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `15` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `1` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `defaultBucket.enabled` | If set to true, a bucket will be created after minio install | `false` | +| `defaultBucket.name` | Bucket name | `bucket` | +| `defaultBucket.policy` | Bucket policy | `none` | +| `defaultBucket.purge` | Purge the bucket if already exists | `false` | +| `buckets` | List of buckets to create after minio install | `[]` | +| `s3gateway.enabled` | Use minio as a [s3 gateway](https://github.com/minio/minio/blob/master/docs/gateway/s3.md)| `false` | +| `s3gateway.replicas` | Number of s3 gateway instances to run in parallel | `4` | +| `s3gateway.serviceEndpoint`| Endpoint to the S3 compatible service | `""` | +| `azuregateway.enabled` | Use minio as an [azure gateway](https://docs.minio.io/docs/minio-gateway-for-azure)| `false` | +| `gcsgateway.enabled` | Use minio as a [Google Cloud Storage gateway](https://docs.minio.io/docs/minio-gateway-for-gcs)| `false` | +| `gcsgateway.gcsKeyJson` | credential json file of service account key | `""` | +| `gcsgateway.projectId` | Google cloud project id | `""` | +| `ossgateway.enabled` | Use minio as an [Alibaba Cloud Object Storage Service gateway](https://github.com/minio/minio/blob/master/docs/gateway/oss.md)| `false` | +| `ossgateway.replicas` | Number of oss gateway instances to run in parallel | `4` | +| `ossgateway.endpointURL` | OSS server endpoint. | `""` | +| `nasgateway.enabled` | Use minio as a [NAS gateway](https://docs.minio.io/docs/minio-gateway-for-nas) | `false` | +| `nasgateway.replicas` | Number of NAS gateway instances to be run in parallel on a PV | `4` | +| `environment` | Set Minio server relevant environment variables in `values.yaml` file. Minio containers will be passed these variables when they start. | `MINIO_BROWSER: "on"` | + +Some of the parameters above map to the env variables defined in the [Minio DockerHub image](https://hub.docker.com/r/minio/minio/). + +You can specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```bash +$ helm install --name my-release \ + --set persistence.size=100Gi \ + stable/minio +``` + +The above command deploys Minio server with a 100Gi backing persistent volume. + +Alternately, you can provide a YAML file that specifies parameter values while installing the chart. For example, + +```bash +$ helm install --name my-release -f values.yaml stable/minio +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +Distributed Minio +----------- + +This chart provisions a Minio server in standalone mode, by default. To provision Minio server in [distributed mode](https://docs.minio.io/docs/distributed-minio-quickstart-guide), set the `mode` field to `distributed`, + +```bash +$ helm install --set mode=distributed stable/minio +``` + +This provisions Minio server in distributed mode with 4 nodes. To change the number of nodes in your distributed Minio server, set the `replicas` field, + +```bash +$ helm install --set mode=distributed,replicas=8 stable/minio +``` + +This provisions Minio server in distributed mode with 8 nodes. Note that the `replicas` value should be an integer between 4 and 16 (inclusive). + +### StatefulSet [limitations](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/#limitations) applicable to distributed Minio + +1. StatefulSets need persistent storage, so the `persistence.enabled` flag is ignored when `mode` is set to `distributed`. +2. When uninstalling a distributed Minio release, you'll need to manually delete volumes associated with the StatefulSet. + +NAS Gateway +----------- + +### Prerequisites + +Minio in [NAS gateway mode](https://docs.minio.io/docs/minio-gateway-for-nas) can be used to create multiple Minio instances backed by single PV in `ReadWriteMany` mode. Currently few [Kubernetes volume plugins](https://kubernetes.io/docs/user-guide/persistent-volumes/#access-modes) support `ReadWriteMany` mode. To deploy Minio NAS gateway with Helm chart you'll need to have a Persistent Volume running with one of the supported volume plugins. [This document](https://kubernetes.io/docs/user-guide/volumes/#nfs) +outlines steps to create a NFS PV in Kubernetes cluster. + +### Provision NAS Gateway Minio instances + +To provision Minio servers in [NAS gateway mode](https://docs.minio.io/docs/minio-gateway-for-nas), set the `nasgateway.enabled` field to `true`, + +```bash +$ helm install --set nasgateway.enabled=true stable/minio +``` + +This provisions 4 Minio NAS gateway instances backed by single storage. To change the number of instances in your Minio deployment, set the `replicas` field, + +```bash +$ helm install --set nasgateway.enabled=true,nasgateway.replicas=8 stable/minio +``` + +This provisions Minio NAS gateway with 8 instances. + +Persistence +----------- + +This chart provisions a PersistentVolumeClaim and mounts corresponding persistent volume to default location `/export`. You'll need physical storage available in the Kubernetes cluster for this to work. If you'd rather use `emptyDir`, disable PersistentVolumeClaim by: + +```bash +$ helm install --set persistence.enabled=false stable/minio +``` + +> *"An emptyDir volume is first created when a Pod is assigned to a Node, and exists as long as that Pod is running on that node. When a Pod is removed from a node for any reason, the data in the emptyDir is deleted forever."* + +Existing PersistentVolumeClaim +------------------------------ + +If a Persistent Volume Claim already exists, specify it during installation. + +1. Create the PersistentVolume +2. Create the PersistentVolumeClaim +3. Install the chart + +```bash +$ helm install --set persistence.existingClaim=PVC_NAME stable/minio +``` + +NetworkPolicy +------------- + +To enable network policy for Minio, +install [a networking plugin that implements the Kubernetes +NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), +and set `networkPolicy.enabled` to `true`. + +For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting +the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace: + + kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}" + +With NetworkPolicy enabled, traffic will be limited to just port 9000. + +For more precise policy, set `networkPolicy.allowExternal=true`. This will +only allow pods with the generated client label to connect to Minio. +This label will be displayed in the output of a successful install. + +Existing secret +--------------- + +Instead of having this chart create the secret for you, you can supply a preexisting secret, much +like an existing PersistentVolumeClaim. + +First, create the secret: +```bash +$ kubectl create secret generic my-minio-secret --from-literal=accesskey=foobarbaz --from-literal=secretkey=foobarbazqux +``` + +Then install the chart, specifying that you want to use an existing secret: +```bash +$ helm install --set existingSecret=my-minio-secret stable/minio +``` + +The following fields are expected in the secret +1. `accesskey` - the access key ID +2. `secretkey` - the secret key +3. `gcs_key.json` - The GCS key if you are using the GCS gateway feature. This is optional. + +Configure TLS +------------- + +To enable TLS for Minio containers, acquire TLS certificates from a CA or create self-signed certificates. While creating / acquiring certificates ensure the corresponding domain names are set as per the standard [DNS naming conventions](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity) in a Kubernetes StatefulSet (for a distributed Minio setup). Then create a secret using + +```bash +$ kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt +``` + +Then install the chart, specifying that you want to use the TLS secret: + +```bash +$ helm install --set tls.enabled=true,tls.certSecret=tls-ssl-minio stable/minio +``` + +Pass environment variables to Minio containers +---------------------------------------------- + +To pass environment variables to Minio containers when deploying via Helm chart, use the below command line format + +```bash +$ helm install --set environment.MINIO_BROWSER=on,environment.MINIO_DOMAIN=domain-name stable/minio +``` + +You can add as many environment variables as required, using the above format. Just add `environment.=` under `set` flag. + +Create buckets after install +--------------------------- + +Install the chart, specifying the buckets you want to create after install: + +```bash +$ helm install --set buckets[0].name=bucket1,buckets[0].policy=none,buckets[0].purge=false stable/minio +``` + +Description of the configuration parameters used above - +1. `buckets[].name` - name of the bucket to create, must be a string with length > 0 +2. `buckets[].policy` - Can be one of none|download|upload|public +3. `buckets[].purge` - Purge if bucket exists already + diff --git a/vnfs/DAaaS/deploy/minio/templates/NOTES.txt b/vnfs/DAaaS/deploy/minio/templates/NOTES.txt new file mode 100644 index 00000000..b690f502 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/NOTES.txt @@ -0,0 +1,44 @@ +{{- if eq .Values.service.type "ClusterIP" "NodePort" }} +Minio can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster: +{{ template "minio.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local + +To access Minio from localhost, run the below commands: + + 1. export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + + 2. kubectl port-forward $POD_NAME 9000 --namespace {{ .Release.Namespace }} + +Read more about port forwarding here: http://kubernetes.io/docs/user-guide/kubectl/kubectl_port-forward/ + +You can now access Minio server on http://localhost:9000. Follow the below steps to connect to Minio server with mc client: + + 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide + + 2. mc config host add {{ template "minio.fullname" . }}-local http://localhost:9000 {{ .Values.accessKey }} {{ .Values.secretKey }} S3v4 + + 3. mc ls {{ template "minio.fullname" . }}-local + +Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17 +{{- end }} +{{- if eq .Values.service.type "LoadBalancer" }} +Minio can be accessed via port {{ .Values.service.port }} on an external IP address. Get the service external IP address by: +kubectl get svc --namespace {{ .Release.Namespace }} -l app={{ template "minio.fullname" . }} + +Note that the public IP may take a couple of minutes to be available. + +You can now access Minio server on http://:9000. Follow the below steps to connect to Minio server with mc client: + + 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide + + 2. mc config host add {{ template "minio.fullname" . }}-local http://:{{ .Values.service.port }} {{ .Values.accessKey }} {{ .Values.secretKey }} S3v4 + + 3. mc ls {{ template "minio.fullname" . }}-local + +Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17 +{{- end }} + +{{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +Note: Since NetworkPolicy is enabled, only pods with label +{{ template "minio.fullname" . }}-client=true" +will be able to connect to this minio cluster. +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt b/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt new file mode 100755 index 00000000..95528793 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/_helper_create_bucket.txt @@ -0,0 +1,89 @@ +#!/bin/sh +set -e ; # Have script exit in the event of a failed command. + +# connectToMinio +# Use a check-sleep-check loop to wait for Minio service to be available +connectToMinio() { + SCHEME=$1 + ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts + set -e ; # fail if we can't read the keys. + ACCESS=$(cat /config/accesskey) ; SECRET=$(cat /config/secretkey) ; + set +e ; # The connections to minio are allowed to fail. + echo "Connecting to Minio server: $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT" ; + MC_COMMAND="mc config host add myminio $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT $ACCESS $SECRET" ; + $MC_COMMAND ; + STATUS=$? ; + until [ $STATUS = 0 ] + do + ATTEMPTS=`expr $ATTEMPTS + 1` ; + echo \"Failed attempts: $ATTEMPTS\" ; + if [ $ATTEMPTS -gt $LIMIT ]; then + exit 1 ; + fi ; + sleep 2 ; # 1 second intervals between attempts + $MC_COMMAND ; + STATUS=$? ; + done ; + set -e ; # reset `e` as active + return 0 +} + +# checkBucketExists ($bucket) +# Check if the bucket exists, by using the exit code of `mc ls` +checkBucketExists() { + BUCKET=$1 + CMD=$(/usr/bin/mc ls myminio/$BUCKET > /dev/null 2>&1) + return $? +} + +# createBucket ($bucket, $policy, $purge) +# Ensure bucket exists, purging if asked to +createBucket() { + BUCKET=$1 + POLICY=$2 + PURGE=$3 + + # Purge the bucket, if set & exists + # Since PURGE is user input, check explicitly for `true` + if [ $PURGE = true ]; then + if checkBucketExists $BUCKET ; then + echo "Purging bucket '$BUCKET'." + set +e ; # don't exit if this fails + /usr/bin/mc rm -r --force myminio/$BUCKET + set -e ; # reset `e` as active + else + echo "Bucket '$BUCKET' does not exist, skipping purge." + fi + fi + + # Create the bucket if it does not exist + if ! checkBucketExists $BUCKET ; then + echo "Creating bucket '$BUCKET'" + /usr/bin/mc mb myminio/$BUCKET + else + echo "Bucket '$BUCKET' already exists." + fi + + # At this point, the bucket should exist, skip checking for existence + # Set policy on the bucket + echo "Setting policy of bucket '$BUCKET' to '$POLICY'." + /usr/bin/mc policy $POLICY myminio/$BUCKET +} + +# Try connecting to Minio instance +{{- if .Values.tls.enabled }} +scheme=https +{{- else }} +scheme=http +{{- end }} +connectToMinio $scheme + +{{- if or .Values.defaultBucket.enabled }} +# Create the bucket +createBucket {{ .Values.defaultBucket.name }} {{ .Values.defaultBucket.policy }} {{ .Values.defaultBucket.purge }} +{{ else if .Values.buckets }} +# Create the buckets +{{- range .Values.buckets }} +createBucket {{ .name }} {{ .policy }} {{ .purge }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl b/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl new file mode 100644 index 00000000..c8fe9ba7 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "minio.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "minio.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "minio.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "minio.networkPolicy.apiVersion" -}} +{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} diff --git a/vnfs/DAaaS/deploy/minio/templates/configmap.yaml b/vnfs/DAaaS/deploy/minio/templates/configmap.yaml new file mode 100644 index 00000000..cb11fcd7 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + initialize: |- +{{ include (print $.Template.BasePath "/_helper_create_bucket.txt") . | indent 4 }} diff --git a/vnfs/DAaaS/deploy/minio/templates/deployment.yaml b/vnfs/DAaaS/deploy/minio/templates/deployment.yaml new file mode 100644 index 00000000..af335b2d --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/deployment.yaml @@ -0,0 +1,195 @@ +{{- if eq .Values.mode "standalone" }} +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + strategy: + type: {{ .Values.DeploymentUpdate.type }} + rollingUpdate: + maxSurge: {{ .Values.DeploymentUpdate.maxSurge }} + maxUnavailable: {{ .Values.DeploymentUpdate.maxUnavailable }} + {{- if .Values.nasgateway.enabled }} + replicas: {{ .Values.nasgateway.replicas }} + {{- end }} + {{- if .Values.s3gateway.enabled }} + replicas: {{ .Values.s3gateway.replicas }} + {{- end }} + {{- if .Values.azuregateway.enabled }} + replicas: {{ .Values.azuregateway.replicas }} + {{- end }} + {{- if .Values.gcsgateway.enabled }} + replicas: {{ .Values.gcsgateway.replicas }} + {{- end }} + {{- if .Values.ossgateway.enabled }} + replicas: {{ .Values.ossgateway.replicas }} + {{- end }} + selector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + template: + metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + {{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.s3gateway.enabled }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway s3 {{ .Values.s3gateway.serviceEndpoint }}" ] + {{- else }} + {{- if .Values.azuregateway.enabled }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway azure" ] + {{- else }} + {{- if .Values.gcsgateway.enabled }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway gcs {{ .Values.gcsgateway.projectId }}" ] + {{- else }} + {{- if .Values.ossgateway.enabled }} + command: [ "/bin/sh", + "-ce", + "cp /tmp/config.json {{ .Values.configPath }} && + /usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway oss {{ .Values.ossgateway.endpointURL }}" ] + {{- else }} + {{- if .Values.nasgateway.enabled }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} gateway nas {{ .Values.mountPath }}" ] + {{- else }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server {{ .Values.mountPath }}" ] + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + volumeMounts: + {{- if and .Values.persistence.enabled (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }} + - name: export + mountPath: {{ .Values.mountPath }} + {{- if .Values.persistence.subPath }} + subPath: "{{ .Values.persistence.subPath }}" + {{- end }} + {{- end }} + {{- if .Values.gcsgateway.enabled }} + - name: minio-user + mountPath: "/etc/credentials" + readOnly: true + {{- end }} + - name: minio-config-dir + mountPath: {{ .Values.configPath }} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume + mountPath: {{ .Values.configPath }}certs + {{ end }} + ports: + - name: service + containerPort: 9000 + env: + - name: MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + key: accesskey + - name: MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + key: secretkey + {{- if .Values.gcsgateway.enabled }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: "/etc/credentials/gcs_key.json" + {{- end }} + {{- range $key, $val := .Values.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + livenessProbe: + httpGet: + path: /minio/health/live + port: service + {{- if .Values.tls.enabled }} + scheme: HTTPS + {{ else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + {{- if .Values.tls.enabled }} + scheme: HTTPS + {{- end }} + path: /minio/health/ready + port: service + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + resources: +{{ toYaml .Values.resources | indent 12 }} +{{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + volumes: + {{- if and (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }} + - name: export + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "minio.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + - name: minio-user + secret: + secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + - name: minio-config-dir + emptyDir: {} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume + secret: + secretName: {{ .Values.tls.certSecret }} + items: + - key: {{ .Values.tls.publicCrt }} + path: public.crt + - key: {{ .Values.tls.privateKey }} + path: private.key + - key: {{ .Values.tls.publicCrt }} + path: CAs/public.crt + {{ end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/ingress.yaml b/vnfs/DAaaS/deploy/minio/templates/ingress.yaml new file mode 100644 index 00000000..5168b861 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/ingress.yaml @@ -0,0 +1,39 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "minio.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . | quote }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml b/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml new file mode 100644 index 00000000..de57f485 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/networkpolicy.yaml @@ -0,0 +1,25 @@ +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "minio.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + podSelector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + ingress: + - ports: + - port: {{ .Values.service.port }} + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "minio.name" . }}-client: "true" + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml b/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml new file mode 100755 index 00000000..c581338a --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/post-install-create-bucket-job.yaml @@ -0,0 +1,59 @@ +{{- if or .Values.defaultBucket.enabled .Values.buckets }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "minio.fullname" . }}-make-bucket-job + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: OnFailure +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + volumes: + - name: minio-configuration + projected: + sources: + - configMap: + name: {{ template "minio.fullname" . }} + - secret: + name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume-mc + secret: + secretName: {{ .Values.tls.certSecret }} + items: + - key: {{ .Values.tls.publicCrt }} + path: CAs/public.crt + {{ end }} + containers: + - name: minio-mc + image: "{{ .Values.mcImage.repository }}:{{ .Values.mcImage.tag }}" + imagePullPolicy: {{ .Values.mcImage.pullPolicy }} + command: ["/bin/sh", "/config/initialize"] + env: + - name: MINIO_ENDPOINT + value: {{ template "minio.fullname" . }} + - name: MINIO_PORT + value: {{ .Values.service.port | quote }} + volumeMounts: + - name: minio-configuration + mountPath: /config + {{- if .Values.tls.enabled }} + - name: cert-secret-volume-mc + mountPath: {{ .Values.configPathmc }}certs + {{ end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/pvc.yaml b/vnfs/DAaaS/deploy/minio/templates/pvc.yaml new file mode 100644 index 00000000..3f4cbb03 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/pvc.yaml @@ -0,0 +1,27 @@ +{{- if eq .Values.mode "standalone" }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: +{{- if and .Values.nasgateway.enabled .Values.nasgateway.pv }} + selector: + matchLabels: + pv: {{ .Values.nasgateway.pv | quote }} +{{- end }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass | quote }} +{{- end }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/secrets.yaml b/vnfs/DAaaS/deploy/minio/templates/secrets.yaml new file mode 100644 index 00000000..b01e0d3c --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/secrets.yaml @@ -0,0 +1,18 @@ +{{- if not .Values.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + accesskey: {{ .Values.accessKey | b64enc }} + secretkey: {{ .Values.secretKey | b64enc }} +{{- if .Values.gcsgateway.enabled }} + gcs_key.json: {{ .Values.gcsgateway.gcsKeyJson | b64enc }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/templates/service.yaml b/vnfs/DAaaS/deploy/minio/templates/service.yaml new file mode 100644 index 00000000..0799b287 --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/service.yaml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }} + {{- if eq .Values.mode "distributed" }} + clusterIP: None + {{- else }} + type: ClusterIP + {{- end }} + {{- if not (empty .Values.service.clusterIP) }} + clusterIP: {{ .Values.service.clusterIP }} + {{end}} +{{- else if eq .Values.service.type "LoadBalancer" }} + type: {{ .Values.service.type }} + loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} +{{- else }} + type: {{ .Values.service.type }} +{{- end }} + ports: + - name: service + port: 9000 + targetPort: {{ .Values.service.port }} + protocol: TCP +{{- if (and (eq .Values.service.type "NodePort") ( .Values.service.nodePort)) }} + nodePort: {{ .Values.service.nodePort }} +{{- end}} +{{- if .Values.service.externalIPs }} + externalIPs: +{{- range $i , $ip := .Values.service.externalIPs }} + - {{ $ip }} +{{- end }} +{{- end }} + selector: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} diff --git a/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml b/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml new file mode 100644 index 00000000..447b671d --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/templates/statefulset.yaml @@ -0,0 +1,141 @@ +{{- if eq .Values.mode "distributed" }} +{{ $nodeCount := .Values.replicas | int }} +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + updateStrategy: + type: {{ .Values.StatefulSetUpdate.updateStrategy }} + serviceName: {{ template "minio.fullname" . }} + replicas: {{ .Values.replicas }} + selector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + template: + metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + {{- if .Values.podAnnotations }} + annotations: +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.tls.enabled }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server + {{- range $i := until $nodeCount }} + https://{{ template `minio.fullname` $ }}-{{ $i }}.{{ template `minio.fullname` $ }}.{{ $.Release.Namespace }}.svc.{{ $.Values.clusterDomain }}{{ $.Values.mountPath }} + {{- end }}" ] + {{ else }} + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -C {{ .Values.configPath }} server + {{- range $i := until $nodeCount }} + http://{{ template `minio.fullname` $ }}-{{ $i }}.{{ template `minio.fullname` $ }}.{{ $.Release.Namespace }}.svc.{{ $.Values.clusterDomain }}{{ $.Values.mountPath }} + {{- end }}" ] + {{ end }} + volumeMounts: + - name: export + mountPath: {{ .Values.mountPath }} + {{- if and .Values.persistence.enabled .Values.persistence.subPath }} + subPath: "{{ .Values.persistence.subPath }}" + {{- end }} + - name: minio-config-dir + mountPath: {{ .Values.configPath }} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume + mountPath: {{ .Values.configPath }}certs + {{ end }} + ports: + - name: service + containerPort: 9000 + env: + - name: MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + key: accesskey + - name: MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + key: secretkey + {{- range $key, $val := .Values.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + livenessProbe: + httpGet: + path: /minio/health/live + port: service + {{- if .Values.tls.enabled }} + scheme: HTTPS + {{ else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: minio-user + secret: + secretName: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{ else }}{{ template "minio.fullname" . }}{{ end }} + - name: minio-config-dir + emptyDir: {} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume + secret: + secretName: {{ .Values.tls.certSecret }} + items: + - key: {{ .Values.tls.publicCrt }} + path: public.crt + - key: {{ .Values.tls.privateKey }} + path: private.key + - key: {{ .Values.tls.publicCrt }} + path: CAs/public.crt + {{ end }} + volumeClaimTemplates: + - metadata: + name: export + spec: + accessModes: [ {{ .Values.persistence.accessMode | quote }} ] + {{- if .Values.persistence.storageClass }} + storageClassName: {{ .Values.persistence.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/minio/values.yaml b/vnfs/DAaaS/deploy/minio/values.yaml new file mode 100755 index 00000000..1b81a8cb --- /dev/null +++ b/vnfs/DAaaS/deploy/minio/values.yaml @@ -0,0 +1,331 @@ +## set kubernetes cluster domain where minio is running +## +clusterDomain: cluster.local + +## Set default image, imageTag, and imagePullPolicy. mode is used to indicate the +## +image: + repository: minio/minio + tag: RELEASE.2019-02-12T21-58-47Z + pullPolicy: IfNotPresent + +## Set default image, imageTag, and imagePullPolicy for the `mc` (the minio +## client used to create a default bucket). +## +mcImage: + repository: minio/mc + tag: RELEASE.2019-02-13T19-48-27Z + pullPolicy: IfNotPresent + +## minio server mode, i.e. standalone or distributed. +## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide +## +mode: distributed + +## Update strategy for Deployments +DeploymentUpdate: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 100% + +## Update strategy for StatefulSets +StatefulSetUpdate: + updateStrategy: RollingUpdate + +## Pod priority settings +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" + +## Set default accesskey, secretkey, Minio config file path, volume mount path and +## number of nodes (only used for Minio distributed mode) +## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide +## +existingSecret: "" +accessKey: "onapdaas" +secretKey: "onapsecretdaas" +configPath: "/root/.minio/" +configPathmc: "/root/.mc/" +mountPath: "/export" +replicas: 4 + +## TLS Settings for Minio +tls: + enabled: false + ## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret + certSecret: "" + publicCrt: public.crt + privateKey: private.key + +## Enable persistence using Persistent Volume Claims +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + + ## minio data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + ## Storage class of PV to bind. By default it looks for standard storage class. + ## If the PV uses a different storage class, specify that here. + # storageClass: standard + accessMode: ReadWriteOnce + size: 20Gi + + ## If subPath is set mount a sub folder of a volume instead of the root of the volume. + ## This is especially handy for volume plugins that don't natively support sub mounting (like glusterfs). + ## + subPath: "" + +## Expose the Minio service to be accessed from outside the cluster (LoadBalancer service). +## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it. +## ref: http://kubernetes.io/docs/user-guide/services/ +## + +service: + type: ClusterIP + clusterIP: ~ + port: 9000 + # nodePort: 31311 + # externalIPs: + # - externalIp1 + annotations: {} + # prometheus.io/scrape: 'true' + # prometheus.io/path: '/minio/prometheus/metrics' + # prometheus.io/port: '9000' + +ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: gloo + path: /.* + hosts: + - minio.modelrepo + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +tolerations: [] +affinity: {} + +# Additational pod annotations +podAnnotations: {} + +## Liveness and Readiness probe values. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +livenessProbe: + initialDelaySeconds: 5 + periodSeconds: 30 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 +readinessProbe: + initialDelaySeconds: 5 + periodSeconds: 15 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + +## Configure resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: + requests: + memory: 256Mi + cpu: 250m + +## Create a bucket after minio install +## +defaultBucket: + enabled: false + ## If enabled, must be a string with length > 0 + name: bucket + ## Can be one of none|download|upload|public + policy: none + ## Purge if bucket exists already + purge: false + +## Create multiple buckets after minio install +## Enabling `defaultBucket` will take priority over this list +## +buckets: [] + # - name: bucket1 + # policy: none + # purge: false + # - name: bucket2 + # policy: none + # purge: false + +s3gateway: + enabled: true + replicas: 4 + serviceEndpoint: "" + +## Use minio as an azure blob gateway, you should disable data persistence so no volume claim are created. +## https://docs.minio.io/docs/minio-gateway-for-azure +azuregateway: + enabled: false + # Number of parallel instances + replicas: 4 + +## Use minio as GCS (Google Cloud Storage) gateway, you should disable data persistence so no volume claim are created. +## https://docs.minio.io/docs/minio-gateway-for-gcs + +gcsgateway: + enabled: false + # Number of parallel instances + replicas: 4 + # credential json file of service account key + gcsKeyJson: "" + # Google cloud project-id + projectId: "" + +ossgateway: + enabled: false + # Number of parallel instances + replicas: 4 + endpointURL: "" + +## Use minio on NAS backend +## https://docs.minio.io/docs/minio-gateway-for-nas + +nasgateway: + enabled: false + # Number of parallel instances + replicas: 4 + # For NAS Gateway, you may want to bind the PVC to a specific PV. To ensure that happens, PV to bind to should have + # a label like "pv: ", use value here. + pv: ~ + +## Use this field to add environment variables relevant to Minio server. These fields will be passed on to Minio container(s) +## when Chart is deployed +environment: + ## To disable Minio Browser, set this value to off + MINIO_BROWSER: "on" + ## To enable virtual-host-style requests, set this value to Minio host domain name. + # MINIO_DOMAIN: "" + ## Minio Cache settings, refer: https://docs.minio.io/docs/minio-disk-cache-guide.html + # MINIO_CACHE_DRIVES: "" + # MINIO_CACHE_EXCLUDE: "" + # MINIO_CACHE_EXPIRY: "" + # MINIO_CACHE_MAXUSE: "" + ## Minio WORM setting, refer: https://docs.minio.io/docs/minio-server-configuration-guide.html + # MINIO_WORM: "" + ## Minio KMS settings, refer: https://docs.minio.io/docs/minio-kms-quickstart-guide.html + # MINIO_SSE_VAULT_ENDPOINT: "" + # MINIO_SSE_VAULT_APPROLE_ID: "" + # MINIO_SSE_VAULT_APPROLE_SECRET: "" + # MINIO_SSE_VAULT_KEY_NAME: "" + ## Minio Federation settings, refer: https://docs.minio.io/docs/minio-federation-quickstart-guide.html + # MINIO_ETCD_ENDPOINTS: "" + # MINIO_PUBLIC_IPS: "" + # MINIO_DOMAIN: "" + ## Add other environment variables relevant to Minio server here. These values will be added to the container(s) as this Chart is deployed + +## https://docs.minio.io/docs/minio-bucket-notification-guide +## https://github.com/minio/minio/blob/master/docs/config +minioConfig: + region: "us-west-1" + browser: "on" + domain: "" + worm: "off" + storageClass: + standardStorageClass: "" + reducedRedundancyStorageClass: "" + cache: + drives: [] + expiry: 90 + maxuse: 80 + exclude: [] + aqmp: + enable: false + url: "" + exchange: "" + routingKey: "" + exchangeType: "" + deliveryMode: 0 + mandatory: false + immediate: false + durable: false + internal: false + noWait: false + autoDeleted: false + nats: + enable: false + address: "" + subject: "" + username: "" + password: "" + token: "" + secure: false + pingInterval: 0 + enableStreaming: false + clusterID: "" + clientID: "" + async: false + maxPubAcksInflight: 0 + elasticsearch: + enable: false + format: "namespace" + url: "" + index: "" + redis: + enable: false + format: "namespace" + address: "" + password: "" + key: "" + postgresql: + enable: false + format: "namespace" + connectionString: "" + table: "" + host: "" + port: "" + user: "" + password: "" + database: "" + kafka: + enable: false + brokers: "null" + topic: "" + webhook: + enable: false + endpoint: "" + mysql: + enable: false + format: "namespace" + dsnString: "" + table: "" + host: "" + port: "" + user: "" + password: "" + database: "" + mqtt: + enable: false + broker: "" + topic: "" + qos: 0 + clientId: "" + username: "" + password: "" + reconnectInterval: 0 + keepAliveInterval: 0 +networkPolicy: + enabled: false + allowExternal: true diff --git a/vnfs/DAaaS/deploy/operator/.helmignore b/vnfs/DAaaS/deploy/operator/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/deploy/operator/Chart.yaml b/vnfs/DAaaS/deploy/operator/Chart.yaml new file mode 100644 index 00000000..01c1eb03 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: A collection of operator Helm charts. +name: operator +version: 0.1.0 diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/.helmignore b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/Chart.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/Chart.yaml new file mode 100755 index 00000000..bdaea5ae --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +description: CoreOS etcd-operator Helm chart for Kubernetes +name: etcd-operator +version: 0.8.3 +appVersion: 0.9.3 +home: https://github.com/coreos/etcd-operator +icon: https://raw.githubusercontent.com/coreos/etcd/master/logos/etcd-horizontal-color.png +sources: +- https://github.com/coreos/etcd-operator +maintainers: +- name: lachie83 + email: lachlan@deis.com +- name: alejandroEsc + email: jaescobar.cell@gmail.com diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/OWNERS b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/OWNERS new file mode 100644 index 00000000..1385151c --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/OWNERS @@ -0,0 +1,6 @@ +approvers: +- lachie83 +- alejandroEsc +reviewers: +- lachie83 +- alejandroEsc diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/README.md b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/README.md new file mode 100644 index 00000000..e8fa9c51 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/README.md @@ -0,0 +1,158 @@ +# CoreOS etcd-operator + +[etcd-operator](https://coreos.com/blog/introducing-the-etcd-operator.html) Simplify etcd cluster +configuration and management. + +__DISCLAIMER:__ While this chart has been well-tested, the etcd-operator is still currently in beta. +Current project status is available [here](https://github.com/coreos/etcd-operator). + +## Introduction + +This chart bootstraps an etcd-operator and allows the deployment of etcd-cluster(s). + +## Official Documentation + +Official project documentation found [here](https://github.com/coreos/etcd-operator) + +## Prerequisites + +- Kubernetes 1.4+ with Beta APIs enabled +- __Suggested:__ PV provisioner support in the underlying infrastructure to support backups + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```bash +$ helm install stable/etcd-operator --name my-release +``` + +__Note__: If you set `cluster.enabled` on install, it will have no effect. +Before you create an etcd cluster, the TPR must be installed by the operator, so this option is ignored during helm installs, but can be used in upgrades. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` + +The command removes all the Kubernetes components EXCEPT the persistent volume. + +## Updating +Updating the TPR resource will not result in the cluster being update until `kubectl apply` for +TPRs is fixed see [kubernetes/issues/29542](https://github.com/kubernetes/kubernetes/issues/29542) +Work around options are documented [here](https://github.com/coreos/etcd-operator#resize-an-etcd-cluster) + +## Configuration + +The following table lists the configurable parameters of the etcd-operator chart and their default values. + +| Parameter | Description | Default | +| ------------------------------------------------- | -------------------------------------------------------------------- | ---------------------------------------------- | +| `rbac.create` | Install required RBAC service account, roles and rolebindings | `true` | +| `rbac.apiVersion` | RBAC api version `v1alpha1\|v1beta1` | `v1beta1` | +| `rbac.etcdOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-operator-sa` | +| `rbac.backupOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-backup-operator-sa` | +| `rbac.restoreOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-restore-operator-sa` | +| `deployments.etcdOperator` | Deploy the etcd cluster operator | `true` | +| `deployments.backupOperator` | Deploy the etcd backup operator | `true` | +| `deployments.restoreOperator` | Deploy the etcd restore operator | `true` | +| `customResources.createEtcdClusterCRD` | Create a custom resource: EtcdCluster | `false` | +| `customResources.createBackupCRD` | Create an a custom resource: EtcdBackup | `false` | +| `customResources.createRestoreCRD` | Create an a custom resource: EtcdRestore | `false` | +| `etcdOperator.name` | Etcd Operator name | `etcd-operator` | +| `etcdOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `etcdOperator.image.repository` | etcd-operator container image | `quay.io/coreos/etcd-operator` | +| `etcdOperator.image.tag` | etcd-operator container image tag | `v0.9.3` | +| `etcdOperator.image.pullpolicy` | etcd-operator container image pull policy | `Always` | +| `etcdOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `etcdOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `etcdOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `etcdOperator.commandArgs` | Additional command arguments | `{}` | +| `backupOperator.name` | Backup operator name | `etcd-backup-operator` | +| `backupOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `backupOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` | +| `backupOperator.image.tag` | Operator container image tag | `v0.9.3` | +| `backupOperator.image.pullpolicy` | Operator container image pull policy | `Always` | +| `backupOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `backupOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `backupOperator.spec.storageType` | Storage to use for backup file, currently only S3 supported | `S3` | +| `backupOperator.spec.s3.s3Bucket` | Bucket in S3 to store backup file | | +| `backupOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | | +| `backupOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `backupOperator.commandArgs` | Additional command arguments | `{}` | +| `restoreOperator.name` | Restore operator name | `etcd-backup-operator` | +| `restoreOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `restoreOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` | +| `restoreOperator.image.tag` | Operator container image tag | `v0.9.3` | +| `restoreOperator.image.pullpolicy` | Operator container image pull policy | `Always` | +| `restoreOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `restoreOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `restoreOperator.spec.s3.path` | Path in S3 bucket containing the backup file | | +| `restoreOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | | +| `restoreOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `restoreOperator.commandArgs` | Additional command arguments | `{}` | +| `etcdCluster.name` | etcd cluster name | `etcd-cluster` | +| `etcdCluster.size` | etcd cluster size | `3` | +| `etcdCluster.version` | etcd cluster version | `3.2.25` | +| `etcdCluster.image.repository` | etcd container image | `quay.io/coreos/etcd-operator` | +| `etcdCluster.image.tag` | etcd container image tag | `v3.2.25` | +| `etcdCluster.image.pullPolicy` | etcd container image pull policy | `Always` | +| `etcdCluster.enableTLS` | Enable use of TLS | `false` | +| `etcdCluster.tls.static.member.peerSecret` | Kubernetes secret containing TLS peer certs | `etcd-peer-tls` | +| `etcdCluster.tls.static.member.serverSecret` | Kubernetes secret containing TLS server certs | `etcd-server-tls` | +| `etcdCluster.tls.static.operatorSecret` | Kubernetes secret containing TLS client certs | `etcd-client-tls` | +| `etcdCluster.pod.antiAffinity` | Whether etcd cluster pods should have an antiAffinity | `false` | +| `etcdCluster.pod.resources.limits.cpu` | CPU limit per etcd cluster pod | `100m` | +| `etcdCluster.pod.resources.limits.memory` | Memory limit per etcd cluster pod | `128Mi` | +| `etcdCluster.pod.resources.requests.cpu` | CPU request per etcd cluster pod | `100m` | +| `etcdCluster.pod.resources.requests.memory` | Memory request per etcd cluster pod | `128Mi` | +| `etcdCluster.pod.nodeSelector` | Node labels for etcd cluster pod assignment | `{}` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example: + +```bash +$ helm install --name my-release --set image.tag=v0.2.1 stable/etcd-operator +``` + +Alternatively, a YAML file that specifies the values for the parameters can be provided while +installing the chart. For example: + +```bash +$ helm install --name my-release --values values.yaml stable/etcd-operator +``` + +## RBAC +By default the chart will install the recommended RBAC roles and rolebindings. + +To determine if your cluster supports this running the following: + +```console +$ kubectl api-versions | grep rbac +``` + +You also need to have the following parameter on the api server. See the following document for how to enable [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) + +``` +--authorization-mode=RBAC +``` + +If the output contains "beta" or both "alpha" and "beta" you can may install rbac by default, if not, you may turn RBAC off as described below. + +### RBAC role/rolebinding creation + +RBAC resources are enabled by default. To disable RBAC do the following: + +```console +$ helm install --name my-release stable/etcd-operator --set rbac.create=false +``` + +### Changing RBAC manifest apiVersion + +By default the RBAC resources are generated with the "v1beta1" apiVersion. To use "v1alpha1" do the following: + +```console +$ helm install --name my-release stable/etcd-operator --set rbac.install=true,rbac.apiVersion=v1alpha1 +``` diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/NOTES.txt b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/NOTES.txt new file mode 100644 index 00000000..c33ee014 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/NOTES.txt @@ -0,0 +1,33 @@ +{{- $clusterEnabled := (and (not .Release.IsInstall) .Values.customResources.createEtcdClusterCRD) -}} +{{- if and .Release.IsInstall .Values.customResources.createEtcdClusterCRD -}} +Not enabling cluster, the ThirdPartResource must be installed before you can create a Cluster. Continuing rest of normal deployment. + +{{ end -}} + +{{- if $clusterEnabled -}} +1. Watch etcd cluster start + kubectl get pods -l etcd_cluster={{ .Values.etcdCluster.name }} --namespace {{ .Release.Namespace }} -w + +2. Confirm etcd cluster is healthy + $ kubectl run --rm -i --tty --env="ETCDCTL_API=3" --env="ETCDCTL_ENDPOINTS=http://{{ .Values.etcdCluster.name }}-client:2379" --namespace {{ .Release.Namespace }} etcd-test --image quay.io/coreos/etcd --restart=Never -- /bin/sh -c 'watch -n1 "etcdctl member list"' + +3. Interact with the cluster! + $ kubectl run --rm -i --tty --env ETCDCTL_API=3 --namespace {{ .Release.Namespace }} etcd-test --image quay.io/coreos/etcd --restart=Never -- /bin/sh + / # etcdctl --endpoints http://{{ .Values.etcdCluster.name }}-client:2379 put foo bar + / # etcdctl --endpoints http://{{ .Values.etcdCluster.name }}-client:2379 get foo + OK + (ctrl-D to exit) + +4. Optional + Check the etcd-operator logs + export POD=$(kubectl get pods -l app={{ template "etcd-operator.fullname" . }} --namespace {{ .Release.Namespace }} --output name) + kubectl logs $POD --namespace={{ .Release.Namespace }} + +{{- else -}} +1. etcd-operator deployed. + If you would like to deploy an etcd-cluster set cluster.enabled to true in values.yaml + Check the etcd-operator logs + export POD=$(kubectl get pods -l app={{ template "etcd-operator.fullname" . }} --namespace {{ .Release.Namespace }} --output name) + kubectl logs $POD --namespace={{ .Release.Namespace }} + +{{- end -}} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/_helpers.tpl b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/_helpers.tpl new file mode 100644 index 00000000..03f9a26b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/_helpers.tpl @@ -0,0 +1,75 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "etcd-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.etcdOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "etcd-backup-operator.name" -}} +{{- default .Chart.Name .Values.backupOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-backup-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.backupOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "etcd-restore-operator.name" -}} +{{- default .Chart.Name .Values.restoreOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-restore-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.restoreOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the etcd-operator service account to use +*/}} +{{- define "etcd-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.etcdOperatorServiceAccount.create -}} + {{ default (include "etcd-operator.fullname" .) .Values.serviceAccount.etcdOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.etcdOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the backup-operator service account to use +*/}} +{{- define "etcd-backup-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.backupOperatorServiceAccount.create -}} + {{ default (include "etcd-backup-operator.fullname" .) .Values.serviceAccount.backupOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.backupOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the restore-operator service account to use +*/}} +{{- define "etcd-restore-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.restoreOperatorServiceAccount.create -}} + {{ default (include "etcd-restore-operator.fullname" .) .Values.serviceAccount.restoreOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.restoreOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml new file mode 100644 index 00000000..5528f766 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml @@ -0,0 +1,18 @@ +{{- if .Values.customResources.createBackupCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdBackup" +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + clusterName: {{ .Values.etcdCluster.name }} +{{ toYaml .Values.backupOperator.spec | indent 2 }} +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml new file mode 100644 index 00000000..526b2454 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.backupOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-backup-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml new file mode 100644 index 00000000..d5c421c1 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml @@ -0,0 +1,59 @@ +{{- if .Values.deployments.backupOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-backup-operator.fullname" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.backupOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + app: {{ template "etcd-backup-operator.fullname" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-backup-operator.serviceAccountName" . }} + containers: + - name: {{ .Values.backupOperator.name }} + image: "{{ .Values.backupOperator.image.repository }}:{{ .Values.backupOperator.image.tag }}" + imagePullPolicy: {{ .Values.backupOperator.image.pullPolicy }} + command: + - etcd-backup-operator +{{- range $key, $value := .Values.backupOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + resources: + limits: + cpu: {{ .Values.backupOperator.resources.cpu }} + memory: {{ .Values.backupOperator.resources.memory }} + requests: + cpu: {{ .Values.backupOperator.resources.cpu }} + memory: {{ .Values.backupOperator.resources.memory }} + {{- if .Values.backupOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.backupOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.backupOperator.tolerations }} + tolerations: +{{ toYaml .Values.backupOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml new file mode 100644 index 00000000..06aec3df --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.backupOperatorServiceAccount.create .Values.deployments.backupOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-backup-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml new file mode 100644 index 00000000..0d385d8f --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml @@ -0,0 +1,25 @@ +{{- if .Values.customResources.createEtcdClusterCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdCluster" +metadata: + name: {{ .Values.etcdCluster.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + size: {{ .Values.etcdCluster.size }} + version: "{{ .Values.etcdCluster.version }}" + pod: +{{ toYaml .Values.etcdCluster.pod | indent 4 }} + {{- if .Values.etcdCluster.enableTLS }} + TLS: +{{ toYaml .Values.etcdCluster.tls | indent 4 }} + {{- end }} +{{- end }} + diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-cluster-role.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-cluster-role.yaml new file mode 100644 index 00000000..62085978 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-cluster-role.yaml @@ -0,0 +1,49 @@ +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +kind: ClusterRole +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" +- apiGroups: + - apps + resources: + - deployments + verbs: + - "*" +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml new file mode 100644 index 00000000..09594ccc --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.etcdOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-deployment.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-deployment.yaml new file mode 100644 index 00000000..bb6b1a75 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-deployment.yaml @@ -0,0 +1,81 @@ +{{- if .Values.deployments.etcdOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-operator.fullname" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.etcdOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + app: {{ template "etcd-operator.fullname" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-operator.serviceAccountName" . }} + containers: + - name: {{ template "etcd-operator.fullname" . }} + image: "{{ .Values.etcdOperator.image.repository }}:{{ .Values.etcdOperator.image.tag }}" + imagePullPolicy: {{ .Values.etcdOperator.image.pullPolicy }} + command: + - etcd-operator +{{- range $key, $value := .Values.etcdOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + resources: + limits: + cpu: {{ .Values.etcdOperator.resources.cpu }} + memory: {{ .Values.etcdOperator.resources.memory }} + requests: + cpu: {{ .Values.etcdOperator.resources.cpu }} + memory: {{ .Values.etcdOperator.resources.memory }} + {{- if .Values.etcdOperator.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /readyz + port: 8080 + initialDelaySeconds: {{ .Values.etcdOperator.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.etcdOperator.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.etcdOperator.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.etcdOperator.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.etcdOperator.livenessProbe.failureThreshold }} + {{- end}} + {{- if .Values.etcdOperator.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /readyz + port: 8080 + initialDelaySeconds: {{ .Values.etcdOperator.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.etcdOperator.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.etcdOperator.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.etcdOperator.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.etcdOperator.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.etcdOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.etcdOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.etcdOperator.tolerations }} + tolerations: +{{ toYaml .Values.etcdOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-service-account.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-service-account.yaml new file mode 100644 index 00000000..2faba8af --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.etcdOperatorServiceAccount.create .Values.deployments.etcdOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml new file mode 100644 index 00000000..73faaab8 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml @@ -0,0 +1,28 @@ +{{- if .Values.customResources.createRestoreCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdRestore" +metadata: + # An EtcdCluster with the same name will be created + name: {{ .Values.etcdCluster.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + clusterSpec: + size: {{ .Values.etcdCluster.size }} + baseImage: "{{ .Values.etcdCluster.image.repository }}" + version: {{ .Values.etcdCluster.image.tag }} + pod: +{{ toYaml .Values.etcdCluster.pod | indent 6 }} + {{- if .Values.etcdCluster.enableTLS }} + TLS: +{{ toYaml .Values.etcdCluster.tls | indent 6 }} + {{- end }} +{{ toYaml .Values.restoreOperator.spec | indent 2 }} +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml new file mode 100644 index 00000000..9a6696ef --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.restoreOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-restore-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml new file mode 100644 index 00000000..5c4784de --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml @@ -0,0 +1,63 @@ +{{- if .Values.deployments.restoreOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.restoreOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-restore-operator.serviceAccountName" . }} + containers: + - name: {{ .Values.restoreOperator.name }} + image: "{{ .Values.restoreOperator.image.repository }}:{{ .Values.restoreOperator.image.tag }}" + imagePullPolicy: {{ .Values.restoreOperator.image.pullPolicy }} + ports: + - containerPort: {{ .Values.restoreOperator.port }} + command: + - etcd-restore-operator +{{- range $key, $value := .Values.restoreOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ADDR + value: "{{ .Values.restoreOperator.name }}:{{ .Values.restoreOperator.port }}" + resources: + limits: + cpu: {{ .Values.restoreOperator.resources.cpu }} + memory: {{ .Values.restoreOperator.resources.memory }} + requests: + cpu: {{ .Values.restoreOperator.resources.cpu }} + memory: {{ .Values.restoreOperator.resources.memory }} + {{- if .Values.restoreOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.restoreOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.restoreOperator.tolerations }} + tolerations: +{{ toYaml .Values.restoreOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml new file mode 100644 index 00000000..595cee92 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.restoreOperatorServiceAccount.create .Values.deployments.restoreOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-restore-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service.yaml new file mode 100644 index 00000000..052be364 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/templates/restore-operator-service.yaml @@ -0,0 +1,20 @@ +{{- if .Values.deployments.restoreOperator }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.restoreOperator.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + ports: + - protocol: TCP + name: http-etcd-restore-port + port: {{ .Values.restoreOperator.port }} + selector: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/etcd-operator/values.yaml b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/values.yaml new file mode 100644 index 00000000..1260e077 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/etcd-operator/values.yaml @@ -0,0 +1,153 @@ +# Default values for etcd-operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +## Install Default RBAC roles and bindings +rbac: + create: true + apiVersion: v1beta1 + +## Service account names and whether to create them +serviceAccount: + etcdOperatorServiceAccount: + create: true + name: + backupOperatorServiceAccount: + create: true + name: + restoreOperatorServiceAccount: + create: true + name: + +# Select what to deploy +deployments: + etcdOperator: true + # one time deployment, delete once completed, + # Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/walkthrough/backup-operator.md + backupOperator: true + # one time deployment, delete once completed + # Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/walkthrough/restore-operator.md + restoreOperator: true + +# creates custom resources, not all required, +# you could use `helm template --values --name release_name ... ` +# and create the resources yourself to deploy on your cluster later +customResources: + createEtcdClusterCRD: false + createBackupCRD: false + createRestoreCRD: false + +# etcdOperator +etcdOperator: + name: etcd-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + resources: + cpu: 100m + memory: 128Mi + ## Node labels for etcd-operator pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: + cluster-wide: true + ## Configurable health checks against the /readyz endpoint that etcd-operator exposes + readinessProbe: + enabled: false + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + enabled: false + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 +# backup spec +backupOperator: + name: etcd-backup-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + resources: + cpu: 100m + memory: 128Mi + spec: + storageType: S3 + s3: + s3Bucket: + awsSecret: + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: {} + +# restore spec +restoreOperator: + name: etcd-restore-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + port: 19999 + resources: + cpu: 100m + memory: 128Mi + spec: + s3: + # The format of "path" must be: "/" + # e.g: "etcd-snapshot-bucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup" + path: + awsSecret: + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: {} + +## etcd-cluster specific values +etcdCluster: + name: etcd + size: 3 + version: 3.2.25 + image: + repository: quay.io/coreos/etcd + tag: v3.2.25 + pullPolicy: Always + enableTLS: false + # TLS configs + tls: + static: + member: + peerSecret: etcd-peer-tls + serverSecret: etcd-server-tls + operatorSecret: etcd-client-tls + ## etcd cluster pod specific values + ## Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/spec_examples.md#three-members-cluster-with-resource-requirement + pod: + ## Antiaffinity for etcd pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + antiAffinity: false + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/Chart.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/Chart.yaml new file mode 100644 index 00000000..ebdc0b40 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +name: m3db-operator +version: 0.1.3 +# TODO(PS) - helm has issues with GKE's SemVer +# Error: Chart requires kubernetesVersion: >=1.10.6 which is incompatible with Kubernetes v1.10.7-gke.2 +# +#kubeVersion: ">=1.10.7" +description: Kubernetes operator for M3DB timeseries database +keywords: + - operator + - m3 +home: https://github.com/m3db/m3db-operator +sources: + - https://github.com/m3db/m3db-operator +maintainers: + - name: m3 Authors + email: m3db@googlegroups.com + url: https://operator.m3db.io/ +engine: gotpl +icon: https://raw.githubusercontent.com/m3db/m3/master/docs/theme/assets/images/M3-logo.png +appVersion: ">0.4.7" +tillerVersion: ">=2.11.0" diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/LICENSE b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/LICENSE new file mode 100644 index 00000000..261eeb9e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/NOTES.txt b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/NOTES.txt new file mode 100644 index 00000000..ca4143db --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/NOTES.txt @@ -0,0 +1,12 @@ + ___ _ _ + / _ \ _ __ ___ _ __ __ _| |_ ___ _ __ | |__ __ _ ___ +| | | | '_ \ / _ \ '__/ _` | __/ _ \| '__| | '_ \ / _` / __| +| |_| | |_) | __/ | | (_| | || (_) | | | | | | (_| \__ \ + \___/| .__/ \___|_| \__,_|\__\___/|_| |_| |_|\__,_|___/ + |_| + _ _ _ _ _ _ +| |__ ___ ___ _ __ (_)_ __ ___| |_ __ _| | | ___ __| | +| '_ \ / _ \/ _ \ '_ \ | | '_ \/ __| __/ _` | | |/ _ \/ _` | +| |_) | __/ __/ | | | | | | | \__ \ || (_| | | | __/ (_| | +|_.__/ \___|\___|_| |_| |_|_| |_|___/\__\__,_|_|_|\___|\__,_| + diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/README.md b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/README.md new file mode 100644 index 00000000..0a532d31 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/README.md @@ -0,0 +1,14 @@ +### Helm Charts for M3DB clusters on Kubernetes + +### Prerequisite + +[Install helm](https://docs.helm.sh/using_helm/#installing-helm) + +### Installing m3db-operator chart + +``` +cd helm/m3db-operator +helm package . +helm install m3db-operator-0.0.1.tgz +``` + diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role.yaml new file mode 100644 index 00000000..7bf41739 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role.yaml @@ -0,0 +1,35 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: {{ .Values.operator.name }} +rules: +- apiGroups: ["extensions"] + resources: ["deployments", "replicasets", "daemonsets"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "create", "delete", "deletecollection"] +- apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "services", "secrets", "configmaps"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["batch"] + resources: ["cronjobs", "jobs"] + verbs: ["create", "get", "deletecollection", "delete"] +- apiGroups: [""] + resources: ["pods"] + verbs: ["list", "get", "watch", "update"] +- apiGroups: ["apps"] + resources: ["statefulsets", "deployments"] + verbs: ["*"] +- apiGroups: ["operator.m3db.io"] + resources: ["*"] + verbs: ["*"] +- apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role_binding.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role_binding.yaml new file mode 100644 index 00000000..876a6705 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/cluster_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ .Values.operator.name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Values.operator.name }} +subjects: +- kind: ServiceAccount + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/service_account.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/service_account.yaml new file mode 100644 index 00000000..a65e90bc --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/service_account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/stateful_set.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/stateful_set.yaml new file mode 100644 index 00000000..d1002378 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/templates/stateful_set.yaml @@ -0,0 +1,26 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} +spec: + serviceName: {{ .Values.operator.name }} + replicas: 1 + selector: + matchLabels: + name: {{ .Values.operator.name }} + template: + metadata: + labels: + name: {{ .Values.operator.name }} + spec: + containers: + - name: {{ .Values.operator.name }} + image: {{ .Values.image.repository}}:{{ .Values.image.tag }} + command: + - m3db-operator + imagePullPolicy: Always + env: + - name: ENVIRONMENT + value: {{ .Values.environment }} + serviceAccount: {{ .Values.operator.name }} diff --git a/vnfs/DAaaS/deploy/operator/charts/m3db-operator/values.yaml b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/values.yaml new file mode 100644 index 00000000..8411d77e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/m3db-operator/values.yaml @@ -0,0 +1,6 @@ +operator: + name: m3db-operator +image: + repository: quay.io/m3db/m3db-operator + tag: v0.1.3 +environment: production diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/.helmignore b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/.helmignore new file mode 100644 index 00000000..9797d317 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/.helmignore @@ -0,0 +1,25 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# helm/charts +OWNERS +hack/ +ci/ diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/Chart.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/Chart.yaml new file mode 100644 index 00000000..2198963b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +description: Provides easy monitoring definitions for Kubernetes services, and deployment and management of Prometheus instances. +icon: https://raw.githubusercontent.com/prometheus/prometheus.github.io/master/assets/prometheus_logo-cb55bb5c346.png +engine: gotpl +maintainers: + - name: gianrubio + email: gianrubio@gmail.com +name: prometheus-operator +sources: + - https://github.com/coreos/prometheus-operator + - https://coreos.com/operators/prometheus +version: 4.1.1 +appVersion: 0.29.0 +home: https://github.com/coreos/prometheus-operator +keywords: +- operator +- prometheus diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/README.md b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/README.md new file mode 100644 index 00000000..8966f03a --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/README.md @@ -0,0 +1,428 @@ +# prometheus-operator + +Installs [prometheus-operator](https://github.com/coreos/prometheus-operator) to create/configure/manage Prometheus clusters atop Kubernetes. This chart includes multiple components and is suitable for a variety of use-cases. + +The default installation is intended to suit monitoring a kubernetes cluster the chart is deployed onto. It is closely matches the kube-prometheus project. +- [prometheus-operator](https://github.com/coreos/prometheus-operator) +- [prometheus](https://prometheus.io/) +- [alertmanager](https://prometheus.io/) +- [node-exporter](https://github.com/helm/charts/tree/master/stable/prometheus-node-exporter) +- [kube-state-metrics](https://github.com/helm/charts/tree/master/stable/kube-state-metrics) +- [grafana](https://github.com/helm/charts/tree/master/stable/grafana) +- service monitors to scrape internal kubernetes components + - kube-apiserver + - kube-scheduler + - kube-controller-manager + - etcd + - kube-dns/coredns +With the installation, the chart also includes dashboards and alerts. + +The same chart can be used to run multiple prometheus instances in the same cluster if required. To achieve this, the other components need to be disabled - it is necessary to run only one instance of prometheus-operator and a pair of alertmanager pods for an HA configuration. + +## TL;DR; + +```console +$ helm install stable/prometheus-operator +``` + +## Introduction + +This chart bootstraps a [prometheus-operator](https://github.com/coreos/prometheus-operator) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. The chart can be installed multiple times to create separate Prometheus instances managed by Prometheus Operator. + +## Prerequisites + - Kubernetes 1.10+ with Beta APIs + - Helm 2.10+ (For a workaround using an earlier version see [below](#helm-210-workaround)) + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm install --name my-release stable/prometheus-operator +``` + +The command deploys prometheus-operator on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +The default installation includes Prometheus Operator, Alertmanager, Grafana, and configuration for scraping Kubernetes infrastructure. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +CRDs created by this chart are not removed by default and should be manually cleaned up: + +``` +kubectl delete crd prometheuses.monitoring.coreos.com +kubectl delete crd prometheusrules.monitoring.coreos.com +kubectl delete crd servicemonitors.monitoring.coreos.com +kubectl delete crd alertmanagers.monitoring.coreos.com +``` + +## Configuration + +The following tables lists the configurable parameters of the prometheus-operator chart and their default values. + +### General +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `nameOverride` | Provide a name in place of `prometheus-operator` |`""`| +| `fullNameOverride` | Provide a name to substitute for the full names of resources |`""`| +| `commonLabels` | Labels to apply to all resources | `[]` | +| `defaultRules.create` | Create default rules for monitoring the cluster | `true` | +| `defaultRules.rules.alertmanager` | Create default rules for Alert Manager | `true` | +| `defaultRules.rules.etcd` | Create default rules for ETCD | `true` | +| `defaultRules.rules.general` | Create General default rules| `true` | +| `defaultRules.rules.k8s` | Create K8S default rules| `true` | +| `defaultRules.rules.kubeApiserver` | Create Api Server default rules| `true` | +| `defaultRules.rules.kubePrometheusNodeAlerting` | Create Node Alerting default rules| `true` | +| `defaultRules.rules.kubePrometheusNodeRecording` | Create Node Recording default rules| `true` | +| `defaultRules.rules.kubeScheduler` | Create Kubernetes Scheduler default rules| `true` | +| `defaultRules.rules.kubernetesAbsent` | Create Kubernetes Absent (example API Server down) default rules| `true` | +| `defaultRules.rules.kubernetesApps` | Create Kubernetes Apps default rules| `true` | +| `defaultRules.rules.kubernetesResources` | Create Kubernetes Resources default rules| `true` | +| `defaultRules.rules.kubernetesStorage` | Create Kubernetes Storage default rules| `true` | +| `defaultRules.rules.kubernetesSystem` | Create Kubernetes System default rules| `true` | +| `defaultRules.rules.node` | Create Node default rules| `true` | +| `defaultRules.rules.PrometheusOperator` | Create Prometheus Operator default rules| `true` | +| `defaultRules.rules.prometheus` | Create Prometheus default rules| `true` | +| `defaultRules.labels` | Labels for default rules for monitoring the cluster | `{}` | +| `defaultRules.annotations` | Annotations for default rules for monitoring the cluster | `{}` | +| `additionalPrometheusRules` | List of `prometheusRule` objects to create. See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusrulespec. | `[]` | +| `global.rbac.create` | Create RBAC resources | `true` | +| `global.rbac.pspEnabled` | Create pod security policy resources | `true` | +| `global.imagePullSecrets` | Reference to one or more secrets to be used when pulling images | `[]` | + +### Prometheus Operator +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `prometheusOperator.enabled` | Deploy Prometheus Operator. Only one of these should be deployed into the cluster | `true` | +| `prometheusOperator.serviceAccount` | Create a serviceaccount for the operator | `true` | +| `prometheusOperator.name` | Operator serviceAccount name | `""` | +| `prometheusOperator.logFormat` | Operator log output formatting | `"logfmt"` | +| `prometheusOperator.logLevel` | Operator log level. Possible values: "all", "debug", "info", "warn", "error", "none" | `"info"` | +| `prometheusOperator.createCustomResource` | Create CRDs. Required if deploying anything besides the operator itself as part of the release. The operator will create / update these on startup. If your Helm version < 2.10 you will have to either create the CRDs first or deploy the operator first, then the rest of the resources | `true` | +| `prometheusOperator.crdApiGroup` | Specify the API Group for the CustomResourceDefinitions | `monitoring.coreos.com` | +| `prometheusOperator.cleanupCustomResource` | Attempt to delete CRDs when the release is removed. This option may be useful while testing but is not recommended, as deleting the CRD definition will delete resources and prevent the operator from being able to clean up resources that it manages | `false` | +| `prometheusOperator.podLabels` | Labels to add to the operator pod | `{}` | +| `prometheusOperator.priorityClassName` | Name of Priority Class to assign pods | `nil` | +| `prometheusOperator.kubeletService.enabled` | If true, the operator will create and maintain a service for scraping kubelets | `true` | +| `prometheusOperator.kubeletService.namespace` | Namespace to deploy kubelet service | `kube-system` | +| `prometheusOperator.serviceMonitor.selfMonitor` | Enable monitoring of prometheus operator | `true` | +| `prometheusOperator.service.type` | Prometheus operator service type | `ClusterIP` | +| `prometheusOperator.service.clusterIP` | Prometheus operator service clusterIP IP | `""` | +| `prometheusOperator.service.nodePort` | Port to expose prometheus operator service on each node | `38080` | +| `prometheusOperator.service.annotations` | Annotations to be added to the prometheus operator service | `{}` | +| `prometheusOperator.service.labels` | Prometheus Operator Service Labels | `{}` | +| `prometheusOperator.service.externalIPs` | List of IP addresses at which the Prometheus Operator server service is available | `[]` | +| `prometheusOperator.service.loadBalancerIP` | Prometheus Operator Loadbalancer IP | `""` | +| `prometheusOperator.service.loadBalancerSourceRanges` | Prometheus Operator Load Balancer Source Ranges | `[]` | +| `prometheusOperator.resources` | Resource limits for prometheus operator | `{}` | +| `prometheusOperator.securityContext` | SecurityContext for prometheus operator | `{"runAsNonRoot": true, "runAsUser": 65534}` | +| `prometheusOperator.nodeSelector` | Prometheus operator node selector https://kubernetes.io/docs/user-guide/node-selection/ | `{}` | +| `prometheusOperator.tolerations` | Tolerations for use with node taints https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | `[]` | +| `prometheusOperator.affinity` | Assign the prometheus operator to run on specific nodes https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | `{}` | +| `prometheusOperator.image.repository` | Repository for prometheus operator image | `quay.io/coreos/prometheus-operator` | +| `prometheusOperator.image.tag` | Tag for prometheus operator image | `v0.29.0` | +| `prometheusOperator.image.pullPolicy` | Pull policy for prometheus operator image | `IfNotPresent` | +| `prometheusOperator.configmapReloadImage.repository` | Repository for configmapReload image | `quay.io/coreos/configmap-reload` | +| `prometheusOperator.configmapReloadImage.tag` | Tag for configmapReload image | `v0.0.1` | +| `prometheusOperator.prometheusConfigReloaderImage.repository` | Repository for config-reloader image | `quay.io/coreos/prometheus-config-reloader` | +| `prometheusOperator.prometheusConfigReloaderImage.tag` | Tag for config-reloader image | `v0.29.0` | +| `prometheusOperator.hyperkubeImage.repository` | Repository for hyperkube image used to perform maintenance tasks | `k8s.gcr.io/hyperkube` | +| `prometheusOperator.hyperkubeImage.tag` | Tag for hyperkube image used to perform maintenance tasks | `v1.12.1` | +| `prometheusOperator.hyperkubeImage.repository` | Image pull policy for hyperkube image used to perform maintenance tasks | `IfNotPresent` | + +### Prometheus +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `prometheus.enabled` | Deploy prometheus | `true` | +| `prometheus.serviceMonitor.selfMonitor` | Create a `serviceMonitor` to automatically monitor the prometheus instance | `true` | +| `prometheus.serviceAccount.create` | Create a default serviceaccount for prometheus to use | `true` | +| `prometheus.serviceAccount.name` | Name for prometheus serviceaccount | `""` | +| `prometheus.rbac.roleNamespaces` | Create role bindings in the specified namespaces, to allow Prometheus monitoring a role binding in the release namespace will always be created. | `["kube-system"]` | +| `prometheus.podDisruptionBudget.enabled` | If true, create a pod disruption budget for prometheus pods. The created resource cannot be modified once created - it must be deleted to perform a change | `true` | +| `prometheus.podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `prometheus.podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `prometheus.ingress.enabled` | If true, Prometheus Ingress will be created | `false` | +| `prometheus.ingress.annotations` | Prometheus Ingress annotations | `{}` | +| `prometheus.ingress.labels` | Prometheus Ingress additional labels | `{}` | +| `prometheus.ingress.hosts` | Prometheus Ingress hostnames | `[]` | +| `prometheus.ingress.tls` | Prometheus Ingress TLS configuration (YAML) | `[]` | +| `prometheus.service.type` | Prometheus Service type | `ClusterIP` | +| `prometheus.service.clusterIP` | Prometheus service clusterIP IP | `""` | +| `prometheus.service.targetPort` | Prometheus Service internal port | `9090` | +| `prometheus.service.nodePort` | Prometheus Service port for NodePort service type | `39090` | +| `prometheus.service.annotations` | Prometheus Service Annotations | `{}` | +| `prometheus.service.labels` | Prometheus Service Labels | `{}` | +| `prometheus.service.externalIPs` | List of IP addresses at which the Prometheus server service is available | `[]` | +| `prometheus.service.loadBalancerIP` | Prometheus Loadbalancer IP | `""` | +| `prometheus.service.loadBalancerSourceRanges` | Prometheus Load Balancer Source Ranges | `[]` | +| `prometheus.service.sessionAffinity` | Prometheus Service Session Affinity | `""` | +| `prometheus.additionalServiceMonitors` | List of `serviceMonitor` objects to create. See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitorspec | `[]` | +| `prometheus.prometheusSpec.podMetadata` | Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | `{}` | +| `prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues` | If true, a nil or {} value for prometheus.prometheusSpec.serviceMonitorSelector will cause the prometheus resource to be created with selectors based on values in the helm deployment, which will also match the servicemonitors created | `true` | +| `prometheus.prometheusSpec.serviceMonitorSelector` | ServiceMonitors to be selected for target discovery. If {}, select all ServiceMonitors | `{}` | +| `prometheus.prometheusSpec.serviceMonitorNamespaceSelector` | Namespaces to be selected for ServiceMonitor discovery. See [namespaceSelector](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector) for usage | `{}` | +| `prometheus.prometheusSpec.image.repository` | Base image to use for a Prometheus deployment. | `quay.io/prometheus/prometheus` | +| `prometheus.prometheusSpec.image.tag` | Tag of Prometheus container image to be deployed. | `v2.7.1` | +| `prometheus.prometheusSpec.paused` | When a Prometheus deployment is paused, no actions except for deletion will be performed on the underlying objects. | `false` | +| `prometheus.prometheusSpec.replicas` | Number of instances to deploy for a Prometheus deployment. | `1` | +| `prometheus.prometheusSpec.retention` | Time duration Prometheus shall retain data for. Must match the regular expression `[0-9]+(ms\|s\|m\|h\|d\|w\|y)` (milliseconds seconds minutes hours days weeks years). | `120h` | +| `prometheus.prometheusSpec.logLevel` | Log level for Prometheus to be configured with. | `info` | +| `prometheus.prometheusSpec.scrapeInterval` | Interval between consecutive scrapes. | `""` | +| `prometheus.prometheusSpec.evaluationInterval` | Interval between consecutive evaluations. | `""` | +| `prometheus.prometheusSpec.externalLabels` | The labels to add to any time series or alerts when communicating with external systems (federation, remote storage, Alertmanager). | `[]` | +| `prometheus.prometheusSpec.externalUrl` | The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name. | `""` | +| `prometheus.prometheusSpec.routePrefix` | The route prefix Prometheus registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. | `/` | +| `prometheus.prometheusSpec.storageSpec` | Storage spec to specify how storage shall be used. | `{}` | +| `prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues` | If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the prometheus resource to be created with selectors based on values in the helm deployment, which will also match the PrometheusRule resources created. | `true` | +| `prometheus.prometheusSpec.ruleSelector` | A selector to select which PrometheusRules to mount for loading alerting rules from. Until (excluding) Prometheus Operator v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps to PrometheusRule custom resources selected by RuleSelector. Make sure it does not match any config maps that you do not want to be migrated. If {}, select all PrometheusRules | `{}` | +| `prometheus.prometheusSpec.ruleNamespaceSelector` | Namespaces to be selected for PrometheusRules discovery. If nil, select own namespace. See [namespaceSelector](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector) for usage | `{}` | +| `prometheus.prometheusSpec.alertingEndpoints` | Alertmanagers to which alerts will be sent https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#alertmanagerendpoints Default configuration will connect to the alertmanager deployed as part of this release | `[]` | +| `prometheus.prometheusSpec.resources` | Define resources requests and limits for single Pods. | `{}` | +| `prometheus.prometheusSpec.nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` | +| `prometheus.prometheusSpec.secrets` | Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The Secrets are mounted into /etc/prometheus/secrets/. Secrets changes after initial creation of a Prometheus object are not reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated with the new list of secrets. | `[]` | +| `prometheus.prometheusSpec.configMaps` | ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/ | `[]` | +|`prometheus.prometheusSpec.podAntiAffinity` | Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node. The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. | `""` | +|`prometheus.prometheusSpec.podAntiAffinityTopologyKey` | If anti-affinity is enabled sets the topologyKey to use for anti-affinity. This can be changed to, for example `failure-domain.beta.kubernetes.io/zone`| `kubernetes.io/hostname` | +| `prometheus.prometheusSpec.tolerations` | If specified, the pod's tolerations. | `[]` | +| `prometheus.prometheusSpec.remoteWrite` | If specified, the remote_write spec. This is an experimental feature, it may change in any upcoming release in a breaking way. | `[]` | +| `prometheus.prometheusSpec.remoteRead` | If specified, the remote_read spec. This is an experimental feature, it may change in any upcoming release in a breaking way. | `[]` | +| `prometheus.prometheusSpec.securityContext` | SecurityContext holds pod-level security attributes and common container settings. This defaults to non root user with uid 1000 and gid 2000 in order to support migration from operator version <0.26. | `{"runAsNonRoot": true, "runAsUser": 1000, "fsGroup": 2000}` | +| `prometheus.prometheusSpec.listenLocal` | ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP. | `false` | +| `prometheus.prometheusSpec.containers` | Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod. |`[]`| +| `prometheus.prometheusSpec.additionalScrapeConfigs` | AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#. As scrape configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible scrape configs are going to break Prometheus after the upgrade. | `{}` | +| `prometheus.prometheusSpec.additionalScrapeConfigsExternal` | Enable additional scrape configs that are managed externally to this chart. Note that the prometheus will fail to provision if the correct secret does not exist. | `false` | +| `prometheus.prometheusSpec.additionalAlertManagerConfigs` | AdditionalAlertManagerConfigs allows for manual configuration of alertmanager jobs in the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#. AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade. | `{}` | +| `prometheus.prometheusSpec.additionalAlertRelabelConfigs` | AdditionalAlertRelabelConfigs allows specifying additional Prometheus alert relabel configurations. Alert relabel configurations specified are appended to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel configs are going to break Prometheus after the upgrade. | `[]` | +| `prometheus.prometheusSpec.thanos` | Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. This section is experimental, it may change significantly without deprecation notice in any release.This is experimental and may change significantly without backward compatibility in any release. See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#thanosspec | `{}` | +| `prometheus.prometheusSpec.priorityClassName` | Priority class assigned to the Pods | `""` | + +### Alertmanager +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `alertmanager.enabled` | Deploy alertmanager | `true` | +| `alertmanager.serviceMonitor.selfMonitor` | Create a `serviceMonitor` to automatically monitor the alartmanager instance | `true` | +| `alertmanager.serviceAccount.create` | Create a `serviceAccount` for alertmanager | `true` | +| `alertmanager.serviceAccount.name` | Name for Alertmanager service account | `""` | +| `alertmanager.podDisruptionBudget.enabled` | If true, create a pod disruption budget for Alertmanager pods. The created resource cannot be modified once created - it must be deleted to perform a change | `true` | +| `alertmanager.podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `alertmanager.podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `alertmanager.ingress.enabled` | If true, Alertmanager Ingress will be created | `false` | +| `alertmanager.ingress.annotations` | Alertmanager Ingress annotations | `{}` | +| `alertmanager.ingress.labels` | Alertmanager Ingress additional labels | `{}` | +| `alertmanager.ingress.hosts` | Alertmanager Ingress hostnames | `[]` | +| `alertmanager.ingress.tls` | Alertmanager Ingress TLS configuration (YAML) | `[]` | +| `alertmanager.service.type` | Alertmanager Service type | `ClusterIP` | +| `alertmanager.service.clusterIP` | Alertmanager service clusterIP IP | `""` | +| `alertmanager.service.nodePort` | Alertmanager Service port for NodePort service type | `30903` | +| `alertmanager.service.annotations` | Alertmanager Service annotations | `{}` | +| `alertmanager.service.labels` | Alertmanager Service Labels | `{}` | +| `alertmanager.service.externalIPs` | List of IP addresses at which the Alertmanager server service is available | `[]` | +| `alertmanager.service.loadBalancerIP` | Alertmanager Loadbalancer IP | `""` | +| `alertmanager.service.loadBalancerSourceRanges` | Alertmanager Load Balancer Source Ranges | `[]` | +| `alertmanager.config` | Provide YAML to configure Alertmanager. See https://prometheus.io/docs/alerting/configuration/#configuration-file. The default provided works to suppress the Watchdog alert from `defaultRules.create` | `{"global":{"resolve_timeout":"5m"},"route":{"group_by":["job"],"group_wait":"30s","group_interval":"5m","repeat_interval":"12h","receiver":"null","routes":[{"match":{"alertname":"Watchdog"},"receiver":"null"}]},"receivers":[{"name":"null"}]}` | +| `alertmanager.alertmanagerSpec.podMetadata` | Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata Metadata Labels and Annotations gets propagated to the prometheus pods. | `{}` | +| `alertmanager.alertmanagerSpec.image.tag` | Tag of Alertmanager container image to be deployed. | `v0.16.1` | +| `alertmanager.alertmanagerSpec.image.repository` | Base image that is used to deploy pods, without tag. | `quay.io/prometheus/alertmanager` | +| `alertmanager.alertmanagerSpec.secrets` | Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/. | `[]` | +| `alertmanager.alertmanagerSpec.configMaps` | ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/ | `[]` | +| `alertmanager.alertmanagerSpec.logLevel` | Log level for Alertmanager to be configured with. | `info` | +| `alertmanager.alertmanagerSpec.replicas` | Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the running cluster equal to the expected size. | `1` | +| `alertmanager.alertmanagerSpec.retention` | Time duration Alertmanager shall retain data for. Value must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours). | `120h` | +| `alertmanager.alertmanagerSpec.storage` | Storage is the definition of how storage will be used by the Alertmanager instances. | `{}` | +| `alertmanager.alertmanagerSpec.externalUrl` | The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. | `""` | +| `alertmanager.alertmanagerSpec.routePrefix` | The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with `kubectl proxy`. | `/` | +| `alertmanager.alertmanagerSpec.paused` | If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions. | `false` | +| `alertmanager.alertmanagerSpec.nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` | +| `alertmanager.alertmanagerSpec.resources` | Define resources requests and limits for single Pods. | `{}` | +| `alertmanager.alertmanagerSpec.podAntiAffinity` | Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node. The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. | `""` | +|`prometheus.prometheusSpec.podAntiAffinityTopologyKey` | If anti-affinity is enabled sets the topologyKey to use for anti-affinity. This can be changed to, for example `failure-domain.beta.kubernetes.io/zone`| `kubernetes.io/hostname` | +| `alertmanager.alertmanagerSpec.tolerations` | If specified, the pod's tolerations. | `[]` | +| `alertmanager.alertmanagerSpec.securityContext` | SecurityContext holds pod-level security attributes and common container settings. This defaults to non root user with uid 1000 and gid 2000 in order to support migration from operator version < 0.26 | `{"runAsNonRoot": true, "runAsUser": 1000, "fsGroup": 2000}` | +| `alertmanager.alertmanagerSpec.listenLocal` | ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. Note this is only for the Alertmanager UI, not the gossip communication. | `false` | +| `alertmanager.alertmanagerSpec.containers` | Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. | `[]` | +| `alertmanager.alertmanagerSpec.priorityClassName` | Priority class assigned to the Pods | `""` | +| `alertmanager.alertmanagerSpec.additionalPeers` | AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. | `[]` | + +### Grafana +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `grafana.enabled` | If true, deploy the grafana sub-chart | `true` | +| `grafana.serviceMonitor.selfMonitor` | Create a `serviceMonitor` to automatically monitor the grafana instance | `true` | +| `grafana.adminPassword` | Admin password to log into the grafana UI | "prom-operator" | +| `grafana.defaultDashboardsEnabled` | Deploy default dashboards. These are loaded using the sidecar | `true` | +| `grafana.ingress.enabled` | Enables Ingress for Grafana | `false` | +| `grafana.ingress.annotations` | Ingress annotations for Grafana | `{}` | +| `grafana.ingress.labels` | Custom labels for Grafana Ingress | `{}` | +| `grafana.ingress.hosts` | Ingress accepted hostnames for Grafana| `[]` | +| `grafana.ingress.tls` | Ingress TLS configuration for Grafana | `[]` | +| `grafana.sidecar.dashboards.enabled` | Enable the Grafana sidecar to automatically load dashboards with a label `{{ grafana.sidecar.dashboards.label }}=1` | `true` | +| `grafana.sidecar.dashboards.label` | If the sidecar is enabled, configmaps with this label will be loaded into Grafana as dashboards | `grafana_dashboard` | +| `grafana.sidecar.datasources.enabled` | Enable the Grafana sidecar to automatically load dashboards with a label `{{ grafana.sidecar.datasources.label }}=1` | `true` | +| `grafana.sidecar.datasources.label` | If the sidecar is enabled, configmaps with this label will be loaded into Grafana as datasources configurations | `grafana_datasource` | +| `grafana.rbac.pspUseAppArmor` | Enforce AppArmor in created PodSecurityPolicy (requires rbac.pspEnabled) | `true` | +| `grafana.extraConfigmapMounts` | Additional grafana server configMap volume mounts | `[]` | + +### Exporters +| Parameter | Description | Default | +| ----- | ----------- | ------ | +| `kubeApiServer.enabled` | Deploy `serviceMonitor` to scrape the Kubernetes API server | `true` | +| `kubeApiServer.relabelings` | Relablings for the API Server ServiceMonitor | `[]` | +| `kubeApiServer.tlsConfig.serverName` | Name of the server to use when validating TLS certificate | `kubernetes` | +| `kubeApiServer.tlsConfig.insecureSkipVerify` | Skip TLS certificate validation when scraping | `false` | +| `kubeApiServer.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus | `component` | +| `kubeApiServer.serviceMonitor.selector` | The service selector | `{"matchLabels":{"component":"apiserver","provider":"kubernetes"}}` +| `kubelet.enabled` | Deploy servicemonitor to scrape the kubelet service. See also `prometheusOperator.kubeletService` | `true` | +| `kubelet.namespace` | Namespace where the kubelet is deployed. See also `prometheusOperator.kubeletService.namespace` | `kube-system` | +| `kubelet.serviceMonitor.https` | Enable scraping of the kubelet over HTTPS. For more information, see https://github.com/coreos/prometheus-operator/issues/926 | `false` | +| `kubelet.serviceMonitor.cAdvisorMetricRelabelings` | The `metric_relabel_configs` for scraping cAdvisor. | `` | +| `kubeControllerManager.enabled` | Deploy a `service` and `serviceMonitor` to scrape the Kubernetes controller-manager | `true` | +| `kubeControllerManager.endpoints` | Endpoints where Controller-manager runs. Provide this if running Controller-manager outside the cluster | `[]` | +| `kubeControllermanager.service.port` | Controller-manager port for the service runs on | `10252` | +| `kubeControllermanager.service.targetPort` | Controller-manager targetPort for the service runs on | `10252` | +| `kubeControllermanager.service.selector` | Controller-manager service selector | `{"k8s-app" : "kube-controller-manager" }` +| `coreDns.enabled` | Deploy coreDns scraping components. Use either this or kubeDns | true | +| `coreDns.service.port` | CoreDns port | `9153` | +| `coreDns.service.targetPort` | CoreDns targetPort | `9153` | +| `coreDns.service.selector` | CoreDns service selector | `{"k8s-app" : "coredns" }` +| `kubeDns.enabled` | Deploy kubeDns scraping components. Use either this or coreDns| `false` | +| `kubeDns.service.selector` | CoreDns service selector | `{"k8s-app" : "kube-dns" }` | +| `kubeEtcd.enabled` | Deploy components to scrape etcd | `true` | +| `kubeEtcd.endpoints` | Endpoints where etcd runs. Provide this if running etcd outside the cluster | `[]` | +| `kubeEtcd.service.port` | Etcd port | `4001` | +| `kubeEtcd.service.targetPort` | Etcd targetPort | `4001` | +| `kubeEtcd.service.selector` | Selector for etcd if running inside the cluster | `{"k8s-app":"etcd-server"}` | +| `kubeEtcd.serviceMonitor.scheme` | Etcd servicemonitor scheme | `http` | +| `kubeEtcd.serviceMonitor.insecureSkipVerify` | Skip validating etcd TLS certificate when scraping | `false` | +| `kubeEtcd.serviceMonitor.serverName` | Etcd server name to validate certificate against when scraping | `""` | +| `kubeEtcd.serviceMonitor.caFile` | Certificate authority file to use when connecting to etcd. See `prometheus.prometheusSpec.secrets` | `""` | +| `kubeEtcd.serviceMonitor.certFile` | Client certificate file to use when connecting to etcd. See `prometheus.prometheusSpec.secrets` | `""` | +| `kubeEtcd.serviceMonitor.keyFile` | Client key file to use when connecting to etcd. See `prometheus.prometheusSpec.secrets` | `""` | +| `kubeScheduler.enabled` | Deploy a `service` and `serviceMonitor` to scrape the Kubernetes scheduler | `true` | +| `kubeScheduler.endpoints` | Endpoints where scheduler runs. Provide this if running scheduler outside the cluster | `[]` | +| `kubeScheduler.service.port` | Scheduler port for the service runs on | `10251` | +| `kubeScheduler.service.targetPort` | Scheduler targetPort for the service runs on | `10251` | +| `kubeScheduler.service.selector` | Scheduler service selector | `{"k8s-app" : "kube-scheduler" }` +| `kubeStateMetrics.enabled` | Deploy the `kube-state-metrics` chart and configure a servicemonitor to scrape | `true` | +| `kube-state-metrics.rbac.create` | Create RBAC components in kube-state-metrics. See `global.rbac.create` | `true` | +| `kube-state-metrics.podSecurityPolicy.enabled` | Create pod security policy resource for kube-state-metrics. | `true` | +| `nodeExporter.enabled` | Deploy the `prometheus-node-exporter` and scrape it | `true` | +| `nodeExporter.jobLabel` | The name of the label on the target service to use as the job name in prometheus. See `prometheus-node-exporter.podLabels.jobLabel=node-exporter` default | `jobLabel` | +| `prometheus-node-exporter.podLabels` | Additional labels for pods in the DaemonSet | `{"jobLabel":"node-exporter"}` | +| `prometheus-node-exporter.extraArgs` | Additional arguments for the node exporter container | `["--collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/)", "--collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$"]` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install --name my-release stable/prometheus-operator --set prometheusOperator.enabled=true +``` + +Alternatively, one or more YAML files that specify the values for the above parameters can be provided while installing the chart. For example, + +```console +$ helm install --name my-release stable/prometheus-operator -f values1.yaml,values2.yaml +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + + +## Developing Prometheus Rules and Grafana Dashboards + +This chart Grafana Dashboards and Prometheus Rules are just a copy from coreos/prometheus-operator and other sources, synced (with alterations) by scripts in [hack](hack) folder. In order to introduce any changes you need to first [add them to original repo](https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/docs/developing-prometheus-rules-and-grafana-dashboards.md) and then sync there by scripts. + +## Further Information + +For more in-depth documentation of configuration options meanings, please see +- [Prometheus Operator](https://github.com/coreos/prometheus-operator) +- [Prometheus](https://prometheus.io/docs/introduction/overview/) +- [Grafana](https://github.com/helm/charts/tree/master/stable/grafana#grafana-helm-chart) + +## Helm <2.10 workaround +The `crd-install` hook is required to deploy the prometheus operator CRDs before they are used. If you are forced to use an earlier version of Helm you can work around this requirement as follows: +1. Install prometheus-operator by itself, disabling everything but the prometheus-operator component, and also setting `prometheusOperator.serviceMonitor.selfMonitor=false` +2. Install all the other components, and configure `prometheus.additionalServiceMonitors` to scrape the prometheus-operator service. + +# Migrating from coreos/prometheus-operator chart + +The multiple charts have been combined into a single chart that installs prometheus operator, prometheus, alertmanager, grafana as well as the multitude of exporters necessary to monitor a cluster. + +There is no simple and direct migration path between the charts as the changes are extensive and intended to make the chart easier to support. + +The capabilities of the old chart are all available in the new chart, including the ability to run multiple prometheus instances on a single cluster - you will need to disable the parts of the chart you do not wish to deploy. + +You can check out the tickets for this change [here](https://github.com/coreos/prometheus-operator/issues/592) and [here](https://github.com/helm/charts/pull/6765) + +## High-level overview of Changes +The chart has 3 dependencies, that can be seen in the chart's requirements file: +https://github.com/helm/charts/blob/master/stable/prometheus-operator/requirements.yaml + +### Node-Exporter, Kube-State-Metrics +These components are loaded as dependencies into the chart. The source for both charts is found in the same repository. They are relatively simple components. + +### Grafana +The Grafana chart is more feature-rich than this chart - it contains a sidecar that is able to load data sources and dashboards from configmaps deployed into the same cluster. For more information check out the [documentation for the chart](https://github.com/helm/charts/tree/master/stable/grafana) + +### Coreos CRDs +The CRDs are provisioned using crd-install hooks, rather than relying on a separate chart installation. If you already have these CRDs provisioned and don't want to remove them, you can disable the CRD creation by these hooks by passing `prometheusOperator.createCustomResource=false` + +### Kubelet Service +Because the kubelet service has a new name in the chart, make sure to clean up the old kubelet service in the `kube-system` namespace to prevent counting container metrics twice + +### Persistent Volumes +If you would like to keep the data of the current persistent volumes, it should be possible to attach existing volumes to new PVCs and PVs that are created using the conventions in the new chart. For example, in order to use an existing Azure disk for a helm release called `prometheus-migration` the following resources can be created: +``` +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pvc-prometheus-migration-prometheus-0 +spec: + accessModes: + - ReadWriteOnce + azureDisk: + cachingMode: None + diskName: pvc-prometheus-migration-prometheus-0 + diskURI: /subscriptions/f5125d82-2622-4c50-8d25-3f7ba3e9ac4b/resourceGroups/sample-migration-resource-group/providers/Microsoft.Compute/disks/pvc-prometheus-migration-prometheus-0 + fsType: "" + kind: Managed + readOnly: false + capacity: + storage: 1Gi + persistentVolumeReclaimPolicy: Delete + storageClassName: prometheus + volumeMode: Filesystem +``` +``` +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: prometheus + prometheus: prometheus-migration-prometheus + name: prometheus-prometheus-migration-prometheus-db-prometheus-prometheus-migration-prometheus-0 + namespace: monitoring +spec: + accessModes: + - ReadWriteOnce + dataSource: null + resources: + requests: + storage: 1Gi + storageClassName: prometheus + volumeMode: Filesystem + volumeName: pvc-prometheus-migration-prometheus-0 +status: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi +``` + +The PVC will take ownership of the PV and when you create a release using a persistent volume claim template it will use the existing PVCs as they match the naming convention used by the chart. For other cloud providers similar approaches can be used. diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/NOTES.txt b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/NOTES.txt new file mode 100644 index 00000000..b5aec761 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/NOTES.txt @@ -0,0 +1,5 @@ +The Prometheus Operator has been installed. Check its status by running: + kubectl --namespace {{ .Release.Namespace }} get pods -l "release={{ .Release.Name }}" + +Visit https://github.com/coreos/prometheus-operator for instructions on how +to create & configure Alertmanager and Prometheus instances using the Operator. \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/_helpers.tpl b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/_helpers.tpl new file mode 100644 index 00000000..6ec1fa2b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/_helpers.tpl @@ -0,0 +1,91 @@ +{{/* vim: set filetype=mustache: */}} +{{/* Expand the name of the chart. This is suffixed with -alertmanager, which means subtract 13 from longest 63 available */}} +{{- define "prometheus-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 50 | trimSuffix "-" -}} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +The components in this chart create additional resources that expand the longest created name strings. +The longest name that gets created adds and extra 37 characters, so truncation should be 63-35=26. +*/}} +{{- define "prometheus-operator.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 26 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 26 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 26 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Fullname suffixed with operator */}} +{{- define "prometheus-operator.operator.fullname" -}} +{{- printf "%s-operator" (include "prometheus-operator.fullname" .) -}} +{{- end }} + +{{/* Fullname suffixed with prometheus */}} +{{- define "prometheus-operator.prometheus.fullname" -}} +{{- printf "%s-prometheus" (include "prometheus-operator.fullname" .) -}} +{{- end }} + +{{/* Fullname suffixed with alertmanager */}} +{{- define "prometheus-operator.alertmanager.fullname" -}} +{{- printf "%s-alertmanager" (include "prometheus-operator.fullname" .) -}} +{{- end }} + +{{/* Create chart name and version as used by the chart label. */}} +{{- define "prometheus-operator.chartref" -}} +{{- replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name -}} +{{- end }} + +{{/* Generate basic labels */}} +{{- define "prometheus-operator.labels" }} +chart: {{ template "prometheus-operator.chartref" . }} +release: {{ .Release.Name | quote }} +heritage: {{ .Release.Service | quote }} +{{- if .Values.commonLabels}} +{{ toYaml .Values.commonLabels }} +{{- end }} +{{- end }} + +{{/* Create the name of prometheus-operator service account to use */}} +{{- define "prometheus-operator.operator.serviceAccountName" -}} +{{- if and .Values.global.rbac.create .Values.prometheusOperator.serviceAccount.create -}} + {{ default (include "prometheus-operator.operator.fullname" .) .Values.prometheusOperator.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.prometheusOperator.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* Create the name of prometheus service account to use */}} +{{- define "prometheus-operator.prometheus.serviceAccountName" -}} +{{- if and .Values.global.rbac.create .Values.prometheus.serviceAccount.create -}} + {{ default (include "prometheus-operator.prometheus.fullname" .) .Values.prometheus.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.prometheus.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* Create the name of alertmanager service account to use */}} +{{- define "prometheus-operator.alertmanager.serviceAccountName" -}} +{{- if and .Values.global.rbac.create .Values.alertmanager.serviceAccount.create -}} + {{ default (include "prometheus-operator.alertmanager.fullname" .) .Values.alertmanager.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.alertmanager.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* Workaround for https://github.com/helm/helm/issues/3117 */}} +{{- define "prometheus-operator.rangeskipempty" -}} +{{- range $key, $value := . }} +{{- if $value }} +{{ $key }}: {{ $value }} +{{- end }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml new file mode 100644 index 00000000..24f93847 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/alertmanager.yaml @@ -0,0 +1,100 @@ +{{- if .Values.alertmanager.enabled }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: Alertmanager +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: +{{- if .Values.alertmanager.alertmanagerSpec.image }} + baseImage: {{ .Values.alertmanager.alertmanagerSpec.image.repository }} + version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }} +{{- end }} + replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }} + listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }} + serviceAccountName: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} +{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }} + externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}" +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }} + externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}" +{{- else if .Values.alertmanager.ingress.enabled }} + externalUrl: "http://{{ index .Values.alertmanager.ingress.hosts 0 }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" +{{- else }} + externalUrl: http://{{ template "prometheus-operator.fullname" . }}-alertmanager.{{ .Release.Namespace }}:9093 +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }} + nodeSelector: +{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }} +{{- end }} + paused: {{ .Values.alertmanager.alertmanagerSpec.paused }} + logLevel: {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote }} + retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote }} +{{- if .Values.alertmanager.alertmanagerSpec.secrets }} + secrets: +{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.configMaps }} + configMaps: +{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.resources }} + resources: +{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }} + routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.securityContext }} + securityContext: +{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.storage }} + storage: +{{ toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }} + podMetadata: +{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }} +{{- end }} +{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.tolerations }} + tolerations: +{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }} +{{- end }} +{{- if .Values.global.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.containers }} + containers: +{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }} + priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }} +{{- end }} +{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }} + additionalPeers: {{.Values.alertmanager.alertmanagerSpec.additionalPeers }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml new file mode 100644 index 00000000..fd657f71 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/ingress.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }} +{{- $routePrefix := .Values.alertmanager.alertmanagerSpec.routePrefix }} +{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $serviceName }} +{{- if .Values.alertmanager.ingress.annotations }} + annotations: +{{ toYaml .Values.alertmanager.ingress.annotations | indent 4 }} +{{- end }} + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{- if .Values.alertmanager.ingress.labels }} +{{ toYaml .Values.alertmanager.ingress.labels | indent 4 }} +{{- end }} +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + rules: + {{- range $host := .Values.alertmanager.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: "{{ $routePrefix }}" + backend: + serviceName: {{ $serviceName }} + servicePort: 9093 + {{- end }} +{{- if .Values.alertmanager.ingress.tls }} + tls: +{{ toYaml .Values.alertmanager.ingress.tls | indent 4 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml new file mode 100644 index 00000000..f240fe76 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml new file mode 100644 index 00000000..e83d8bc7 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-operator.fullname" . }}-alertmanager +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml new file mode 100644 index 00000000..e1d06ab4 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-alertmanager +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml new file mode 100644 index 00000000..01eda240 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/psp.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} + diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml new file mode 100644 index 00000000..e73c465f --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/secret.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.alertmanager.enabled }} +apiVersion: v1 +kind: Secret +metadata: + name: alertmanager-{{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +data: + alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }} +{{- range $key, $val := .Values.alertmanager.templateFiles }} + {{ $key }}: {{ $val | b64enc | quote }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/service.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/service.yaml new file mode 100644 index 00000000..d10bf745 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/service.yaml @@ -0,0 +1,42 @@ +{{- if .Values.alertmanager.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.alertmanager.service.annotations }} + annotations: +{{ toYaml .Values.alertmanager.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if .Values.alertmanager.service.clusterIP }} + clusterIP: {{ .Values.alertmanager.service.clusterIP }} +{{- end }} +{{- if .Values.alertmanager.service.externalIPs }} + externalIPs: +{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.alertmanager.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }} +{{- end }} +{{- if .Values.alertmanager.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: web + {{- if eq .Values.alertmanager.service.type "NodePort" }} + nodePort: {{ .Values.alertmanager.service.nodePort }} + {{- end }} + port: 9093 + targetPort: 9093 + protocol: TCP + selector: + app: alertmanager + alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager + type: "{{ .Values.alertmanager.service.type }}" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml new file mode 100644 index 00000000..bbed0287 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.alertmanager.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml new file mode 100644 index 00000000..5c8cab90 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/alertmanager/servicemonitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + labels: + app: {{ template "prometheus-operator.name" . }}-alertmanager +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-alertmanager + release: {{ .Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + endpoints: + - port: web + interval: 30s + path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml new file mode 100644 index 00000000..392b7c93 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml @@ -0,0 +1,18 @@ +{{- if .Values.nodeExporter.enabled }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-node-exporter + labels: + app: {{ template "prometheus-operator.name" . }}-node-exporter +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + jobLabel: {{ .Values.nodeExporter.jobLabel }} + selector: + matchLabels: + app: prometheus-node-exporter + release: {{ .Release.Name }} + endpoints: + - port: metrics + interval: 30s +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmap-dashboards.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmap-dashboards.yaml new file mode 100644 index 00000000..0289154b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmap-dashboards.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +{{- $files := .Files.Glob "dashboards/*.json" }} +{{- if $files }} +apiVersion: v1 +kind: ConfigMapList +items: +{{- range $path, $fileContents := $files }} +{{- $dashboardName := regexReplaceAll "(^.*/)(.*)\\.json$" $path "${2}" }} +- apiVersion: v1 + kind: ConfigMap + metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) $dashboardName | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 6 }} + data: + {{ $dashboardName }}.json: {{ $.Files.Get $path | toJson }} +{{- end }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmaps-datasources.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmaps-datasources.yaml new file mode 100644 index 00000000..5b8b54c4 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/configmaps-datasources.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.grafana.enabled .Values.grafana.sidecar.datasources.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "prometheus-operator.fullname" . }}-grafana-datasource + labels: + {{ $.Values.grafana.sidecar.datasources.label }}: "1" + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + datasource.yaml: |- + apiVersion: 1 + datasources: + - name: Prometheus + type: prometheus + url: http://{{ template "prometheus-operator.fullname" . }}-prometheus:9090/{{ trimPrefix "/" .Values.prometheus.prometheusSpec.routePrefix }} + access: proxy + isDefault: true +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/etcd.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/etcd.yaml new file mode 100644 index 00000000..161b1907 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/etcd.yaml @@ -0,0 +1,1110 @@ +# Generated from 'etcd' from https://raw.githubusercontent.com/etcd-io/etcd/master/Documentation/op-guide/grafana.json +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.kubeEtcd.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "etcd" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + etcd.json: |- + { + "annotations": { + "list": [] + }, + "description": "etcd sample Grafana dashboard with Prometheus", + "editable": true, + "gnetId": null, + "hideControls": false, + "id": 6, + "links": [], + "refresh": false, + "rows": [ + { + "collapse": false, + "editable": true, + "height": "250px", + "panels": [ + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "datasource": "$datasource", + "editable": true, + "error": false, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "id": 28, + "interval": null, + "isNew": true, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "targets": [ + { + "expr": "sum(etcd_server_has_leader{job=\"$cluster\"})", + "intervalFactor": 2, + "legendFormat": "", + "metric": "etcd_server_has_leader", + "refId": "A", + "step": 20 + } + ], + "thresholds": "", + "title": "Up", + "type": "singlestat", + "valueFontSize": "200%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "avg" + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "id": 23, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 5, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(grpc_server_started_total{job=\"$cluster\",grpc_type=\"unary\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "RPC Rate", + "metric": "grpc_server_started_total", + "refId": "A", + "step": 2 + }, + { + "expr": "sum(rate(grpc_server_handled_total{job=\"$cluster\",grpc_type=\"unary\",grpc_code!=\"OK\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "RPC Failed Rate", + "metric": "grpc_server_handled_total", + "refId": "B", + "step": 2 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "RPC Rate", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "ops", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "id": 41, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 4, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Watch\",grpc_type=\"bidi_stream\"})", + "intervalFactor": 2, + "legendFormat": "Watch Streams", + "metric": "grpc_server_handled_total", + "refId": "A", + "step": 4 + }, + { + "expr": "sum(grpc_server_started_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"}) - sum(grpc_server_handled_total{job=\"$cluster\",grpc_service=\"etcdserverpb.Lease\",grpc_type=\"bidi_stream\"})", + "intervalFactor": 2, + "legendFormat": "Lease Streams", + "metric": "grpc_server_handled_total", + "refId": "B", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Active Streams", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "showTitle": false, + "title": "Row" + }, + { + "collapse": false, + "editable": true, + "height": "250px", + "panels": [ + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "decimals": null, + "editable": true, + "error": false, + "fill": 0, + "grid": {}, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 4, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "etcd_mvcc_db_total_size_in_bytes{job=\"$cluster\"}", + "hide": false, + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} DB Size", + "metric": "", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "DB Size", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "grid": {}, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 1, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 4, + "stack": false, + "steppedLine": true, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=\"$cluster\"}[5m])) by (instance, le))", + "hide": false, + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} WAL fsync", + "metric": "etcd_disk_wal_fsync_duration_seconds_bucket", + "refId": "A", + "step": 4 + }, + { + "expr": "histogram_quantile(0.99, sum(rate(etcd_disk_backend_commit_duration_seconds_bucket{job=\"$cluster\"}[5m])) by (instance, le))", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} DB fsync", + "metric": "etcd_disk_backend_commit_duration_seconds_bucket", + "refId": "B", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Disk Sync Duration", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "s", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "id": 29, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 4, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "process_resident_memory_bytes{job=\"$cluster\"}", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Resident Memory", + "metric": "process_resident_memory_bytes", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Memory", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "title": "New row" + }, + { + "collapse": false, + "editable": true, + "height": "250px", + "panels": [ + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 5, + "id": 22, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 3, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(etcd_network_client_grpc_received_bytes_total{job=\"$cluster\"}[5m])", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Client Traffic In", + "metric": "etcd_network_client_grpc_received_bytes_total", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Client Traffic In", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 5, + "id": 21, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 3, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "rate(etcd_network_client_grpc_sent_bytes_total{job=\"$cluster\"}[5m])", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Client Traffic Out", + "metric": "etcd_network_client_grpc_sent_bytes_total", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Client Traffic Out", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "id": 20, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 3, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(etcd_network_peer_received_bytes_total{job=\"$cluster\"}[5m])) by (instance)", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Peer Traffic In", + "metric": "etcd_network_peer_received_bytes_total", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Peer Traffic In", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "decimals": null, + "editable": true, + "error": false, + "fill": 0, + "grid": {}, + "id": 16, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 3, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(etcd_network_peer_sent_bytes_total{job=\"$cluster\"}[5m])) by (instance)", + "hide": false, + "interval": "", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Peer Traffic Out", + "metric": "etcd_network_peer_sent_bytes_total", + "refId": "A", + "step": 4 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Peer Traffic Out", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "Bps", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "title": "New row" + }, + { + "collapse": false, + "editable": true, + "height": "250px", + "panels": [ + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "editable": true, + "error": false, + "fill": 0, + "id": 40, + "isNew": true, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(etcd_server_proposals_failed_total{job=\"$cluster\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "Proposal Failure Rate", + "metric": "etcd_server_proposals_failed_total", + "refId": "A", + "step": 2 + }, + { + "expr": "sum(etcd_server_proposals_pending{job=\"$cluster\"})", + "intervalFactor": 2, + "legendFormat": "Proposal Pending Total", + "metric": "etcd_server_proposals_pending", + "refId": "B", + "step": 2 + }, + { + "expr": "sum(rate(etcd_server_proposals_committed_total{job=\"$cluster\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "Proposal Commit Rate", + "metric": "etcd_server_proposals_committed_total", + "refId": "C", + "step": 2 + }, + { + "expr": "sum(rate(etcd_server_proposals_applied_total{job=\"$cluster\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "Proposal Apply Rate", + "refId": "D", + "step": 2 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Raft Proposals", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "", + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": {}, + "bars": false, + "datasource": "$datasource", + "decimals": 0, + "editable": true, + "error": false, + "fill": 0, + "id": 19, + "isNew": true, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": false, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "changes(etcd_server_leader_changes_seen_total{job=\"$cluster\"}[1d])", + "intervalFactor": 2, + "legendFormat": "{{`{{instance}}`}} Total Leader Elections Per Day", + "metric": "etcd_server_leader_changes_seen_total", + "refId": "A", + "step": 2 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Total Leader Elections Per Day", + "tooltip": { + "msResolution": false, + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "title": "New row" + } + ], + "schemaVersion": 13, + "sharedCrosshair": false, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + "text": "prod", + "value": "prod" + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "cluster", + "multi": false, + "name": "cluster", + "options": [], + "query": "label_values(etcd_server_has_leader, job)", + "refresh": 1, + "regex": "", + "sort": 2, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-15m", + "to": "now" + }, + "timepicker": { + "now": true, + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "browser", + "title": "etcd", + "version": 215 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-cluster-rsrc-use.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-cluster-rsrc-use.yaml new file mode 100644 index 00000000..5792140e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-cluster-rsrc-use.yaml @@ -0,0 +1,926 @@ +# Generated from 'k8s-cluster-rsrc-use' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-cluster-rsrc-use" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-cluster-rsrc-use.json: |- + { + "annotations": { + "list": [ + + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "links": [ + + ], + "refresh": "10s", + "rows": [ + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:cluster_cpu_utilisation:ratio", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_cpu_saturation_load1: / scalar(sum(min(kube_pod_info) by (node)))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Saturation (Load1)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:cluster_memory_utilisation:ratio", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_memory_swap_io_bytes:sum_rate", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Saturation (Swap I/O)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 5, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_disk_utilisation:avg_irate / scalar(:kube_pod_info_node_count:)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk IO Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 6, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_disk_saturation:avg_irate / scalar(:kube_pod_info_node_count:)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk IO Saturation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Disk", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 7, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_net_utilisation:sum_irate", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Net Utilisation (Transmitted)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_net_saturation:sum_irate", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Net Saturation (Dropped)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Network", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 9, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(max(node_filesystem_size_bytes{fstype=\u007e\"ext[234]|btrfs|xfs|zfs\"} - node_filesystem_avail_bytes{fstype=\u007e\"ext[234]|btrfs|xfs|zfs\"}) by (device,pod,namespace)) by (pod,namespace)\n/ scalar(sum(max(node_filesystem_size_bytes{fstype=\u007e\"ext[234]|btrfs|xfs|zfs\"}) by (device,pod,namespace)))\n* on (namespace, pod) group_left (node) node_namespace_pod:kube_pod_info:\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{node}}`}}", + "legendLink": "/d/4ac4f123aae0ff6dbaf4f4f66120033b/k8s-node-rsrc-use", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk Capacity", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": 1, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Storage", + "titleSize": "h6" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / USE Method / Cluster", + "uid": "a6e7d1362e1ddbb79db21d5bb40d7137", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-coredns.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-coredns.yaml new file mode 100644 index 00000000..b638913e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-coredns.yaml @@ -0,0 +1,1323 @@ +# Added manually, can be changed in-place. +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled .Values.coreDns.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-coredns" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-coredns.json: |- + { + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "description": "A dashboard for the CoreDNS DNS server.", + "editable": true, + "gnetId": 5926, + "graphTooltip": 0, + "id": 9, + "iteration": 1539947521873, + "links": [], + "panels": [ + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 8, + "x": 0, + "y": 0 + }, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "total", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_dns_request_count_total{instance=~\"$instance\"}[5m])) by (proto)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}", + "refId": "A", + "step": 60 + }, + { + "expr": "sum(rate(coredns_dns_request_count_total{instance=~\"$instance\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "total", + "refId": "B", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (total)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 8, + "x": 8, + "y": 0 + }, + "id": 12, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "total", + "yaxis": 2 + }, + { + "alias": "other", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_dns_request_type_count_total{instance=~\"$instance\"}[5m])) by (type)", + "intervalFactor": 2, + "legendFormat": "{{`{{type}}`}}", + "refId": "A", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (by qtype)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 8, + "x": 16, + "y": 0 + }, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "total", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_dns_request_count_total{instance=~\"$instance\"}[5m])) by (zone)", + "intervalFactor": 2, + "legendFormat": "{{`{{zone}}`}}", + "refId": "A", + "step": 60 + }, + { + "expr": "sum(rate(coredns_dns_request_count_total{instance=~\"$instance\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "total", + "refId": "B", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (by zone)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 7 + }, + "id": 10, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "total", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_dns_request_do_count_total{instance=~\"$instance\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "DO", + "refId": "A", + "step": 40 + }, + { + "expr": "sum(rate(coredns_dns_request_count_total{instance=~\"$instance\"}[5m]))", + "intervalFactor": 2, + "legendFormat": "total", + "refId": "B", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (DO bit)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "pps", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 6, + "x": 12, + "y": 7 + }, + "id": 9, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "tcp:90", + "yaxis": 2 + }, + { + "alias": "tcp:99 ", + "yaxis": 2 + }, + { + "alias": "tcp:50", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:99 ", + "refId": "A", + "step": 60 + }, + { + "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:90", + "refId": "B", + "step": 60 + }, + { + "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:50", + "refId": "C", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (size, udp)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 6, + "x": 18, + "y": 7 + }, + "id": 14, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "tcp:90", + "yaxis": 1 + }, + { + "alias": "tcp:99 ", + "yaxis": 1 + }, + { + "alias": "tcp:50", + "yaxis": 1 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:99 ", + "refId": "A", + "step": 60 + }, + { + "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:90", + "refId": "B", + "step": 60 + }, + { + "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto))", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:50", + "refId": "C", + "step": 60 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Requests (size,tcp)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 14 + }, + "id": 5, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_dns_response_rcode_count_total{instance=~\"$instance\"}[5m])) by (rcode)", + "intervalFactor": 2, + "legendFormat": "{{`{{rcode}}`}}", + "refId": "A", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Responses (by rcode)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 14 + }, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_request_duration_seconds_bucket{instance=~\"$instance\"}[5m])) by (le, job))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "99%", + "refId": "A", + "step": 40 + }, + { + "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_request_duration_seconds_bucket{instance=~\"$instance\"}[5m])) by (le))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "90%", + "refId": "B", + "step": 40 + }, + { + "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_request_duration_seconds_bucket{instance=~\"$instance\"}[5m])) by (le))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "50%", + "refId": "C", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Responses (duration)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "ms", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 21 + }, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "udp:50%", + "yaxis": 1 + }, + { + "alias": "tcp:50%", + "yaxis": 2 + }, + { + "alias": "tcp:90%", + "yaxis": 2 + }, + { + "alias": "tcp:99%", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:99%", + "refId": "A", + "step": 40 + }, + { + "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{instance=\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:90%", + "refId": "B", + "step": 40 + }, + { + "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\",proto=\"udp\"}[5m])) by (le,proto)) ", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:50%", + "metric": "", + "refId": "C", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Responses (size, udp)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 21 + }, + "id": 13, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "udp:50%", + "yaxis": 1 + }, + { + "alias": "tcp:50%", + "yaxis": 1 + }, + { + "alias": "tcp:90%", + "yaxis": 1 + }, + { + "alias": "tcp:99%", + "yaxis": 1 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "histogram_quantile(0.99, sum(rate(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:99%", + "refId": "A", + "step": 40 + }, + { + "expr": "histogram_quantile(0.90, sum(rate(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le,proto)) ", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:90%", + "refId": "B", + "step": 40 + }, + { + "expr": "histogram_quantile(0.50, sum(rate(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\",proto=\"tcp\"}[5m])) by (le, proto)) ", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{proto}}`}}:50%", + "metric": "", + "refId": "C", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Responses (size, tcp)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "bytes", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 0, + "y": 28 + }, + "id": 15, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(coredns_cache_size{instance=~\"$instance\"}) by (type)", + "intervalFactor": 2, + "legendFormat": "{{`{{type}}`}}", + "refId": "A", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Cache (size)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "Prometheus", + "editable": true, + "error": false, + "fill": 1, + "grid": {}, + "gridPos": { + "h": 7, + "w": 12, + "x": 12, + "y": 28 + }, + "id": 16, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "connected", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + { + "alias": "misses", + "yaxis": 2 + } + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(rate(coredns_cache_hits_total{instance=~\"$instance\"}[5m])) by (type)", + "intervalFactor": 2, + "legendFormat": "hits:{{`{{type}}`}}", + "refId": "A", + "step": 40 + }, + { + "expr": "sum(rate(coredns_cache_misses_total{instance=~\"$instance\"}[5m])) by (type)", + "intervalFactor": 2, + "legendFormat": "misses", + "refId": "B", + "step": 40 + } + ], + "thresholds": [], + "timeFrom": null, + "timeShift": null, + "title": "Cache (hitrate)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "cumulative" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "pps", + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + } + ], + "schemaVersion": 16, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "allValue": ".*", + "current": { + "selected": true, + "tags": [], + "text": "172.16.1.8:9153", + "value": "172.16.1.8:9153" + }, + "datasource": "Prometheus", + "hide": 0, + "includeAll": true, + "label": "Instance", + "multi": false, + "name": "instance", + "options": [], + "query": "up{job=\"coredns\"}", + "refresh": 1, + "regex": ".*instance=\"(.*?)\".*", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-3h", + "to": "now" + }, + "timepicker": { + "now": true, + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "utc", + "title": "CoreDNS", + "uid": "vkQ0UHxik", + "version": 1 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-node-rsrc-use.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-node-rsrc-use.yaml new file mode 100644 index 00000000..19394efe --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-node-rsrc-use.yaml @@ -0,0 +1,953 @@ +# Generated from 'k8s-node-rsrc-use' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-node-rsrc-use" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-node-rsrc-use.json: |- + { + "annotations": { + "list": [ + + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "links": [ + + ], + "refresh": "10s", + "rows": [ + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_cpu_utilisation:avg1m{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Utilisation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_cpu_saturation_load1:{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Saturation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Saturation (Load1)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_memory_utilisation:{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Memory", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_memory_swap_io_bytes:sum_rate{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Swap IO", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Saturation (Swap I/O)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 5, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_disk_utilisation:avg_irate{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Utilisation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk IO Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 6, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_disk_saturation:avg_irate{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Saturation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk IO Saturation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Disk", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 7, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_net_utilisation:sum_irate{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Utilisation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Net Utilisation (Transmitted)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_net_saturation:sum_irate{node=\"$node\"}", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Saturation", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Net Saturation (Dropped)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "Bps", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Net", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 9, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_filesystem_usage:\n* on (namespace, pod) group_left (node) node_namespace_pod:kube_pod_info:{node=\"$node\"}\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{device}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Disk", + "titleSize": "h6" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + "text": "prod", + "value": "prod" + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "node", + "multi": false, + "name": "node", + "options": [ + + ], + "query": "label_values(kube_node_info, node)", + "refresh": 1, + "regex": "", + "sort": 2, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / USE Method / Node", + "uid": "4ac4f123aae0ff6dbaf4f4f66120033b", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-cluster.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-cluster.yaml new file mode 100644 index 00000000..2f61ac42 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-cluster.yaml @@ -0,0 +1,1338 @@ +# Generated from 'k8s-resources-cluster' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-resources-cluster" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-resources-cluster.json: |- + { + "annotations": { + "list": [ + + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "links": [ + + ], + "refresh": "10s", + "rows": [ + { + "collapse": false, + "height": "100px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "1 - avg(rate(node_cpu_seconds_total{mode=\"idle\"}[1m]))", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "CPU Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(kube_pod_container_resource_requests_cpu_cores) / sum(node:node_num_cpu:sum)", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "CPU Requests Commitment", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(kube_pod_container_resource_limits_cpu_cores) / sum(node:node_num_cpu:sum)", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "CPU Limits Commitment", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "1 - sum(:node_memory_MemFreeCachedBuffers_bytes:sum) / sum(:node_memory_MemTotal_bytes:sum)", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "Memory Utilisation", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 5, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(kube_pod_container_resource_requests_memory_bytes) / sum(:node_memory_MemTotal_bytes:sum)", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "Memory Requests Commitment", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "format": "percentunit", + "id": 6, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 2, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum(kube_pod_container_resource_limits_memory_bytes) / sum(:node_memory_MemTotal_bytes:sum)", + "format": "time_series", + "instant": true, + "intervalFactor": 2, + "refId": "A" + } + ], + "thresholds": "70,80", + "timeFrom": null, + "timeShift": null, + "title": "Memory Limits Commitment", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "singlestat", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Headlines", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 7, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate) by (namespace)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{namespace}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 8, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "CPU Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "CPU Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Namespace", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "Drill down", + "linkUrl": "/d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-namespace=$__cell", + "pattern": "namespace", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_cpu_cores) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate) by (namespace) / sum(kube_pod_container_resource_requests_cpu_cores) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_cpu_cores) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate) by (namespace) / sum(kube_pod_container_resource_limits_cpu_cores) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Quota", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU Quota", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 9, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(container_memory_rss{container_name!=\"\"}) by (namespace)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{namespace}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Usage (w/o cache)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "decbytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 10, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "Memory Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Memory Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Namespace", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "Drill down", + "linkUrl": "/d/85a562078cdf77779eaa1add43ccec1e/k8s-resources-namespace?var-datasource=$datasource&var-namespace=$__cell", + "pattern": "namespace", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(container_memory_rss{container_name!=\"\"}) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_memory_bytes) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(container_memory_rss{container_name!=\"\"}) by (namespace) / sum(kube_pod_container_resource_requests_memory_bytes) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_memory_bytes) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(container_memory_rss{container_name!=\"\"}) by (namespace) / sum(kube_pod_container_resource_limits_memory_bytes) by (namespace)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Requests by Namespace", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory Requests", + "titleSize": "h6" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Compute Resources / Cluster", + "uid": "efa86fd1d0c121a26444b636a3f509a8", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-namespace.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-namespace.yaml new file mode 100644 index 00000000..fae35be8 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-namespace.yaml @@ -0,0 +1,849 @@ +# Generated from 'k8s-resources-namespace' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-resources-namespace" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-resources-namespace.json: |- + { + "annotations": { + "list": [ + + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "links": [ + + ], + "refresh": "10s", + "rows": [ + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\"}) by (pod_name)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{pod_name}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU Usage", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "CPU Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "CPU Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Pod", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "Drill down", + "linkUrl": "/d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=$__cell", + "pattern": "pod", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Quota", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU Quota", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(container_memory_usage_bytes{namespace=\"$namespace\", container_name!=\"\"}) by (pod_name)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{pod_name}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "decbytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory Usage", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "Memory Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Memory Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Pod", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": true, + "linkTooltip": "Drill down", + "linkUrl": "/d/6581e46e4e5c7ba40a07646395ef7b23/k8s-resources-pod?var-datasource=$datasource&var-namespace=$namespace&var-pod=$__cell", + "pattern": "pod", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\",container_name!=\"\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\",container_name!=\"\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\",container_name!=\"\"}, \"pod\", \"$1\", \"pod_name\", \"(.*)\")) by (pod) / sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\"}) by (pod)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Quota", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory Quota", + "titleSize": "h6" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + "text": "prod", + "value": "prod" + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "namespace", + "multi": false, + "name": "namespace", + "options": [ + + ], + "query": "label_values(kube_pod_info, namespace)", + "refresh": 1, + "regex": "", + "sort": 2, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Compute Resources / Namespace", + "uid": "85a562078cdf77779eaa1add43ccec1e", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-pod.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-pod.yaml new file mode 100644 index 00000000..1678a051 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/k8s-resources-pod.yaml @@ -0,0 +1,876 @@ +# Generated from 'k8s-resources-pod' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "k8s-resources-pod" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + k8s-resources-pod.json: |- + { + "annotations": { + "list": [ + + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "links": [ + + ], + "refresh": "10s", + "rows": [ + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 1, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\"}) by (container_name)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{container_name}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU Usage", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 2, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "CPU Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "CPU Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "CPU Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Container", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "container", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_requests_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(label_replace(namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_limits_cpu_cores{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Quota", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "CPU Quota", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 10, + "id": 3, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 0, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": true, + "steppedLine": false, + "targets": [ + { + "expr": "sum(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\", container_name!=\"\"}) by (container_name)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{container_name}}`}}", + "legendLink": null, + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory Usage", + "titleSize": "h6" + }, + { + "collapse": false, + "height": "250px", + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "id": 4, + "legend": { + "avg": false, + "current": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null as zero", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "styles": [ + { + "alias": "Time", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "hidden" + }, + { + "alias": "Memory Usage", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #A", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #B", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Requests %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #C", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Memory Limits", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #D", + "thresholds": [ + + ], + "type": "number", + "unit": "decbytes" + }, + { + "alias": "Memory Limits %", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "Value #E", + "thresholds": [ + + ], + "type": "number", + "unit": "percentunit" + }, + { + "alias": "Container", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "link": false, + "linkTooltip": "Drill down", + "linkUrl": "", + "pattern": "container", + "thresholds": [ + + ], + "type": "number", + "unit": "short" + }, + { + "alias": "", + "colorMode": null, + "colors": [ + + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "pattern": "/.*/", + "thresholds": [ + + ], + "type": "string", + "unit": "short" + } + ], + "targets": [ + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"POD\", container_name!=\"\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "A", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "B", + "step": 10 + }, + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_requests_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "C", + "step": 10 + }, + { + "expr": "sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "D", + "step": 10 + }, + { + "expr": "sum(label_replace(container_memory_usage_bytes{namespace=\"$namespace\", pod_name=\"$pod\", container_name!=\"\"}, \"container\", \"$1\", \"container_name\", \"(.*)\")) by (container) / sum(kube_pod_container_resource_limits_memory_bytes{namespace=\"$namespace\", pod=\"$pod\"}) by (container)", + "format": "table", + "instant": true, + "intervalFactor": 2, + "legendFormat": "", + "refId": "E", + "step": 10 + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Quota", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "transform": "table", + "type": "table", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": true, + "title": "Memory Quota", + "titleSize": "h6" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + "text": "prod", + "value": "prod" + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "namespace", + "multi": false, + "name": "namespace", + "options": [ + + ], + "query": "label_values(kube_pod_info, namespace)", + "refresh": 1, + "regex": "", + "sort": 2, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "text": "prod", + "value": "prod" + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "pod", + "multi": false, + "name": "pod", + "options": [ + + ], + "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)", + "refresh": 1, + "regex": "", + "sort": 2, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Compute Resources / Pod", + "uid": "6581e46e4e5c7ba40a07646395ef7b23", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/nodes.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/nodes.yaml new file mode 100644 index 00000000..ebc112c0 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/nodes.yaml @@ -0,0 +1,1328 @@ +# Generated from 'nodes' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "nodes" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + nodes.json: |- + { + "__inputs": [ + + ], + "__requires": [ + + ], + "annotations": { + "list": [ + + ] + }, + "editable": false, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "id": null, + "links": [ + + ], + "refresh": "", + "rows": [ + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 2, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(node_load1{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "load 1m", + "refId": "A" + }, + { + "expr": "max(node_load5{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "load 5m", + "refId": "B" + }, + { + "expr": "max(node_load15{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "load 15m", + "refId": "C" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "System load", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 3, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum by (cpu) (irate(node_cpu_seconds_total{job=\"node-exporter\", mode!=\"idle\", instance=\"$instance\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{cpu}}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Usage Per Core", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 4, + "legend": { + "alignAsTable": "true", + "avg": "true", + "current": "true", + "max": "false", + "min": "false", + "rightSide": "true", + "show": "true", + "total": "false", + "values": "true" + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 9, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max (sum by (cpu) (irate(node_cpu_seconds_total{job=\"node-exporter\", mode!=\"idle\", instance=\"$instance\"}[2m])) ) * 100\n", + "format": "time_series", + "intervalFactor": 10, + "legendFormat": "{{`{{ cpu }}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Utilizaion", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + }, + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + } + ] + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "$datasource", + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 5, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "avg(sum by (cpu) (irate(node_cpu_seconds_total{job=\"node-exporter\", mode!=\"idle\", instance=\"$instance\"}[2m]))) * 100\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "80, 90", + "title": "CPU Usage", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 6, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 9, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(\n node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}\n)\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "memory used", + "refId": "A" + }, + { + "expr": "max(node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "memory buffers", + "refId": "B" + }, + { + "expr": "max(node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "memory cached", + "refId": "C" + }, + { + "expr": "max(node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "memory free", + "refId": "D" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "$datasource", + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 7, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "max(\n (\n (\n node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_MemFree_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_Buffers_bytes{job=\"node-exporter\", instance=\"$instance\"}\n - node_memory_Cached_bytes{job=\"node-exporter\", instance=\"$instance\"}\n )\n / node_memory_MemTotal_bytes{job=\"node-exporter\", instance=\"$instance\"}\n ) * 100)\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "80, 90", + "title": "Memory Usage", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 8, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + { + "alias": "read", + "yaxis": 1 + }, + { + "alias": "io time", + "yaxis": 2 + } + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(rate(node_disk_read_bytes_total{job=\"node-exporter\", instance=\"$instance\"}[2m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "read", + "refId": "A" + }, + { + "expr": "max(rate(node_disk_written_bytes_total{job=\"node-exporter\", instance=\"$instance\"}[2m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "written", + "refId": "B" + }, + { + "expr": "max(rate(node_disk_io_time_seconds_total{job=\"node-exporter\", instance=\"$instance\"}[2m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "io time", + "refId": "C" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk I/O", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "ms", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 9, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "node:node_filesystem_usage:\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{device}}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Disk Space Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "percentunit", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 10, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(rate(node_network_receive_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!\u007e\"lo\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{device}}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Network Received", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 11, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 6, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(rate(node_network_transmit_bytes_total{job=\"node-exporter\", instance=\"$instance\", device!\u007e\"lo\"}[5m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{device}}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Network Transmitted", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 12, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 9, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(\n node_filesystem_files{job=\"node-exporter\", instance=\"$instance\"}\n - node_filesystem_files_free{job=\"node-exporter\", instance=\"$instance\"}\n)\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "inodes used", + "refId": "A" + }, + { + "expr": "max(node_filesystem_files_free{job=\"node-exporter\", instance=\"$instance\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "inodes free", + "refId": "B" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Inodes Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "rgba(50, 172, 45, 0.97)", + "rgba(237, 129, 40, 0.89)", + "rgba(245, 54, 54, 0.9)" + ], + "datasource": "$datasource", + "format": "percent", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": true, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 13, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "max(\n (\n (\n node_filesystem_files{job=\"node-exporter\", instance=\"$instance\"}\n - node_filesystem_files_free{job=\"node-exporter\", instance=\"$instance\"}\n )\n / node_filesystem_files{job=\"node-exporter\", instance=\"$instance\"}\n ) * 100)\n", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "80, 90", + "title": "Inodes Usage", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "instance", + "options": [ + + ], + "query": "label_values(node_boot_time_seconds{job=\"node-exporter\"}, instance)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Nodes", + "uid": "fa49a4706d07a042595b664c87fb33ea", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/persistentvolumesusage.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/persistentvolumesusage.yaml new file mode 100644 index 00000000..fe32a013 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/persistentvolumesusage.yaml @@ -0,0 +1,359 @@ +# Generated from 'persistentvolumesusage' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "persistentvolumesusage" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + persistentvolumesusage.json: |- + { + "__inputs": [ + + ], + "__requires": [ + + ], + "annotations": { + "list": [ + + ] + }, + "editable": false, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "id": null, + "links": [ + + ], + "refresh": "", + "rows": [ + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 2, + "legend": { + "alignAsTable": false, + "avg": true, + "current": true, + "max": true, + "min": true, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "(kubelet_volume_stats_capacity_bytes{job=\"kubelet\", persistentvolumeclaim=\"$volume\"} - kubelet_volume_stats_available_bytes{job=\"kubelet\", persistentvolumeclaim=\"$volume\"}) / kubelet_volume_stats_capacity_bytes{job=\"kubelet\", persistentvolumeclaim=\"$volume\"} * 100\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "{{`{{ Usage }}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Volume Space Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + }, + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 3, + "legend": { + "alignAsTable": false, + "avg": true, + "current": true, + "max": true, + "min": true, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "span": 12, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "kubelet_volume_stats_inodes_used{job=\"kubelet\", persistentvolumeclaim=\"$volume\"} / kubelet_volume_stats_inodes{job=\"kubelet\", persistentvolumeclaim=\"$volume\"} * 100\n", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "{{`{{ Usage }}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Volume inodes Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + }, + { + "format": "percent", + "label": null, + "logBase": 1, + "max": 100, + "min": 0, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "Namespace", + "multi": false, + "name": "namespace", + "options": [ + + ], + "query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"kubelet\"}, exported_namespace)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "PersistentVolumeClaim", + "multi": false, + "name": "volume", + "options": [ + + ], + "query": "label_values(kubelet_volume_stats_capacity_bytes{job=\"kubelet\", exported_namespace=\"$namespace\"}, persistentvolumeclaim)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-7d", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Persistent Volumes", + "uid": "919b92a8e8041bd567af9edab12c840c", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/pods.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/pods.yaml new file mode 100644 index 00000000..f2bc6c40 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/pods.yaml @@ -0,0 +1,500 @@ +# Generated from 'pods' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "pods" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + pods.json: |- + { + "__inputs": [ + + ], + "__requires": [ + + ], + "annotations": { + "list": [ + + ] + }, + "editable": false, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "id": null, + "links": [ + + ], + "refresh": "", + "rows": [ + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 2, + "legend": { + "alignAsTable": true, + "avg": true, + "current": true, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum by(container_name) (container_memory_usage_bytes{job=\"kubelet\", namespace=\"$namespace\", pod_name=\"$pod\", container_name=\u007e\"$container\", container_name!=\"POD\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Current: {{`{{ container_name }}`}}", + "refId": "A" + }, + { + "expr": "sum by(container) (kube_pod_container_resource_requests_memory_bytes{job=\"kube-state-metrics\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Requested: {{`{{ container }}`}}", + "refId": "B" + }, + { + "expr": "sum by(container) (kube_pod_container_resource_limits_memory_bytes{job=\"kube-state-metrics\", namespace=\"$namespace\", pod=\"$pod\", container=\u007e\"$container\"})", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "Limit: {{`{{ container }}`}}", + "refId": "C" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Memory Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 3, + "legend": { + "alignAsTable": true, + "avg": true, + "current": true, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sum by (container_name) (rate(container_cpu_usage_seconds_total{job=\"kubelet\", namespace=\"$namespace\", image!=\"\",container_name!=\"POD\",pod_name=\"$pod\"}[1m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{ container_name }}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "CPU Usage", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 4, + "legend": { + "alignAsTable": true, + "avg": true, + "current": true, + "max": false, + "min": false, + "rightSide": true, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "sort_desc(sum by (pod_name) (rate(container_network_receive_bytes_total{job=\"kubelet\", namespace=\"$namespace\", pod_name=\"$pod\"}[1m])))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "{{`{{ pod_name }}`}}", + "refId": "A" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Network I/O", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + }, + { + "format": "bytes", + "label": null, + "logBase": 1, + "max": null, + "min": 0, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "Namespace", + "multi": false, + "name": "namespace", + "options": [ + + ], + "query": "label_values(kube_pod_info, namespace)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "Pod", + "multi": false, + "name": "pod", + "options": [ + + ], + "query": "label_values(kube_pod_info{namespace=\u007e\"$namespace\"}, pod)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": true, + "label": "Container", + "multi": false, + "name": "container", + "options": [ + + ], + "query": "label_values(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\"}, container)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / Pods", + "uid": "ab4f13a9892a76a4d21ce8c2445bf4ea", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/statefulset.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/statefulset.yaml new file mode 100644 index 00000000..6195833d --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/dashboards/statefulset.yaml @@ -0,0 +1,873 @@ +# Generated from 'statefulset' from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/grafana-dashboardDefinitions.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.grafana.enabled .Values.grafana.defaultDashboardsEnabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" $) "statefulset" | trunc 63 | trimSuffix "-" }} + labels: + {{- if $.Values.grafana.sidecar.dashboards.label }} + {{ $.Values.grafana.sidecar.dashboards.label }}: "1" + {{- end }} + app: {{ template "prometheus-operator.name" $ }}-grafana +{{ include "prometheus-operator.labels" $ | indent 4 }} +data: + statefulset.json: |- + { + "__inputs": [ + + ], + "__requires": [ + + ], + "annotations": { + "list": [ + + ] + }, + "editable": false, + "gnetId": null, + "graphTooltip": 0, + "hideControls": false, + "id": null, + "links": [ + + ], + "refresh": "", + "rows": [ + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 2, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "cores", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 4, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "lineColor": "rgb(31, 120, 193)", + "show": true + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(rate(container_cpu_usage_seconds_total{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}[3m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "CPU", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 3, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "GB", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 4, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "lineColor": "rgb(31, 120, 193)", + "show": true + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(container_memory_usage_bytes{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}) / 1024^3", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Memory", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 4, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "Bps", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 4, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "lineColor": "rgb(31, 120, 193)", + "show": true + }, + "tableColumn": "", + "targets": [ + { + "expr": "sum(rate(container_network_transmit_bytes_total{job=\"kubelet\", namespace=\"$namespace\", pod_name=\u007e\"$statefulset.*\"}[3m])) + sum(rate(container_network_receive_bytes_total{namespace=\"$namespace\",pod_name=\u007e\"$statefulset.*\"}[3m]))", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Network", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "height": "100px", + "panels": [ + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 5, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "max(kube_statefulset_replicas{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Desired Replicas", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 6, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "min(kube_statefulset_status_replicas_current{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Replicas of current version", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 7, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "max(kube_statefulset_status_observed_generation{job=\"kube-state-metrics\", namespace=\"$namespace\", statefulset=\"$statefulset\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Observed Generation", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#d44a3a" + ], + "datasource": "$datasource", + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + + }, + "id": 8, + "interval": null, + "links": [ + + ], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "span": 3, + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false + }, + "tableColumn": "", + "targets": [ + { + "expr": "max(kube_statefulset_metadata_generation{job=\"kube-state-metrics\", statefulset=\"$statefulset\", namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + } + ], + "thresholds": "", + "title": "Metadata Generation", + "type": "singlestat", + "valueFontSize": "80%", + "valueMaps": [ + { + "op": "=", + "text": "0", + "value": "null" + } + ], + "valueName": "current" + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + }, + { + "collapse": false, + "collapsed": false, + "panels": [ + { + "aliasColors": { + + }, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "fill": 1, + "gridPos": { + + }, + "id": 9, + "legend": { + "alignAsTable": false, + "avg": false, + "current": false, + "max": false, + "min": false, + "rightSide": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [ + + ], + "nullPointMode": "null", + "percentage": false, + "pointradius": 5, + "points": false, + "renderer": "flot", + "repeat": null, + "seriesOverrides": [ + + ], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "expr": "max(kube_statefulset_replicas{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "replicas specified", + "refId": "A" + }, + { + "expr": "max(kube_statefulset_status_replicas{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "replicas created", + "refId": "B" + }, + { + "expr": "min(kube_statefulset_status_replicas_ready{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "ready", + "refId": "C" + }, + { + "expr": "min(kube_statefulset_status_replicas_current{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "replicas of current version", + "refId": "D" + }, + { + "expr": "min(kube_statefulset_status_replicas_updated{job=\"kube-state-metrics\", statefulset=\"$statefulset\",namespace=\"$namespace\"}) without (instance, pod)", + "format": "time_series", + "intervalFactor": 2, + "legendFormat": "updated", + "refId": "E" + } + ], + "thresholds": [ + + ], + "timeFrom": null, + "timeShift": null, + "title": "Replicas", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [ + + ] + }, + "yaxes": [ + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": true + } + ] + } + ], + "repeat": null, + "repeatIteration": null, + "repeatRowId": null, + "showTitle": false, + "title": "Dashboard Row", + "titleSize": "h6", + "type": "row" + } + ], + "schemaVersion": 14, + "style": "dark", + "tags": [ + "kubernetes-mixin" + ], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "Prometheus" + }, + "hide": 0, + "label": null, + "name": "datasource", + "options": [ + + ], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "Namespace", + "multi": false, + "name": "namespace", + "options": [ + + ], + "query": "label_values(kube_statefulset_metadata_generation{job=\"kube-state-metrics\"}, namespace)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + + }, + "datasource": "$datasource", + "hide": 0, + "includeAll": false, + "label": "Name", + "multi": false, + "name": "statefulset", + "options": [ + + ], + "query": "label_values(kube_statefulset_metadata_generation{job=\"kube-state-metrics\", namespace=\"$namespace\"}, statefulset)", + "refresh": 2, + "regex": "", + "sort": 0, + "tagValuesQuery": "", + "tags": [ + + ], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "", + "title": "Kubernetes / StatefulSets", + "uid": "a31c1f46e6f727cb37c0d731a7245005", + "version": 0 + } +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/servicemonitor.yaml new file mode 100644 index 00000000..954a842c --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/grafana/servicemonitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.grafana.enabled .Values.grafana.serviceMonitor.selfMonitor }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-grafana + labels: + app: {{ template "prometheus-operator.name" . }}-grafana +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: grafana + release: {{ .Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + endpoints: + - port: service + interval: 30s + path: "{{ trimSuffix "/" .Values.grafana.ingress.path }}/metrics" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/cleanup-crds.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/cleanup-crds.yaml new file mode 100644 index 00000000..297e8391 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/cleanup-crds.yaml @@ -0,0 +1,43 @@ +{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.cleanupCustomResource }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator-cleanup + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-weight": "3" + "helm.sh/hook-delete-policy": hook-succeeded + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + template: + metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator-cleanup + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 8 }} + spec: + {{- if .Values.global.rbac.create }} + serviceAccountName: {{ template "prometheus-operator.operator.serviceAccountName" . }} + {{- end }} + containers: + - name: kubectl + image: "{{ .Values.prometheusOperator.hyperkubeImage.repository }}:{{ .Values.prometheusOperator.hyperkubeImage.tag }}" + imagePullPolicy: "{{ .Values.prometheusOperator.hyperkubeImage.pullPolicy }}" + command: + - /bin/sh + - -c + - > + kubectl delete alertmanager --all; + kubectl delete prometheus --all; + kubectl delete prometheusrule --all; + kubectl delete servicemonitor --all; + sleep 10; + kubectl delete crd alertmanagers.monitoring.coreos.com; + kubectl delete crd prometheuses.monitoring.coreos.com; + kubectl delete crd prometheusrules.monitoring.coreos.com; + kubectl delete crd servicemonitors.monitoring.coreos.com; + restartPolicy: OnFailure +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrole.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrole.yaml new file mode 100644 index 00000000..594a2019 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrole.yaml @@ -0,0 +1,71 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - {{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + resources: + - alertmanagers + - prometheuses + - prometheuses/finalizers + - alertmanagers/finalizers + - servicemonitors + - prometheusrules + verbs: + - '*' +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete +- apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrolebinding.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrolebinding.yaml new file mode 100644 index 00000000..13f0ca07 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-operator +subjects: +- kind: ServiceAccount + name: {{ template "prometheus-operator.operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-alertmanager.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-alertmanager.yaml new file mode 100644 index 00000000..1834d02f --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-alertmanager.yaml @@ -0,0 +1,2477 @@ +{{- if and .Release.IsInstall .Values.prometheusOperator.enabled .Values.prometheusOperator.createCustomResource -}} +# Source https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/manifests/0prometheus-operator-0alertmanagerCustomResourceDefinition.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: {{ printf "alertmanagers.%s" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: {{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + names: + kind: Alertmanager + plural: alertmanagers + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + spec: + description: 'AlertmanagerSpec is a specification of the desired behavior + of the Alertmanager cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional Alertmanagers + to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Alertmanager object, which shall be mounted into the Alertmanager + Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/. + items: + type: string + type: array + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a consistent list may + not be possible if the server configuration has changed + or more than a few minutes have passed. The resourceVersion + field returned when using this continue value will + be identical to the value in the first response, unless + you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + priorityClassName: + description: Priority class assigned to the Pods + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Alertmanager shall retain data for. Default + is '120h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + type: string + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + sha: + description: SHA of Alertmanager container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. If neither `emptyDir` nor `volumeClaimTemplate` + is specified, then by default an [EmptyDir](https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) + will be used. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + (DEPRECATED - instead use `volumeClaimTemplate.spec.storageClassName`)' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a consistent + list may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response, unless + you have received this token from an error + message. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: TypedLocalObjectReference contains enough information + to let you locate the typed referenced object inside the + same namespace. + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. Version is ignored if Tag is set. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version the cluster should be on. + type: string + status: + description: 'AlertmanagerStatus is the most recent observed status of the + Alertmanager cluster. Read-only. Not included when requesting from the + apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheus.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheus.yaml new file mode 100644 index 00000000..0debca78 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheus.yaml @@ -0,0 +1,3178 @@ +{{- if and .Release.IsInstall .Values.prometheusOperator.enabled .Values.prometheusOperator.createCustomResource -}} +# Source https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/manifests/0prometheus-operator-0prometheusCustomResourceDefinition.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: {{ printf "prometheuses.%s" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + group: {{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + names: + kind: Prometheus + plural: prometheuses + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + spec: + description: 'PrometheusSpec is a specification of the desired behavior + of the Prometheus cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalAlertRelabelConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + additionalScrapeConfigs: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must be defined + type: boolean + required: + - key + affinity: + description: Affinity is a group of affinity scheduling rules. + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - preference + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: A node selector represents the union of the results + of one or more label queries over a set of nodes; that is, + it represents the OR of the selectors represented by the node + selector terms. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + type: array + required: + - nodeSelectorTerms + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling + rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity + scheduling rules. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located is + defined as running on a node whose value of the label + with key matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label selector is a label query over + a set of resources. The result of matchLabels and + matchExpressions are ANDed. An empty label selector + matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - weight + - podAffinityTerm + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label selector is a label query over a + set of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: array + alerting: + description: AlertingSpec defines parameters for alerting configuration + of Prometheus servers. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - namespace + - name + - port + type: array + required: + - alertmanagers + apiserverConfig: + description: 'APIServerConfig defines a host and auth methods to access + apiserver. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config' + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over basic + authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: Host of apiserver. A valid string consisting of a hostname + or IP followed by an optional port number + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + required: + - host + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Prometheus object, which shall be mounted into the Prometheus + Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/. + items: + type: string + type: array + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to a Prometheus pod. + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: EnvVarSource represents a source for the value + of an EnvVar. + properties: + configMapKeyRef: + description: Selects a key from a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or it's + key must be defined + type: boolean + required: + - key + fieldRef: + description: ObjectFieldSelector selects an APIVersioned + field of an object. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + resourceFieldRef: + description: ResourceFieldSelector represents container + resources (cpu, memory) and their output format + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: {} + resource: + description: 'Required: resource to select' + type: string + required: + - resource + secretKeyRef: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's + key must be defined + type: boolean + required: + - key + required: + - name + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: |- + ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. + + The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: |- + SecretEnvSource selects a Secret to populate the environment variables with. + + The contents of the target Secret's Data field will represent the key-value pairs as environment variables. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Lifecycle describes actions that the management system + should take in response to container lifecycle events. For the + PostStart and PreStop lifecycle handlers, management of the + container blocks until the action is complete, unless the container + process fails, in which case the handler is aborted. + properties: + postStart: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + preStop: + description: Handler defines a specific action that should + be taken + properties: + exec: + description: ExecAction describes a "run in container" + action. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + httpGet: + description: HTTPGetAction describes an action based on + HTTP Get requests. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + tcpSocket: + description: TCPSocketAction describes an action based + on opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + livenessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: array + readinessProbe: + description: Probe describes a health check to be performed against + a container to determine whether it is alive or ready to receive + traffic. + properties: + exec: + description: ExecAction describes a "run in container" action. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGetAction describes an action based on HTTP + Get requests. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: string + - type: integer + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocketAction describes an action based on + opening a socket + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: string + - type: integer + required: + - port + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + securityContext: + description: SecurityContext holds security configuration that + will be applied to a container. Some fields are present in both + SecurityContext and PodSecurityContext. When both are set, + the values in SecurityContext take precedence. + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: Adds and removes POSIX capabilities from running + containers. + properties: + add: + description: Added capabilities + items: + type: string + type: array + drop: + description: Removed capabilities + items: + type: string + type: array + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to + the container + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is an alpha feature and may change + in the future. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - name + - devicePath + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + required: + - name + - mountPath + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: array + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: ObjectMeta is metadata that all persisted resources must + have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. + This is used to distinguish resources with same name and namespace + in different clusters. This field is not set anywhere right now + and apiserver is going to ignore it if set in create or update + request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set + when deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of + the factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the + registry. Each entry is an identifier for the responsible component + that will remove the entry from the list. If the deletionTimestamp + of the object is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the + initializers struct will be set to nil and the object is considered + as initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible for + initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of + this representation of an object. Servers should convert + recognized schemas to the latest internal value, and may + reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, + 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object + defines what attributes will be set. Clients must ignore + fields that do not match the defined type of each attribute, + and should assume that any attribute may be empty, invalid, + or under defined. + properties: + causes: + description: The Causes array includes more details + associated with the StatusReason failure. Not all + StatusReasons may provide detailed causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases when + multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the + cause of the error. This field may be presented + as-is to a reader. + type: string + reason: + description: A machine-readable description of + the cause of the error. If this value is empty + there is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may + differ from the requested resource Kind. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single + name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before + the operation should be retried. Some errors may indicate + the client must take an alternate action - for those + errors this field may indicate how long to wait before + taking the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a + single resource which can be described). More info: + http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status + of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various status + objects. A resource may have only one of {ObjectMeta, + ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that + the server has more data available. The value is opaque + and may be used to issue another request to the endpoint + that served this list to retrieve the next set of + available objects. Continuing a consistent list may + not be possible if the server configuration has changed + or more than a few minutes have passed. The resourceVersion + field returned when using this continue value will + be identical to the value in the first response, unless + you have received this token from an error message. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients + to determine when objects have changed. Value must + be treated as opaque by clients and passed unmodified + back to the server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this + operation is in the "Failure" status. If this value is + empty there is no information available. A Reason clarifies + an HTTP status code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a client + to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this + list will point to this controller, with the controller field + set to true. There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let + you identify an owning object. Currently, an owning object must + be in the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. + To set this field, a user needs "delete" permission of the + owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated + by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + priorityClassName: + description: Priority class assigned to the Pods + type: string + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows the tuning of remote_write queue_config + parameters. This object is referenced in the RemoteWriteSpec + object. + properties: + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. + type: string + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. + format: int32 + type: integer + maxBackoff: + description: MaxBackoff is the maximum retry delay. + type: string + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + format: int32 + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + format: int32 + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + format: int32 + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. + type: string + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + required: + - url + type: array + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: ResourceRequirements describes the compute resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + retention: + description: Time duration Prometheus shall retain data for. Default + is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + ruleSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + items: + type: string + type: array + securityContext: + description: PodSecurityContext holds pod-level security attributes + and common container settings. Some fields are also present in container.securityContext. Field + values of container.securityContext take precedence over field values + of PodSecurityContext. + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: + + 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: SELinuxOptions are the labels to be applied to the + container + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: array + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + serviceMonitorSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + sha: + description: SHA of Prometheus container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. + type: string + storage: + description: StorageSpec defines the configured storage for a group + Prometheus servers. If neither `emptyDir` nor `volumeClaimTemplate` + is specified, then by default an [EmptyDir](https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) + will be used. + properties: + class: + description: 'Name of the StorageClass to use when requesting storage + provisioning. More info: https://kubernetes.io/docs/user-guide/persistent-volumes/#storageclasses + (DEPRECATED - instead use `volumeClaimTemplate.spec.storageClassName`)' + type: string + emptyDir: + description: Represents an empty directory for a pod. Empty directory + volumes support ownership management and SELinux relabeling. + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: {} + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the + key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + volumeClaimTemplate: + description: PersistentVolumeClaim is a user's request for and claim + to a persistent volume + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying objects. + More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs + to. This is used to distinguish resources with same name + and namespace in different clusters. This field is not + set anywhere right now and apiserver is going to ignore + it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to + gracefully terminate before it will be removed from the + system. Only set when deletionTimestamp is also set. May + only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports + correct marshaling to YAML and JSON. Wrappers are provided + for many of the factory methods that the time package + offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted + from the registry. Each entry is an identifier for the + responsible component that will remove the entry from + the list. If the deletionTimestamp of the object is non-nil, + entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation + of the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that + must execute in order before this object is visible. + When the last pending initializer is removed, and + no failing result is set, the initializers struct + will be set to nil and the object is considered as + initialized and visible to all clients. + items: + description: Initializer is information about an initializer + that has not yet completed. + properties: + name: + description: name of the process that is responsible + for initializing this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that + don't return other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal + value, and may reject unrecognized values. More + info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this + status, 0 if not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional + properties that MAY be set by the server to provide + additional information about a response. The Reason + field of a Status object defines what attributes + will be set. Clients must ignore fields that do + not match the defined type of each attribute, + and should assume that any attribute may be empty, + invalid, or under defined. + properties: + causes: + description: The Causes array includes more + details associated with the StatusReason failure. + Not all StatusReasons may provide detailed + causes. + items: + description: StatusCause provides more information + about an api.Status failure, including cases + when multiple errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description + of the cause of the error. This field + may be presented as-is to a reader. + type: string + reason: + description: A machine-readable description + of the cause of the error. If this value + is empty there is no information available. + type: string + type: array + group: + description: The group attribute of the resource + associated with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource + associated with the status StatusReason. On + some operations may differ from the requested + resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource + associated with the status StatusReason (when + there is a single name which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds + before the operation should be retried. Some + errors may indicate the client must take an + alternate action - for those errors this field + may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there + is a single resource which can be described). + More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing + the REST resource this object represents. Servers + may infer this from the endpoint the client submits + requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the + status of this operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic + resources must have, including lists and various + status objects. A resource may have only one of + {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user + set a limit on the number of items returned, + and indicates that the server has more data + available. The value is opaque and may be + used to issue another request to the endpoint + that served this list to retrieve the next + set of available objects. Continuing a consistent + list may not be possible if the server configuration + has changed or more than a few minutes have + passed. The resourceVersion field returned + when using this continue value will be identical + to the value in the first response, unless + you have received this token from an error + message. + type: string + resourceVersion: + description: 'String that identifies the server''s + internal version of this object that can be + used by clients to determine when objects + have changed. Value must be treated as opaque + by clients and passed unmodified back to the + server. Populated by the system. Read-only. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing + this object. Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why + this operation is in the "Failure" status. If + this value is empty there is no information available. + A Reason clarifies an HTTP status code but does + not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" + or "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is + required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If + ALL objects in the list have been deleted, this object + will be garbage collected. If this object is managed by + a controller, then an entry in this list will point to + this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information + to let you identify an owning object. Currently, an + owning object must be in the same namespace, so there + is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from + the key-value store until this reference is removed. + Defaults to false. To set this field, a user needs + "delete" permission of the owner, otherwise 422 + (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the + managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PersistentVolumeClaimSpec describes the common + attributes of storage devices and allows a Source for provider-specific + attributes + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: TypedLocalObjectReference contains enough information + to let you locate the typed referenced object inside the + same namespace. + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + limits: + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + selector: + description: A label selector is a label query over a set + of resources. The result of matchLabels and matchExpressions + are ANDed. An empty label selector matches all objects. + A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is an alpha feature and may + change in the future. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + status: + description: PersistentVolumeClaimStatus is the current status + of a persistent volume claim. + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + lastTransitionTime: + description: Time is a wrapper around time.Time which + supports correct marshaling to YAML and JSON. Wrappers + are provided for many of the factory methods that + the time package offers. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. Version is ignored if Tag is set. + type: string + thanos: + description: ThanosSpec defines parameters for a Prometheus server within + a Thanos deployment. + properties: + baseImage: + description: Thanos base image if other than default. + type: string + gcs: + description: ThanosGCSSpec defines parameters for use of Google + Cloud Storage (GCS) with Thanos. + properties: + bucket: + description: Google Cloud Storage bucket name for stored blocks. + If empty it won't store any block inside Google Cloud Storage. + type: string + credentials: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + peers: + description: Peers is a DNS name for Thanos to discover peers through. + type: string + resources: + description: ResourceRequirements describes the compute resource + requirements. + properties: + limits: + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + s3: + description: ThanosS3Spec defines parameters for of AWS Simple Storage + Service (S3) with Thanos. (S3 compatible services apply as well) + properties: + accessKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bucket: + description: S3-Compatible API bucket name for stored blocks. + type: string + encryptsse: + description: Whether to use Server Side Encryption + type: boolean + endpoint: + description: S3-Compatible API endpoint for stored blocks. + type: string + insecure: + description: Whether to use an insecure connection with an S3-Compatible + API. + type: boolean + secretKey: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + signatureVersion2: + description: Whether to use S3 Signature Version 2; otherwise + Signature Version 4 will be used. + type: boolean + sha: + description: SHA of Thanos container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. + type: string + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. Version is ignored if Tag + is set. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: array + version: + description: Version of Prometheus to be deployed. + type: string + status: + description: 'PrometheusStatus is the most recent observed status of the + Prometheus cluster. Read-only. Not included when requesting from the apiserver, + only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - paused + - replicas + - updatedReplicas + - availableReplicas + - unavailableReplicas + version: v1 +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheusrules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheusrules.yaml new file mode 100644 index 00000000..9839687e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-prometheusrules.yaml @@ -0,0 +1,360 @@ +{{- if and .Release.IsInstall .Values.prometheusOperator.enabled .Values.prometheusOperator.createCustomResource -}} +# Source https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/manifests/0prometheus-operator-0prometheusruleCustomResourceDefinition.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: {{ printf "prometheusrules.%s" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + additionalPrinterColumns: + - JSONPath: .metadata.creationTimestamp + description: |- + CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + + Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + name: Age + type: date + group: {{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + names: + kind: PrometheusRule + listKind: PrometheusRuleList + plural: prometheusrules + singular: prometheusrule + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + description: ObjectMeta is metadata that all persisted resources must have, + which includes all objects users must create. + properties: + annotations: + description: 'Annotations is an unstructured key value map stored with + a resource that may be set by external tools to store and retrieve + arbitrary metadata. They are not queryable and should be preserved + when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + clusterName: + description: The name of the cluster which the object belongs to. This + is used to distinguish resources with same name and namespace in different + clusters. This field is not set anywhere right now and apiserver is + going to ignore it if set in create or update request. + type: string + creationTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of the + factory methods that the time package offers. + format: date-time + type: string + deletionGracePeriodSeconds: + description: Number of seconds allowed for this object to gracefully + terminate before it will be removed from the system. Only set when + deletionTimestamp is also set. May only be shortened. Read-only. + format: int64 + type: integer + deletionTimestamp: + description: Time is a wrapper around time.Time which supports correct + marshaling to YAML and JSON. Wrappers are provided for many of the + factory methods that the time package offers. + format: date-time + type: string + finalizers: + description: Must be empty before the object is deleted from the registry. + Each entry is an identifier for the responsible component that will + remove the entry from the list. If the deletionTimestamp of the object + is non-nil, entries in this list can only be removed. + items: + type: string + type: array + generateName: + description: |- + GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. + + If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). + + Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency + type: string + generation: + description: A sequence number representing a specific generation of + the desired state. Populated by the system. Read-only. + format: int64 + type: integer + initializers: + description: Initializers tracks the progress of initialization. + properties: + pending: + description: Pending is a list of initializers that must execute + in order before this object is visible. When the last pending + initializer is removed, and no failing result is set, the initializers + struct will be set to nil and the object is considered as initialized + and visible to all clients. + items: + description: Initializer is information about an initializer that + has not yet completed. + properties: + name: + description: name of the process that is responsible for initializing + this object. + type: string + required: + - name + type: array + result: + description: Status is a return value for calls that don't return + other objects. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + code: + description: Suggested HTTP return code for this status, 0 if + not set. + format: int32 + type: integer + details: + description: StatusDetails is a set of additional properties + that MAY be set by the server to provide additional information + about a response. The Reason field of a Status object defines + what attributes will be set. Clients must ignore fields that + do not match the defined type of each attribute, and should + assume that any attribute may be empty, invalid, or under + defined. + properties: + causes: + description: The Causes array includes more details associated + with the StatusReason failure. Not all StatusReasons may + provide detailed causes. + items: + description: StatusCause provides more information about + an api.Status failure, including cases when multiple + errors are encountered. + properties: + field: + description: |- + The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. + + Examples: + "name" - the field "name" on the current resource + "items[0].name" - the field "name" on the first array entry in "items" + type: string + message: + description: A human-readable description of the cause + of the error. This field may be presented as-is + to a reader. + type: string + reason: + description: A machine-readable description of the + cause of the error. If this value is empty there + is no information available. + type: string + type: array + group: + description: The group attribute of the resource associated + with the status StatusReason. + type: string + kind: + description: 'The kind attribute of the resource associated + with the status StatusReason. On some operations may differ + from the requested resource Kind. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: The name attribute of the resource associated + with the status StatusReason (when there is a single name + which can be described). + type: string + retryAfterSeconds: + description: If specified, the time in seconds before the + operation should be retried. Some errors may indicate + the client must take an alternate action - for those errors + this field may indicate how long to wait before taking + the alternate action. + format: int32 + type: integer + uid: + description: 'UID of the resource. (when there is a single + resource which can be described). More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + message: + description: A human-readable description of the status of this + operation. + type: string + metadata: + description: ListMeta describes metadata that synthetic resources + must have, including lists and various status objects. A resource + may have only one of {ObjectMeta, ListMeta}. + properties: + continue: + description: continue may be set if the user set a limit + on the number of items returned, and indicates that the + server has more data available. The value is opaque and + may be used to issue another request to the endpoint that + served this list to retrieve the next set of available + objects. Continuing a list may not be possible if the + server configuration has changed or more than a few minutes + have passed. The resourceVersion field returned when using + this continue value will be identical to the value in + the first response. + type: string + resourceVersion: + description: 'String that identifies the server''s internal + version of this object that can be used by clients to + determine when objects have changed. Value must be treated + as opaque by clients and passed unmodified back to the + server. Populated by the system. Read-only. More info: + https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency' + type: string + selfLink: + description: selfLink is a URL representing this object. + Populated by the system. Read-only. + type: string + reason: + description: A machine-readable description of why this operation + is in the "Failure" status. If this value is empty there is + no information available. A Reason clarifies an HTTP status + code but does not override it. + type: string + status: + description: 'Status of the operation. One of: "Success" or + "Failure". More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status' + type: string + required: + - pending + labels: + description: 'Map of string keys and values that can be used to organize + and categorize (scope and select) objects. May match selectors of + replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required when + creating resources, although some resources may allow a client to + request the generation of an appropriate name automatically. Name + is primarily intended for creation idempotence and configuration definition. + Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + namespace: + description: |- + Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. + + Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces + type: string + ownerReferences: + description: List of objects depended by this object. If ALL objects + in the list have been deleted, this object will be garbage collected. + If this object is managed by a controller, then an entry in this list + will point to this controller, with the controller field set to true. + There cannot be more than one managing controller. + items: + description: OwnerReference contains enough information to let you + identify an owning object. Currently, an owning object must be in + the same namespace, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the key-value + store until this reference is removed. Defaults to false. To + set this field, a user needs "delete" permission of the owner, + otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + uid: + description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: array + resourceVersion: + description: |- + An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. + + Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency + type: string + selfLink: + description: SelfLink is a URL representing this object. Populated by + the system. Read-only. + type: string + uid: + description: |- + UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. + + Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids + type: string + spec: + description: PrometheusRuleSpec contains specification parameters for a + Rule. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + type: object + expr: + anyOf: + - type: string + - type: integer + for: + type: string + labels: + type: object + record: + type: string + required: + - expr + type: array + required: + - name + - rules + type: array + version: v1 +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-servicemonitor.yaml new file mode 100644 index 00000000..ac0a633b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/crd-servicemonitor.yaml @@ -0,0 +1,310 @@ +{{- if and .Release.IsInstall .Values.prometheusOperator.enabled .Values.prometheusOperator.createCustomResource -}} +# Source: https://github.com/coreos/prometheus-operator/blob/master/contrib/kube-prometheus/manifests/0prometheus-operator-0servicemonitorCustomResourceDefinition.yaml +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: {{ printf "servicemonitors.%s" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + additionalPrinterColumns: + - JSONPath: .metadata.creationTimestamp + description: |- + CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + + Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata + name: Age + type: date + group: {{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + names: + kind: ServiceMonitor + listKind: ServiceMonitorList + plural: servicemonitors + singular: servicemonitor + scope: Namespaced + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + spec: + description: ServiceMonitorSpec contains specification parameters for a + ServiceMonitor. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + username: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or it's key must + be defined + type: boolean + required: + - key + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + params: + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before ingestion. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#' + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: array + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + tlsConfig: + description: TLSConfig specifies TLS configuration parameters. + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: NamespaceSelector is a selector for selecting either all + namespaces or a list of namespaces. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: array + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + version: v1 +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/deployment.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/deployment.yaml new file mode 100644 index 00000000..809d6fa8 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/deployment.yaml @@ -0,0 +1,71 @@ +{{- if .Values.prometheusOperator.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + replicas: 1 + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-operator + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 8 }} +{{- if .Values.prometheusOperator.podLabels }} +{{ toYaml .Values.prometheusOperator.podLabels | indent 8 }} +{{- end }} + spec: + {{- if .Values.prometheusOperator.priorityClassName }} + priorityClassName: {{ .Values.prometheusOperator.priorityClassName }} + {{- end }} + containers: + - name: {{ template "prometheus-operator.name" . }} + image: "{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag }}" + imagePullPolicy: "{{ .Values.prometheusOperator.image.pullPolicy }}" + args: + {{- if .Values.prometheusOperator.kubeletService.enabled }} + - --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ template "prometheus-operator.fullname" . }}-kubelet + {{- end }} + {{- if .Values.prometheusOperator.logFormat }} + - --log-format={{ .Values.prometheusOperator.logFormat }} + {{- end }} + {{- if .Values.prometheusOperator.logLevel }} + - --log-level={{ .Values.prometheusOperator.logLevel }} + {{- end }} + - --logtostderr=true + - --crd-apigroup={{ .Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com" }} + - --localhost=127.0.0.1 + - --prometheus-config-reloader={{ .Values.prometheusOperator.prometheusConfigReloaderImage.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloaderImage.tag }} + - --config-reloader-image={{ .Values.prometheusOperator.configmapReloadImage.repository }}:{{ .Values.prometheusOperator.configmapReloadImage.tag }} + ports: + - containerPort: 8080 + name: http + resources: +{{ toYaml .Values.prometheusOperator.resources | indent 12 }} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true +{{- if .Values.prometheusOperator.securityContext }} + securityContext: +{{ toYaml .Values.prometheusOperator.securityContext | indent 8 }} +{{- end }} + serviceAccountName: {{ template "prometheus-operator.operator.serviceAccountName" . }} + {{- with .Values.prometheusOperator.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.prometheusOperator.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.prometheusOperator.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrole.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrole.yaml new file mode 100644 index 00000000..748ec293 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator-psp + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-operator.fullname" . }}-operator +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrolebinding.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrolebinding.yaml new file mode 100644 index 00000000..77a87a39 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator-psp + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-operator-psp +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp.yaml new file mode 100644 index 00000000..38491a21 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/psp.yaml @@ -0,0 +1,47 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/service.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/service.yaml new file mode 100644 index 00000000..60913e10 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/service.yaml @@ -0,0 +1,41 @@ +{{- if .Values.prometheusOperator.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheusOperator.service.annotations }} + annotations: +{{ toYaml .Values.prometheusOperator.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if .Values.prometheusOperator.service.clusterIP }} + clusterIP: {{ .Values.prometheusOperator.service.clusterIP }} +{{- end }} +{{- if .Values.prometheusOperator.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheusOperator.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheusOperator.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheusOperator.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheusOperator.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheusOperator.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: http + {{- if eq .Values.prometheusOperator.service.type "NodePort" }} + nodePort: {{ .Values.prometheusOperator.service.nodePort }} + {{- end }} + port: 8080 + targetPort: http + selector: + app: {{ template "prometheus-operator.name" . }}-operator + release: {{ .Release.Name | quote }} + type: "{{ .Values.prometheusOperator.service.type }}" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/serviceaccount.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/serviceaccount.yaml new file mode 100644 index 00000000..2cffa7de --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.prometheusOperator.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-operator.operator.serviceAccountName" . }} + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/servicemonitor.yaml new file mode 100644 index 00000000..9532c1f9 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus-operator/servicemonitor.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.serviceMonitor.selfMonitor }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-operator + labels: + app: {{ template "prometheus-operator.name" . }}-operator +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + endpoints: + - port: http + honorLabels: true + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-operator + release: {{ .Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml new file mode 100644 index 00000000..1c54f40b --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-relabel-confg + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus-am-relabel-confg +{{ include "prometheus-operator.labels" . | indent 4 }} +data: + additional-alert-relabel-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml new file mode 100644 index 00000000..4475e7bd --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-confg + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus-am-confg +{{ include "prometheus-operator.labels" . | indent 4 }} +data: + additional-alertmanager-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml new file mode 100644 index 00000000..0d85c9bd --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml @@ -0,0 +1,20 @@ +{{- if .Values.additionalPrometheusRules }} +apiVersion: v1 +kind: List +items: +{{- range .Values.additionalPrometheusRules }} + - apiVersion: {{ printf "%s/v1" ($.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + kind: PrometheusRule + metadata: + name: {{ template "prometheus-operator.name" $ }}-{{ .name }} + labels: + app: {{ template "prometheus-operator.name" $ }} +{{ include "prometheus-operator.labels" $ | indent 8 }} + {{- if .additionalLabels }} +{{ toYaml .additionalLabels | indent 8 }} + {{- end }} + spec: + groups: +{{ toYaml .groups| indent 8 }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml new file mode 100644 index 00000000..9d6bb616 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.prometheusSpec.additionalScrapeConfigs }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-scrape-confg + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus-scrape-confg +{{ include "prometheus-operator.labels" . | indent 4 }} +data: + additional-scrape-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalScrapeConfigs | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrole.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrole.yaml new file mode 100644 index 00000000..799027d9 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrole.yaml @@ -0,0 +1,35 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: + - "" + resources: + - nodes/metrics + verbs: + - get + - list + - watch +# This permission are not in the prometheus-operator repo +# they're grabbed from https://github.com/prometheus/prometheus/blob/master/documentation/examples/rbac-setup.yml +- apiGroups: [""] + resources: + - nodes + - nodes/proxy + - services + - endpoints + - pods + verbs: ["get", "list", "watch"] +- apiGroups: + - extensions + resources: + - ingresses + verbs: ["get", "list", "watch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrolebinding.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrolebinding.yaml new file mode 100644 index 00000000..b0c0e9e1 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-prometheus +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} + diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/ingress.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/ingress.yaml new file mode 100644 index 00000000..e013e960 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/ingress.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.ingress.enabled }} +{{- $routePrefix := .Values.prometheus.prometheusSpec.routePrefix }} +{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: +{{- if .Values.prometheus.ingress.annotations }} + annotations: +{{ toYaml .Values.prometheus.ingress.annotations | indent 4 }} +{{- end }} + name: {{ $serviceName }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheus.ingress.labels }} +{{ toYaml .Values.prometheus.ingress.labels | indent 4 }} +{{- end }} +spec: + rules: + {{- range $host := .Values.prometheus.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: "{{ $routePrefix }}" + backend: + serviceName: {{ $serviceName }} + servicePort: 9090 + {{- end }} +{{- if .Values.prometheus.ingress.tls }} + tls: +{{ toYaml .Values.prometheus.ingress.tls | indent 4 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml new file mode 100644 index 00000000..a51cda5d --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + {{- if .Values.prometheus.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.prometheus.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.prometheus.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.prometheus.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: prometheus + prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/prometheus.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/prometheus.yaml new file mode 100644 index 00000000..c172c0e3 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/prometheus.yaml @@ -0,0 +1,176 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.startup -}} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: Prometheus +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + alerting: + alertmanagers: +{{- if .Values.prometheus.prometheusSpec.alertingEndpoints }} +{{ toYaml .Values.prometheus.prometheusSpec.alertingEndpoints | indent 6 }} +{{- else }} + - namespace: {{ .Release.Namespace }} + name: {{ template "prometheus-operator.fullname" . }}-alertmanager + port: web + {{- if .Values.alertmanager.alertmanagerSpec.routePrefix }} + pathPrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" + {{- end }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.image }} + baseImage: {{ .Values.prometheus.prometheusSpec.image.repository }} + version: {{ .Values.prometheus.prometheusSpec.image.tag }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.externalLabels }} + externalLabels: +{{ toYaml .Values.prometheus.prometheusSpec.externalLabels | indent 4}} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.externalUrl }} + externalUrl: "{{ .Values.prometheus.prometheusSpec.externalUrl }}" +{{- else if .Values.prometheus.ingress.enabled }} + externalUrl: "http://{{ index .Values.prometheus.ingress.hosts 0 }}{{ .Values.prometheus.prometheusSpec.routePrefix }}" +{{- else }} + externalUrl: http://{{ template "prometheus-operator.fullname" . }}-prometheus.{{ .Release.Namespace }}:9090 +{{- end }} +{{- if .Values.prometheus.prometheusSpec.nodeSelector }} + nodeSelector: +{{ toYaml .Values.prometheus.prometheusSpec.nodeSelector | indent 4 }} +{{- end }} + paused: {{ .Values.prometheus.prometheusSpec.paused }} + replicas: {{ .Values.prometheus.prometheusSpec.replicas }} + logLevel: {{ .Values.prometheus.prometheusSpec.logLevel }} + listenLocal: {{ .Values.prometheus.prometheusSpec.listenLocal }} +{{- if .Values.prometheus.prometheusSpec.scrapeInterval }} + scrapeInterval: {{ .Values.prometheus.prometheusSpec.scrapeInterval }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.evaluationInterval }} + evaluationInterval: {{ .Values.prometheus.prometheusSpec.evaluationInterval }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.resources }} + resources: +{{ toYaml .Values.prometheus.prometheusSpec.resources | indent 4 }} +{{- end }} + retention: {{ .Values.prometheus.prometheusSpec.retention | quote }} +{{- if .Values.prometheus.prometheusSpec.routePrefix }} + routePrefix: {{ .Values.prometheus.prometheusSpec.routePrefix | quote }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.secrets }} + secrets: +{{ toYaml .Values.prometheus.prometheusSpec.secrets | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.configMaps }} + configMaps: +{{ toYaml .Values.prometheus.prometheusSpec.configMaps | indent 4 }} +{{- end }} + serviceAccountName: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} +{{- if .Values.prometheus.prometheusSpec.serviceMonitorSelector }} + serviceMonitorSelector: +{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4 }} +{{ else if .Values.prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues }} + serviceMonitorSelector: + matchLabels: + release: {{ .Release.Name | quote }} +{{ else }} + serviceMonitorSelector: {} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector }} + serviceMonitorNamespaceSelector: +{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4 }} +{{ else }} + serviceMonitorNamespaceSelector: {} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.remoteRead }} + remoteRead: +{{ toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.remoteWrite }} + remoteWrite: +{{ toYaml .Values.prometheus.prometheusSpec.remoteWrite | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.securityContext }} + securityContext: +{{ toYaml .Values.prometheus.prometheusSpec.securityContext | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.ruleNamespaceSelector }} + ruleNamespaceSelector: +{{ toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4 }} +{{ else }} + ruleNamespaceSelector: {} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.ruleSelector }} + ruleSelector: +{{ toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4}} +{{- else if .Values.prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues }} + ruleSelector: + matchLabels: + app: {{ template "prometheus-operator.name" . }} + release: {{ .Release.Name | quote }} +{{ else }} + ruleSelector: {} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.storageSpec }} + storage: +{{ toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4 }} +{{- end }} + {{- if .Values.prometheus.prometheusSpec.podMetadata }} + podMetadata: +{{ toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4 }} + {{- end }} +{{- if eq .Values.prometheus.prometheusSpec.podAntiAffinity "hard" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: prometheus + prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus +{{- else if eq .Values.prometheus.prometheusSpec.podAntiAffinity "soft" }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }} + labelSelector: + matchLabels: + app: prometheus + prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus +{{- end }} +{{- if .Values.prometheus.prometheusSpec.tolerations }} + tolerations: +{{ toYaml .Values.prometheus.prometheusSpec.tolerations | indent 4 }} +{{- end }} +{{- if .Values.global.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 4 }} +{{- end }} +{{- if or .Values.prometheus.prometheusSpec.additionalScrapeConfigs .Values.prometheus.prometheusSpec.additionalScrapeConfigsExternal }} + additionalScrapeConfigs: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-scrape-confg + key: additional-scrape-configs.yaml +{{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }} + additionalAlertManagerConfigs: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-confg + key: additional-alertmanager-configs.yaml +{{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }} + additionalAlertRelabelConfigs: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-relabel-confg + key: additional-alert-relabel-configs.yaml +{{- end }} +{{- if .Values.prometheus.prometheusSpec.containers }} + containers: +{{ toYaml .Values.prometheus.prometheusSpec.containers | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.priorityClassName }} + priorityClassName: {{ .Values.prometheus.prometheusSpec.priorityClassName }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.thanos }} + thanos: +{{ toYaml .Values.prometheus.prometheusSpec.thanos | indent 4 }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrole.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrole.yaml new file mode 100644 index 00000000..a2ab02db --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-psp + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-operator.fullname" . }}-prometheus +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml new file mode 100644 index 00000000..08faa722 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-psp + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "prometheus-operator.fullname" . }}-prometheus-psp +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} + diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp.yaml new file mode 100644 index 00000000..40d33462 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/psp.yaml @@ -0,0 +1,47 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-config.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-config.yaml new file mode 100644 index 00000000..eef28dad --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-config.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-config + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-specificNamespace.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-specificNamespace.yaml new file mode 100644 index 00000000..9fe3f20e --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/role-specificNamespace.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.prometheus.rbac.roleNamespaces }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleList +items: +{{- range uniq (append .Values.prometheus.rbac.roleNamespaces .Release.Namespace) }} +- apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: {{ template "prometheus-operator.fullname" $ }}-prometheus + labels: + app: {{ template "prometheus-operator.name" $ }}-prometheus +{{ include "prometheus-operator.labels" $ | indent 6 }} + namespace: {{ . | quote }} + rules: + - apiGroups: + - "" + resources: + - nodes + - services + - endpoints + - pods + verbs: + - get + - list + - watch +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-config.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-config.yaml new file mode 100644 index 00000000..89fb9ce7 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-config.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus-config + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "prometheus-operator.fullname" . }}-prometheus +subjects: +- kind: ServiceAccount + name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-specificNamespace.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-specificNamespace.yaml new file mode 100644 index 00000000..64161876 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rolebinding-specificNamespace.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBindingList +items: +{{- range uniq (append .Values.prometheus.rbac.roleNamespaces .Release.Namespace) }} +- apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: {{ template "prometheus-operator.fullname" $ }}-prometheus + labels: + app: {{ template "prometheus-operator.name" $ }}-prometheus +{{ include "prometheus-operator.labels" $ | indent 6 }} + namespace: {{ . | quote }} + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "prometheus-operator.fullname" $ }}-prometheus + subjects: + - kind: ServiceAccount + name: {{ template "prometheus-operator.prometheus.serviceAccountName" $ }} + namespace: {{ $.Release.Namespace }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml new file mode 100644 index 00000000..c1762fd1 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml @@ -0,0 +1,50 @@ +# Generated from 'alertmanager.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.alertmanager }} +{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} +{{- $alertmanagerJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} +{{- $namespace := .Release.Namespace }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: alertmanager.rules + rules: + - alert: AlertmanagerConfigInconsistent + annotations: + message: The configuration of the instances of the Alertmanager cluster `{{`{{$labels.service}}`}}` are out of sync. + expr: count_values("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}) BY (service) / ON(service) GROUP_LEFT() label_replace(prometheus_operator_spec_replicas{job="{{ $operatorJob }}",namespace="{{ $namespace }}",controller="alertmanager"}, "service", "$1", "name", "(.*)") != 1 + for: 5m + labels: + severity: critical + - alert: AlertmanagerFailedReload + annotations: + message: Reloading Alertmanager's configuration has failed for {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod}}`}}. + expr: alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} == 0 + for: 10m + labels: + severity: warning + - alert: AlertmanagerMembersInconsistent + annotations: + message: Alertmanager has not found all other members of the cluster. + expr: |- + alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} + != on (service) GROUP_LEFT() + count by (service) (alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}) + for: 5m + labels: + severity: critical +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/etcd.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/etcd.yaml new file mode 100644 index 00000000..a68eeff2 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/etcd.yaml @@ -0,0 +1,136 @@ +# Generated from 'etcd' group from https://raw.githubusercontent.com/etcd-io/etcd/master/Documentation/op-guide/etcd3_alert.rules.yml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.kubeEtcd.enabled .Values.defaultRules.rules.etcd }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "etcd" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: etcd + rules: + - alert: etcdInsufficientMembers + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": insufficient members ({{`{{ $value }}`}}).' + expr: sum(up{job=~".*etcd.*"} == bool 1) by (job) < ((count(up{job=~".*etcd.*"}) by (job) + 1) / 2) + for: 3m + labels: + severity: critical + - alert: etcdNoLeader + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": member {{`{{ $labels.instance }}`}} has no leader.' + expr: etcd_server_has_leader{job=~".*etcd.*"} == 0 + for: 1m + labels: + severity: critical + - alert: etcdHighNumberOfLeaderChanges + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": instance {{`{{ $labels.instance }}`}} has seen {{`{{ $value }}`}} leader changes within the last hour.' + expr: rate(etcd_server_leader_changes_seen_total{job=~".*etcd.*"}[15m]) > 3 + for: 15m + labels: + severity: warning + - alert: etcdHighNumberOfFailedGRPCRequests + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": {{`{{ $value }}`}}% of requests for {{`{{ $labels.grpc_method }}`}} failed on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code!="OK"}[5m])) BY (job, instance, grpc_service, grpc_method) + / + sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) BY (job, instance, grpc_service, grpc_method) + > 1 + for: 10m + labels: + severity: warning + - alert: etcdHighNumberOfFailedGRPCRequests + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": {{`{{ $value }}`}}% of requests for {{`{{ $labels.grpc_method }}`}} failed on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code!="OK"}[5m])) BY (job, instance, grpc_service, grpc_method) + / + sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) BY (job, instance, grpc_service, grpc_method) + > 5 + for: 5m + labels: + severity: critical + - alert: etcdGRPCRequestsSlow + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": gRPC requests to {{`{{ $labels.grpc_method }}`}} are taking {{`{{ $value }}`}}s on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job=~".*etcd.*", grpc_type="unary"}[5m])) by (job, instance, grpc_service, grpc_method, le)) + > 0.15 + for: 10m + labels: + severity: critical + - alert: etcdMemberCommunicationSlow + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": member communication with {{`{{ $labels.To }}`}} is taking {{`{{ $value }}`}}s on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.15 + for: 10m + labels: + severity: warning + - alert: etcdHighNumberOfFailedProposals + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": {{`{{ $value }}`}} proposal failures within the last hour on etcd instance {{`{{ $labels.instance }}`}}.' + expr: rate(etcd_server_proposals_failed_total{job=~".*etcd.*"}[15m]) > 5 + for: 15m + labels: + severity: warning + - alert: etcdHighFsyncDurations + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": 99th percentile fync durations are {{`{{ $value }}`}}s on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.5 + for: 10m + labels: + severity: warning + - alert: etcdHighCommitDurations + annotations: + message: 'etcd cluster "{{`{{ $labels.job }}`}}": 99th percentile commit durations {{`{{ $value }}`}}s on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*"}[5m])) + > 0.25 + for: 10m + labels: + severity: warning + - alert: etcdHighNumberOfFailedHTTPRequests + annotations: + message: '{{`{{ $value }}`}}% of requests for {{`{{ $labels.method }}`}} failed on etcd instance {{`{{ $labels.instance }}`}}' + expr: |- + sum(rate(etcd_http_failed_total{job=~".*etcd.*", code!="404"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job=~".*etcd.*"}[5m])) + BY (method) > 0.01 + for: 10m + labels: + severity: warning + - alert: etcdHighNumberOfFailedHTTPRequests + annotations: + message: '{{`{{ $value }}`}}% of requests for {{`{{ $labels.method }}`}} failed on etcd instance {{`{{ $labels.instance }}`}}.' + expr: |- + sum(rate(etcd_http_failed_total{job=~".*etcd.*", code!="404"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job=~".*etcd.*"}[5m])) + BY (method) > 0.05 + for: 10m + labels: + severity: critical + - alert: etcdHTTPRequestsSlow + annotations: + message: etcd instance {{`{{ $labels.instance }}`}} HTTP requests to {{`{{ $labels.method }}`}} are slow. + expr: |- + histogram_quantile(0.99, rate(etcd_http_successful_duration_seconds_bucket[5m])) + > 0.15 + for: 10m + labels: + severity: warning +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/general.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/general.rules.yaml new file mode 100644 index 00000000..9f8349f9 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/general.rules.yaml @@ -0,0 +1,46 @@ +# Generated from 'general.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.general }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "general.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: general.rules + rules: + - alert: TargetDown + annotations: + message: '{{`{{ $value }}`}}% of the {{`{{ $labels.job }}`}} targets are down.' + expr: 100 * (count(up == 0) BY (job) / count(up) BY (job)) > 10 + for: 10m + labels: + severity: warning + - alert: Watchdog + annotations: + message: 'This is an alert meant to ensure that the entire alerting pipeline is functional. + + This alert is always firing, therefore it should always be firing in Alertmanager + + and always fire against a receiver. There are integrations with various notification + + mechanisms that send a notification when this alert is not firing. For example the + + "DeadMansSnitch" integration in PagerDuty. + + ' + expr: vector(1) + labels: + severity: none +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml new file mode 100644 index 00000000..678df008 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml @@ -0,0 +1,60 @@ +# Generated from 'k8s.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.k8s }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "k8s.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: k8s.rules + rules: + - expr: sum(rate(container_cpu_usage_seconds_total{job="kubelet", image!="", container_name!=""}[5m])) by (namespace) + record: namespace:container_cpu_usage_seconds_total:sum_rate + - expr: |- + sum by (namespace, pod_name, container_name) ( + rate(container_cpu_usage_seconds_total{job="kubelet", image!="", container_name!=""}[5m]) + ) + record: namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate + - expr: sum(container_memory_usage_bytes{job="kubelet", image!="", container_name!=""}) by (namespace) + record: namespace:container_memory_usage_bytes:sum + - expr: |- + sum by (namespace, label_name) ( + sum(rate(container_cpu_usage_seconds_total{job="kubelet", image!="", container_name!=""}[5m])) by (namespace, pod_name) + * on (namespace, pod_name) group_left(label_name) + label_replace(kube_pod_labels{job="kube-state-metrics"}, "pod_name", "$1", "pod", "(.*)") + ) + record: namespace_name:container_cpu_usage_seconds_total:sum_rate + - expr: |- + sum by (namespace, label_name) ( + sum(container_memory_usage_bytes{job="kubelet",image!="", container_name!=""}) by (pod_name, namespace) + * on (namespace, pod_name) group_left(label_name) + label_replace(kube_pod_labels{job="kube-state-metrics"}, "pod_name", "$1", "pod", "(.*)") + ) + record: namespace_name:container_memory_usage_bytes:sum + - expr: |- + sum by (namespace, label_name) ( + sum(kube_pod_container_resource_requests_memory_bytes{job="kube-state-metrics"}) by (namespace, pod) + * on (namespace, pod) group_left(label_name) + label_replace(kube_pod_labels{job="kube-state-metrics"}, "pod_name", "$1", "pod", "(.*)") + ) + record: namespace_name:kube_pod_container_resource_requests_memory_bytes:sum + - expr: |- + sum by (namespace, label_name) ( + sum(kube_pod_container_resource_requests_cpu_cores{job="kube-state-metrics"} and on(pod) kube_pod_status_scheduled{condition="true"}) by (namespace, pod) + * on (namespace, pod) group_left(label_name) + label_replace(kube_pod_labels{job="kube-state-metrics"}, "pod_name", "$1", "pod", "(.*)") + ) + record: namespace_name:kube_pod_container_resource_requests_cpu_cores:sum +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml new file mode 100644 index 00000000..cbb19cb7 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml @@ -0,0 +1,35 @@ +# Generated from 'kube-apiserver.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserver }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-apiserver.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kube-apiserver.rules + rules: + - expr: histogram_quantile(0.99, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.99' + record: cluster_quantile:apiserver_request_latencies:histogram_quantile + - expr: histogram_quantile(0.9, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.9' + record: cluster_quantile:apiserver_request_latencies:histogram_quantile + - expr: histogram_quantile(0.5, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.5' + record: cluster_quantile:apiserver_request_latencies:histogram_quantile +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml new file mode 100644 index 00000000..2df9a096 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml @@ -0,0 +1,37 @@ +# Generated from 'kube-prometheus-node-alerting.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeAlerting }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-prometheus-node-alerting.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kube-prometheus-node-alerting.rules + rules: + - alert: NodeDiskRunningFull + annotations: + message: Device {{`{{ $labels.device }}`}} of node-exporter {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod }}`}} will be full within the next 24 hours. + expr: '(node:node_filesystem_usage: > 0.85) and (predict_linear(node:node_filesystem_avail:[6h], 3600 * 24) < 0)' + for: 30m + labels: + severity: warning + - alert: NodeDiskRunningFull + annotations: + message: Device {{`{{ $labels.device }}`}} of node-exporter {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod }}`}} will be full within the next 2 hours. + expr: '(node:node_filesystem_usage: > 0.85) and (predict_linear(node:node_filesystem_avail:[30m], 3600 * 2) < 0)' + for: 10m + labels: + severity: critical +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml new file mode 100644 index 00000000..0d2ff510 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml @@ -0,0 +1,37 @@ +# Generated from 'kube-prometheus-node-recording.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeRecording }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-prometheus-node-recording.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kube-prometheus-node-recording.rules + rules: + - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[3m])) BY (instance) + record: instance:node_cpu:rate:sum + - expr: sum((node_filesystem_size_bytes{mountpoint="/"} - node_filesystem_free_bytes{mountpoint="/"})) BY (instance) + record: instance:node_filesystem_usage:sum + - expr: sum(rate(node_network_receive_bytes_total[3m])) BY (instance) + record: instance:node_network_receive_bytes:rate:sum + - expr: sum(rate(node_network_transmit_bytes_total[3m])) BY (instance) + record: instance:node_network_transmit_bytes:rate:sum + - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[5m])) WITHOUT (cpu, mode) / ON(instance) GROUP_LEFT() count(sum(node_cpu_seconds_total) BY (instance, cpu)) BY (instance) + record: instance:node_cpu:ratio + - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[5m])) + record: cluster:node_cpu:sum_rate5m + - expr: cluster:node_cpu_seconds_total:rate5m / count(sum(node_cpu_seconds_total) BY (instance, cpu)) + record: cluster:node_cpu:ratio +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml new file mode 100644 index 00000000..e51b0181 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml @@ -0,0 +1,59 @@ +# Generated from 'kube-scheduler.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeScheduler }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-scheduler.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kube-scheduler.rules + rules: + - expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile + - expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile + - expr: histogram_quantile(0.99, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.99' + record: cluster_quantile:scheduler_binding_latency:histogram_quantile + - expr: histogram_quantile(0.9, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile + - expr: histogram_quantile(0.9, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile + - expr: histogram_quantile(0.9, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.9' + record: cluster_quantile:scheduler_binding_latency:histogram_quantile + - expr: histogram_quantile(0.5, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile + - expr: histogram_quantile(0.5, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile + - expr: histogram_quantile(0.5, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 + labels: + quantile: '0.5' + record: cluster_quantile:scheduler_binding_latency:histogram_quantile +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml new file mode 100644 index 00000000..19b09491 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml @@ -0,0 +1,123 @@ +# Generated from 'kubernetes-absent' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubernetesAbsent }} +{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} +{{- $prometheusJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} +{{- $alertmanagerJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} +{{- $namespace := .Release.Namespace }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-absent" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kubernetes-absent + rules: + - alert: AlertmanagerDown + annotations: + message: Alertmanager has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-alertmanagerdown + expr: absent(up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} == 1) + for: 15m + labels: + severity: critical +{{- if .Values.kubeDns.enabled }} + - alert: CoreDNSDown + annotations: + message: CoreDNS has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-corednsdown + expr: absent(up{job="kube-dns"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.kubeApiServer.enabled }} + - alert: KubeAPIDown + annotations: + message: KubeAPI has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeapidown + expr: absent(up{job="apiserver"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.kubeControllerManager.enabled }} + - alert: KubeControllerManagerDown + annotations: + message: KubeControllerManager has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubecontrollermanagerdown + expr: absent(up{job="kube-controller-manager"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.kubeScheduler.enabled }} + - alert: KubeSchedulerDown + annotations: + message: KubeScheduler has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeschedulerdown + expr: absent(up{job="kube-scheduler"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.kubeStateMetrics.enabled }} + - alert: KubeStateMetricsDown + annotations: + message: KubeStateMetrics has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatemetricsdown + expr: absent(up{job="kube-state-metrics"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.prometheusOperator.kubeletService.enabled }} + - alert: KubeletDown + annotations: + message: Kubelet has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeletdown + expr: absent(up{job="kubelet"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- if .Values.nodeExporter.enabled }} + - alert: NodeExporterDown + annotations: + message: NodeExporter has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-nodeexporterdown + expr: absent(up{job="node-exporter"} == 1) + for: 15m + labels: + severity: critical +{{- end }} + - alert: PrometheusDown + annotations: + message: Prometheus has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-prometheusdown + expr: absent(up{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} == 1) + for: 15m + labels: + severity: critical +{{- if .Values.prometheusOperator.enabled }} + - alert: PrometheusOperatorDown + annotations: + message: PrometheusOperator has disappeared from Prometheus target discovery. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-prometheusoperatordown + expr: absent(up{job="{{ $operatorJob }}",namespace="{{ $namespace }}"} == 1) + for: 15m + labels: + severity: critical +{{- end }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml new file mode 100644 index 00000000..d3d2c498 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml @@ -0,0 +1,156 @@ +# Generated from 'kubernetes-apps' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.kubeStateMetrics.enabled .Values.defaultRules.rules.kubernetesApps }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-apps" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kubernetes-apps + rules: + - alert: KubePodCrashLooping + annotations: + message: Pod {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod }}`}} ({{`{{ $labels.container }}`}}) is restarting {{`{{ printf "%.2f" $value }}`}} times / 5 minutes. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubepodcrashlooping + expr: rate(kube_pod_container_status_restarts_total{job="kube-state-metrics"}[15m]) * 60 * 5 > 0 + for: 1h + labels: + severity: critical + - alert: KubePodNotReady + annotations: + message: Pod {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod }}`}} has been in a non-ready state for longer than an hour. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubepodnotready + expr: sum by (namespace, pod) (kube_pod_status_phase{job="kube-state-metrics", phase=~"Pending|Unknown"}) > 0 + for: 1h + labels: + severity: critical + - alert: KubeDeploymentGenerationMismatch + annotations: + message: Deployment generation for {{`{{ $labels.namespace }}`}}/{{`{{ $labels.deployment }}`}} does not match, this indicates that the Deployment has failed but has not been rolled back. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubedeploymentgenerationmismatch + expr: |- + kube_deployment_status_observed_generation{job="kube-state-metrics"} + != + kube_deployment_metadata_generation{job="kube-state-metrics"} + for: 15m + labels: + severity: critical + - alert: KubeDeploymentReplicasMismatch + annotations: + message: Deployment {{`{{ $labels.namespace }}`}}/{{`{{ $labels.deployment }}`}} has not matched the expected number of replicas for longer than an hour. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubedeploymentreplicasmismatch + expr: |- + kube_deployment_spec_replicas{job="kube-state-metrics"} + != + kube_deployment_status_replicas_available{job="kube-state-metrics"} + for: 1h + labels: + severity: critical + - alert: KubeStatefulSetReplicasMismatch + annotations: + message: StatefulSet {{`{{ $labels.namespace }}`}}/{{`{{ $labels.statefulset }}`}} has not matched the expected number of replicas for longer than 15 minutes. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatefulsetreplicasmismatch + expr: |- + kube_statefulset_status_replicas_ready{job="kube-state-metrics"} + != + kube_statefulset_status_replicas{job="kube-state-metrics"} + for: 15m + labels: + severity: critical + - alert: KubeStatefulSetGenerationMismatch + annotations: + message: StatefulSet generation for {{`{{ $labels.namespace }}`}}/{{`{{ $labels.statefulset }}`}} does not match, this indicates that the StatefulSet has failed but has not been rolled back. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatefulsetgenerationmismatch + expr: |- + kube_statefulset_status_observed_generation{job="kube-state-metrics"} + != + kube_statefulset_metadata_generation{job="kube-state-metrics"} + for: 15m + labels: + severity: critical + - alert: KubeStatefulSetUpdateNotRolledOut + annotations: + message: StatefulSet {{`{{ $labels.namespace }}`}}/{{`{{ $labels.statefulset }}`}} update has not been rolled out. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubestatefulsetupdatenotrolledout + expr: |- + max without (revision) ( + kube_statefulset_status_current_revision{job="kube-state-metrics"} + unless + kube_statefulset_status_update_revision{job="kube-state-metrics"} + ) + * + ( + kube_statefulset_replicas{job="kube-state-metrics"} + != + kube_statefulset_status_replicas_updated{job="kube-state-metrics"} + ) + for: 15m + labels: + severity: critical + - alert: KubeDaemonSetRolloutStuck + annotations: + message: Only {{`{{ $value }}`}}% of the desired Pods of DaemonSet {{`{{ $labels.namespace }}`}}/{{`{{ $labels.daemonset }}`}} are scheduled and ready. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubedaemonsetrolloutstuck + expr: |- + kube_daemonset_status_number_ready{job="kube-state-metrics"} + / + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics"} * 100 < 100 + for: 15m + labels: + severity: critical + - alert: KubeDaemonSetNotScheduled + annotations: + message: '{{`{{ $value }}`}} Pods of DaemonSet {{`{{ $labels.namespace }}`}}/{{`{{ $labels.daemonset }}`}} are not scheduled.' + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubedaemonsetnotscheduled + expr: |- + kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics"} + - + kube_daemonset_status_current_number_scheduled{job="kube-state-metrics"} > 0 + for: 10m + labels: + severity: warning + - alert: KubeDaemonSetMisScheduled + annotations: + message: '{{`{{ $value }}`}} Pods of DaemonSet {{`{{ $labels.namespace }}`}}/{{`{{ $labels.daemonset }}`}} are running where they are not supposed to run.' + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubedaemonsetmisscheduled + expr: kube_daemonset_status_number_misscheduled{job="kube-state-metrics"} > 0 + for: 10m + labels: + severity: warning + - alert: KubeCronJobRunning + annotations: + message: CronJob {{`{{ $labels.namespace }}`}}/{{`{{ $labels.cronjob }}`}} is taking more than 1h to complete. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubecronjobrunning + expr: time() - kube_cronjob_next_schedule_time{job="kube-state-metrics"} > 3600 + for: 1h + labels: + severity: warning + - alert: KubeJobCompletion + annotations: + message: Job {{`{{ $labels.namespace }}`}}/{{`{{ $labels.job_name }}`}} is taking more than one hour to complete. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubejobcompletion + expr: kube_job_spec_completions{job="kube-state-metrics"} - kube_job_status_succeeded{job="kube-state-metrics"} > 0 + for: 1h + labels: + severity: warning + - alert: KubeJobFailed + annotations: + message: Job {{`{{ $labels.namespace }}`}}/{{`{{ $labels.job_name }}`}} failed to complete. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubejobfailed + expr: kube_job_status_failed{job="kube-state-metrics"} > 0 + for: 1h + labels: + severity: warning +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml new file mode 100644 index 00000000..ed4a83c6 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml @@ -0,0 +1,99 @@ +# Generated from 'kubernetes-resources' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubernetesResources }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-resources" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kubernetes-resources + rules: + - alert: KubeCPUOvercommit + annotations: + message: Cluster has overcommitted CPU resource requests for Pods and cannot tolerate node failure. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubecpuovercommit + expr: |- + sum(namespace_name:kube_pod_container_resource_requests_cpu_cores:sum) + / + sum(node:node_num_cpu:sum) + > + (count(node:node_num_cpu:sum)-1) / count(node:node_num_cpu:sum) + for: 5m + labels: + severity: warning + - alert: KubeMemOvercommit + annotations: + message: Cluster has overcommitted memory resource requests for Pods and cannot tolerate node failure. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubememovercommit + expr: |- + sum(namespace_name:kube_pod_container_resource_requests_memory_bytes:sum) + / + sum(node_memory_MemTotal_bytes) + > + (count(node:node_num_cpu:sum)-1) + / + count(node:node_num_cpu:sum) + for: 5m + labels: + severity: warning + - alert: KubeCPUOvercommit + annotations: + message: Cluster has overcommitted CPU resource requests for Namespaces. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubecpuovercommit + expr: |- + sum(kube_resourcequota{job="kube-state-metrics", type="hard", resource="requests.cpu"}) + / + sum(node:node_num_cpu:sum) + > 1.5 + for: 5m + labels: + severity: warning + - alert: KubeMemOvercommit + annotations: + message: Cluster has overcommitted memory resource requests for Namespaces. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubememovercommit + expr: |- + sum(kube_resourcequota{job="kube-state-metrics", type="hard", resource="requests.memory"}) + / + sum(node_memory_MemTotal_bytes{job="node-exporter"}) + > 1.5 + for: 5m + labels: + severity: warning + - alert: KubeQuotaExceeded + annotations: + message: Namespace {{`{{ $labels.namespace }}`}} is using {{`{{ printf "%0.0f" $value }}`}}% of its {{`{{ $labels.resource }}`}} quota. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubequotaexceeded + expr: |- + 100 * kube_resourcequota{job="kube-state-metrics", type="used"} + / ignoring(instance, job, type) + (kube_resourcequota{job="kube-state-metrics", type="hard"} > 0) + > 90 + for: 15m + labels: + severity: warning + - alert: CPUThrottlingHigh + annotations: + message: '{{`{{ printf "%0.0f" $value }}`}}% throttling of CPU in namespace {{`{{ $labels.namespace }}`}} for container {{`{{ $labels.container_name }}`}} in pod {{`{{ $labels.pod_name }}`}}.' + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-cputhrottlinghigh + expr: |- + 100 * sum(increase(container_cpu_cfs_throttled_periods_total{container_name!="", }[5m])) by (container_name, pod_name, namespace) + / + sum(increase(container_cpu_cfs_periods_total{}[5m])) by (container_name, pod_name, namespace) + > 25 + for: 15m + labels: + severity: warning +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml new file mode 100644 index 00000000..edd8f5fc --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml @@ -0,0 +1,58 @@ +# Generated from 'kubernetes-storage' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubernetesStorage }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-storage" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kubernetes-storage + rules: + - alert: KubePersistentVolumeUsageCritical + annotations: + message: The PersistentVolume claimed by {{`{{ $labels.persistentvolumeclaim }}`}} in Namespace {{`{{ $labels.namespace }}`}} is only {{`{{ printf "%0.2f" $value }}`}}% free. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubepersistentvolumeusagecritical + expr: |- + 100 * kubelet_volume_stats_available_bytes{job="kubelet"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet"} + < 3 + for: 1m + labels: + severity: critical + - alert: KubePersistentVolumeFullInFourDays + annotations: + message: Based on recent sampling, the PersistentVolume claimed by {{`{{ $labels.persistentvolumeclaim }}`}} in Namespace {{`{{ $labels.namespace }}`}} is expected to fill up within four days. Currently {{`{{ printf "%0.2f" $value }}`}}% is available. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubepersistentvolumefullinfourdays + expr: |- + 100 * ( + kubelet_volume_stats_available_bytes{job="kubelet"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet"} + ) < 15 + and + predict_linear(kubelet_volume_stats_available_bytes{job="kubelet"}[6h], 4 * 24 * 3600) < 0 + for: 5m + labels: + severity: critical + - alert: KubePersistentVolumeErrors + annotations: + message: The persistent volume {{`{{ $labels.persistentvolume }}`}} has status {{`{{ $labels.phase }}`}}. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubepersistentvolumeerrors + expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="kube-state-metrics"} > 0 + for: 5m + labels: + severity: critical +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml new file mode 100644 index 00000000..8ccfa5bf --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml @@ -0,0 +1,119 @@ +# Generated from 'kubernetes-system' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-system" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: kubernetes-system + rules: + - alert: KubeNodeNotReady + annotations: + message: '{{`{{ $labels.node }}`}} has been unready for more than an hour.' + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubenodenotready + expr: kube_node_status_condition{job="kube-state-metrics",condition="Ready",status="true"} == 0 + for: 1h + labels: + severity: warning + - alert: KubeVersionMismatch + annotations: + message: There are {{`{{ $value }}`}} different semantic versions of Kubernetes components running. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeversionmismatch + expr: count(count by (gitVersion) (label_replace(kubernetes_build_info{job!="kube-dns"},"gitVersion","$1","gitVersion","(v[0-9]*.[0-9]*.[0-9]*).*"))) > 1 + for: 1h + labels: + severity: warning + - alert: KubeClientErrors + annotations: + message: Kubernetes API server client '{{`{{ $labels.job }}`}}/{{`{{ $labels.instance }}`}}' is experiencing {{`{{ printf "%0.0f" $value }}`}}% errors.' + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclienterrors + expr: |- + (sum(rate(rest_client_requests_total{code=~"5.."}[5m])) by (instance, job) + / + sum(rate(rest_client_requests_total[5m])) by (instance, job)) + * 100 > 1 + for: 15m + labels: + severity: warning + - alert: KubeClientErrors + annotations: + message: Kubernetes API server client '{{`{{ $labels.job }}`}}/{{`{{ $labels.instance }}`}}' is experiencing {{`{{ printf "%0.0f" $value }}`}} errors / second. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclienterrors + expr: sum(rate(ksm_scrape_error_total{job="kube-state-metrics"}[5m])) by (instance, job) > 0.1 + for: 15m + labels: + severity: warning + - alert: KubeletTooManyPods + annotations: + message: Kubelet {{`{{ $labels.instance }}`}} is running {{`{{ $value }}`}} Pods, close to the limit of 110. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubelettoomanypods + expr: kubelet_running_pod_count{job="kubelet"} > 110 * 0.9 + for: 15m + labels: + severity: warning + - alert: KubeAPILatencyHigh + annotations: + message: The API server has a 99th percentile latency of {{`{{ $value }}`}} seconds for {{`{{ $labels.verb }}`}} {{`{{ $labels.resource }}`}}. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeapilatencyhigh + expr: cluster_quantile:apiserver_request_latencies:histogram_quantile{job="apiserver",quantile="0.99",subresource!="log",verb!~"^(?:LIST|WATCH|WATCHLIST|PROXY|CONNECT)$"} > 1 + for: 10m + labels: + severity: warning + - alert: KubeAPILatencyHigh + annotations: + message: The API server has a 99th percentile latency of {{`{{ $value }}`}} seconds for {{`{{ $labels.verb }}`}} {{`{{ $labels.resource }}`}}. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeapilatencyhigh + expr: cluster_quantile:apiserver_request_latencies:histogram_quantile{job="apiserver",quantile="0.99",subresource!="log",verb!~"^(?:LIST|WATCH|WATCHLIST|PROXY|CONNECT)$"} > 4 + for: 10m + labels: + severity: critical + - alert: KubeAPIErrorsHigh + annotations: + message: API server is returning errors for {{`{{ $value }}`}}% of requests. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeapierrorshigh + expr: |- + sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) without(instance, pod) + / + sum(rate(apiserver_request_count{job="apiserver"}[5m])) without(instance, pod) * 100 > 10 + for: 10m + labels: + severity: critical + - alert: KubeAPIErrorsHigh + annotations: + message: API server is returning errors for {{`{{ $value }}`}}% of requests. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeapierrorshigh + expr: |- + sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) without(instance, pod) + / + sum(rate(apiserver_request_count{job="apiserver"}[5m])) without(instance, pod) * 100 > 5 + for: 10m + labels: + severity: warning + - alert: KubeClientCertificateExpiration + annotations: + message: A client certificate used to authenticate to the apiserver is expiring in less than 7 days. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclientcertificateexpiration + expr: histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 604800 + labels: + severity: warning + - alert: KubeClientCertificateExpiration + annotations: + message: A client certificate used to authenticate to the apiserver is expiring in less than 24 hours. + runbook_url: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md#alert-name-kubeclientcertificateexpiration + expr: histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 86400 + labels: + severity: critical +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/node.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/node.rules.yaml new file mode 100644 index 00000000..35245437 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/node.rules.yaml @@ -0,0 +1,198 @@ +# Generated from 'node.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.nodeExporter.enabled .Values.defaultRules.rules.node }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "node.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: node.rules + rules: + - expr: sum(min(kube_pod_info) by (node)) + record: ':kube_pod_info_node_count:' + - expr: max(label_replace(kube_pod_info{job="kube-state-metrics"}, "pod", "$1", "pod", "(.*)")) by (node, namespace, pod) + record: 'node_namespace_pod:kube_pod_info:' + - expr: |- + count by (node) (sum by (node, cpu) ( + node_cpu_seconds_total{job="node-exporter"} + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + )) + record: node:node_num_cpu:sum + - expr: 1 - avg(rate(node_cpu_seconds_total{job="node-exporter",mode="idle"}[1m])) + record: :node_cpu_utilisation:avg1m + - expr: |- + 1 - avg by (node) ( + rate(node_cpu_seconds_total{job="node-exporter",mode="idle"}[1m]) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info:) + record: node:node_cpu_utilisation:avg1m + - expr: |- + node:node_cpu_utilisation:avg1m + * + node:node_num_cpu:sum + / + scalar(sum(node:node_num_cpu:sum)) + record: node:cluster_cpu_utilisation:ratio + - expr: |- + sum(node_load1{job="node-exporter"}) + / + sum(node:node_num_cpu:sum) + record: ':node_cpu_saturation_load1:' + - expr: |- + sum by (node) ( + node_load1{job="node-exporter"} + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + / + node:node_num_cpu:sum + record: 'node:node_cpu_saturation_load1:' + - expr: |- + 1 - + sum(node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) + / + sum(node_memory_MemTotal_bytes{job="node-exporter"}) + record: ':node_memory_utilisation:' + - expr: sum(node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) + record: :node_memory_MemFreeCachedBuffers_bytes:sum + - expr: sum(node_memory_MemTotal_bytes{job="node-exporter"}) + record: :node_memory_MemTotal_bytes:sum + - expr: |- + sum by (node) ( + (node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_memory_bytes_available:sum + - expr: |- + sum by (node) ( + node_memory_MemTotal_bytes{job="node-exporter"} + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_memory_bytes_total:sum + - expr: |- + (node:node_memory_bytes_total:sum - node:node_memory_bytes_available:sum) + / + node:node_memory_bytes_total:sum + record: node:node_memory_utilisation:ratio + - expr: |- + (node:node_memory_bytes_total:sum - node:node_memory_bytes_available:sum) + / + scalar(sum(node:node_memory_bytes_total:sum)) + record: node:cluster_memory_utilisation:ratio + - expr: |- + 1e3 * sum( + (rate(node_vmstat_pgpgin{job="node-exporter"}[1m]) + + rate(node_vmstat_pgpgout{job="node-exporter"}[1m])) + ) + record: :node_memory_swap_io_bytes:sum_rate + - expr: |- + 1 - + sum by (node) ( + (node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + / + sum by (node) ( + node_memory_MemTotal_bytes{job="node-exporter"} + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: 'node:node_memory_utilisation:' + - expr: 1 - (node:node_memory_bytes_available:sum / node:node_memory_bytes_total:sum) + record: 'node:node_memory_utilisation_2:' + - expr: |- + 1e3 * sum by (node) ( + (rate(node_vmstat_pgpgin{job="node-exporter"}[1m]) + + rate(node_vmstat_pgpgout{job="node-exporter"}[1m])) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_memory_swap_io_bytes:sum_rate + - expr: avg(irate(node_disk_io_time_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+"}[1m])) + record: :node_disk_utilisation:avg_irate + - expr: |- + avg by (node) ( + irate(node_disk_io_time_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+"}[1m]) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_disk_utilisation:avg_irate + - expr: avg(irate(node_disk_io_time_weighted_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+"}[1m]) / 1e3) + record: :node_disk_saturation:avg_irate + - expr: |- + avg by (node) ( + irate(node_disk_io_time_weighted_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+"}[1m]) / 1e3 + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_disk_saturation:avg_irate + - expr: |- + max by (namespace, pod, device) ((node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} + - node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) + / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) + record: 'node:node_filesystem_usage:' + - expr: max by (namespace, pod, device) (node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) + record: 'node:node_filesystem_avail:' + - expr: |- + sum(irate(node_network_receive_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) + + sum(irate(node_network_transmit_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) + record: :node_net_utilisation:sum_irate + - expr: |- + sum by (node) ( + (irate(node_network_receive_bytes_total{job="node-exporter",device!~"veth.+"}[1m]) + + irate(node_network_transmit_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_net_utilisation:sum_irate + - expr: |- + sum(irate(node_network_receive_drop_total{job="node-exporter",device!~"veth.+"}[1m])) + + sum(irate(node_network_transmit_drop_total{job="node-exporter",device!~"veth.+"}[1m])) + record: :node_net_saturation:sum_irate + - expr: |- + sum by (node) ( + (irate(node_network_receive_drop_total{job="node-exporter",device!~"veth.+"}[1m]) + + irate(node_network_transmit_drop_total{job="node-exporter",device!~"veth.+"}[1m])) + * on (namespace, pod) group_left(node) + node_namespace_pod:kube_pod_info: + ) + record: node:node_net_saturation:sum_irate + - expr: |- + max( + max( + kube_pod_info{job="kube-state-metrics", host_ip!=""} + ) by (node, host_ip) + * on (host_ip) group_right (node) + label_replace( + (max(node_filesystem_files{job="node-exporter", mountpoint="/"}) by (instance)), "host_ip", "$1", "instance", "(.*):.*" + ) + ) by (node) + record: 'node:node_inodes_total:' + - expr: |- + max( + max( + kube_pod_info{job="kube-state-metrics", host_ip!=""} + ) by (node, host_ip) + * on (host_ip) group_right (node) + label_replace( + (max(node_filesystem_files_free{job="node-exporter", mountpoint="/"}) by (instance)), "host_ip", "$1", "instance", "(.*):.*" + ) + ) by (node) + record: 'node:node_inodes_free:' +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml new file mode 100644 index 00000000..774a540c --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml @@ -0,0 +1,39 @@ +# Generated from 'prometheus-operator' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.prometheusOperator }} +{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} +{{- $namespace := .Release.Namespace }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus-operator" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: prometheus-operator + rules: + - alert: PrometheusOperatorReconcileErrors + annotations: + message: Errors while reconciling {{`{{ $labels.controller }}`}} in {{`{{ $labels.namespace }}`}} Namespace. + expr: rate(prometheus_operator_reconcile_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1 + for: 10m + labels: + severity: warning + - alert: PrometheusOperatorNodeLookupErrors + annotations: + message: Errors while reconciling Prometheus in {{`{{ $labels.namespace }}`}} Namespace. + expr: rate(prometheus_operator_node_address_lookup_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1 + for: 10m + labels: + severity: warning +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml new file mode 100644 index 00000000..3c9e1490 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml @@ -0,0 +1,105 @@ +# Generated from 'prometheus.rules' group from https://raw.githubusercontent.com/coreos/prometheus-operator/master/contrib/kube-prometheus/manifests/prometheus-rules.yaml +# Do not change in-place! In order to change this file first read following link: +# https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack +{{- if and .Values.defaultRules.create .Values.defaultRules.rules.prometheus }} +{{- $prometheusJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} +{{- $namespace := .Release.Namespace }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: PrometheusRule +metadata: + name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus.rules" | trunc 63 | trimSuffix "-" }} + labels: + app: {{ template "prometheus-operator.name" . }} +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.defaultRules.labels }} +{{ toYaml .Values.defaultRules.labels | indent 4 }} +{{- end }} +{{- if .Values.defaultRules.annotations }} + annotations: +{{ toYaml .Values.defaultRules.annotations | indent 4 }} +{{- end }} +spec: + groups: + - name: prometheus.rules + rules: + - alert: PrometheusConfigReloadFailed + annotations: + description: Reloading Prometheus' configuration has failed for {{`{{$labels.namespace}}`}}/{{`{{$labels.pod}}`}} + summary: Reloading Prometheus' configuration failed + expr: prometheus_config_last_reload_successful{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} == 0 + for: 10m + labels: + severity: warning + - alert: PrometheusNotificationQueueRunningFull + annotations: + description: Prometheus' alert notification queue is running full for {{`{{$labels.namespace}}`}}/{{`{{ $labels.pod}}`}} + summary: Prometheus' alert notification queue is running full + expr: predict_linear(prometheus_notifications_queue_length{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m], 60 * 30) > prometheus_notifications_queue_capacity{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} + for: 10m + labels: + severity: warning + - alert: PrometheusErrorSendingAlerts + annotations: + description: Errors while sending alerts from Prometheus {{`{{$labels.namespace}}`}}/{{`{{ $labels.pod}}`}} to Alertmanager {{`{{$labels.Alertmanager}}`}} + summary: Errors while sending alert from Prometheus + expr: rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.01 + for: 10m + labels: + severity: warning + - alert: PrometheusErrorSendingAlerts + annotations: + description: Errors while sending alerts from Prometheus {{`{{$labels.namespace}}`}}/{{`{{ $labels.pod}}`}} to Alertmanager {{`{{$labels.Alertmanager}}`}} + summary: Errors while sending alerts from Prometheus + expr: rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.03 + for: 10m + labels: + severity: critical + - alert: PrometheusNotConnectedToAlertmanagers + annotations: + description: Prometheus {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod}}`}} is not connected to any Alertmanagers + summary: Prometheus is not connected to any Alertmanagers + expr: prometheus_notifications_alertmanagers_discovered{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} < 1 + for: 10m + labels: + severity: warning + - alert: PrometheusTSDBReloadsFailing + annotations: + description: '{{`{{$labels.job}}`}} at {{`{{$labels.instance}}`}} had {{`{{$value | humanize}}`}} reload failures over the last four hours.' + summary: Prometheus has issues reloading data blocks from disk + expr: increase(prometheus_tsdb_reloads_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[2h]) > 0 + for: 12h + labels: + severity: warning + - alert: PrometheusTSDBCompactionsFailing + annotations: + description: '{{`{{$labels.job}}`}} at {{`{{$labels.instance}}`}} had {{`{{$value | humanize}}`}} compaction failures over the last four hours.' + summary: Prometheus has issues compacting sample blocks + expr: increase(prometheus_tsdb_compactions_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[2h]) > 0 + for: 12h + labels: + severity: warning + - alert: PrometheusTSDBWALCorruptions + annotations: + description: '{{`{{$labels.job}}`}} at {{`{{$labels.instance}}`}} has a corrupted write-ahead log (WAL).' + summary: Prometheus write-ahead log is corrupted + expr: tsdb_wal_corruptions_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} > 0 + for: 4h + labels: + severity: warning + - alert: PrometheusNotIngestingSamples + annotations: + description: Prometheus {{`{{ $labels.namespace }}`}}/{{`{{ $labels.pod}}`}} isn't ingesting samples. + summary: Prometheus isn't ingesting samples + expr: rate(prometheus_tsdb_head_samples_appended_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) <= 0 + for: 10m + labels: + severity: warning + - alert: PrometheusTargetScrapesDuplicate + annotations: + description: '{{`{{$labels.namespace}}`}}/{{`{{$labels.pod}}`}} has many samples rejected due to duplicate timestamps but different values' + summary: Prometheus has many samples rejected + expr: increase(prometheus_target_scrapes_sample_duplicate_timestamp_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0 + for: 10m + labels: + severity: warning +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/service.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/service.yaml new file mode 100644 index 00000000..fc94f953 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/service.yaml @@ -0,0 +1,44 @@ +{{- if .Values.prometheus.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheus.service.annotations }} + annotations: +{{ toYaml .Values.prometheus.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if .Values.prometheus.service.clusterIP }} + clusterIP: {{ .Values.prometheus.service.clusterIP }} +{{- end }} +{{- if .Values.prometheus.service.externalIPs }} + externalIPs: +{{ toYaml .Values.prometheus.service.externalIPs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} + ports: + - name: web + {{- if eq .Values.prometheus.service.type "NodePort" }} + nodePort: {{ .Values.prometheus.service.nodePort }} + {{- end }} + port: 9090 + targetPort: {{ .Values.prometheus.service.targetPort }} + selector: + app: prometheus + prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus +{{- if .Values.prometheus.service.sessionAffinity }} + sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }} +{{- end }} + type: "{{ .Values.prometheus.service.type }}" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/serviceaccount.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/serviceaccount.yaml new file mode 100644 index 00000000..88df10ad --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.prometheus.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +imagePullSecrets: +{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitor.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitor.yaml new file mode 100644 index 00000000..36790450 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitor.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.selfMonitor }} +apiVersion: {{ printf "%s/v1" (.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-prometheus + release: {{ .Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + endpoints: + - port: web + interval: 30s + path: "{{ trimSuffix "/" .Values.prometheus.prometheusSpec.routePrefix }}/metrics" +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitors.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitors.yaml new file mode 100644 index 00000000..61f3ca3c --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/templates/prometheus/servicemonitors.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.additionalServiceMonitors }} +apiVersion: v1 +kind: List +items: +{{- range .Values.prometheus.additionalServiceMonitors }} + - apiVersion: {{ printf "%s/v1" ($.Values.prometheusOperator.crdApiGroup | default "monitoring.coreos.com") }} + kind: ServiceMonitor + metadata: + name: {{ .name }} + labels: + app: {{ template "prometheus-operator.name" $ }}-prometheus +{{ include "prometheus-operator.labels" $ | indent 8 }} + {{- if .additionalLabels }} +{{ toYaml .additionalLabels | indent 8 }} + {{- end }} + spec: + endpoints: +{{ toYaml .endpoints | indent 8 }} + {{- if .jobLabel }} + jobLabel: {{ .jobLabel }} + {{- end }} + {{- if .namespaceSelector }} + namespaceSelector: +{{ toYaml .namespaceSelector | indent 8 }} + {{- end }} + selector: +{{ toYaml .selector | indent 8 }} +{{- end }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/values.yaml b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/values.yaml new file mode 100644 index 00000000..fc0bc243 --- /dev/null +++ b/vnfs/DAaaS/deploy/operator/charts/prometheus-operator/values.yaml @@ -0,0 +1,1148 @@ +# Default values for prometheus-operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +## Provide a name in place of prometheus-operator for `app:` labels +## +nameOverride: "" + +## Provide a name to substitute for the full names of resources +## +fullnameOverride: "" + +## Labels to apply to all resources +## +commonLabels: {} +# scmhash: abc123 +# myLabel: aakkmd + +## Create default rules for monitoring the cluster +## +defaultRules: + create: true + rules: + alertmanager: true + etcd: true + general: true + k8s: true + kubeApiserver: true + kubePrometheusNodeAlerting: true + kubePrometheusNodeRecording: true + kubeScheduler: true + kubernetesAbsent: true + kubernetesApps: true + kubernetesResources: true + kubernetesStorage: true + kubernetesSystem: true + node: true + prometheusOperator: true + prometheus: true + ## Labels for default rules + labels: {} + ## Annotations for default rules + annotations: {} + +## Provide custom recording or alerting rules to be deployed into the cluster. +## +additionalPrometheusRules: [] +# - name: my-rule-file +# groups: +# - name: my_group +# rules: +# - record: my_record +# expr: 100 * my_record + +## +global: + rbac: + create: true + pspEnabled: true + + ## Reference to one or more secrets to be used when pulling images + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + imagePullSecrets: [] + # - name: "image-pull-secret" + +## Configuration for alertmanager +## ref: https://prometheus.io/docs/alerting/alertmanager/ +## +alertmanager: + + ## Deploy alertmanager + ## + enabled: false + + ## Service account for Alertmanager to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + create: true + name: "" + + ## Configure pod disruption budgets for Alertmanager + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget + ## This configuration is immutable once created and will require the PDB to be deleted to be changed + ## https://github.com/kubernetes/kubernetes/issues/45398 + ## + podDisruptionBudget: + enabled: false + minAvailable: 1 + maxUnavailable: "" + + ## Alertmanager configuration directives + ## ref: https://prometheus.io/docs/alerting/configuration/#configuration-file + ## https://prometheus.io/webtools/alerting/routing-tree-editor/ + ## + config: + global: + resolve_timeout: 5m + route: + group_by: ['job'] + group_wait: 30s + group_interval: 5m + repeat_interval: 12h + receiver: 'null' + routes: + - match: + alertname: Watchdog + receiver: 'null' + receivers: + - name: 'null' + + ## Alertmanager template files to format alerts + ## ref: https://prometheus.io/docs/alerting/notifications/ + ## https://prometheus.io/docs/alerting/notification_examples/ + ## + templateFiles: {} + # + # An example template: + # template_1.tmpl: |- + # {{ define "cluster" }}{{ .ExternalURL | reReplaceAll ".*alertmanager\\.(.*)" "$1" }}{{ end }} + # + # {{ define "slack.myorg.text" }} + # {{- $root := . -}} + # {{ range .Alerts }} + # *Alert:* {{ .Annotations.summary }} - `{{ .Labels.severity }}` + # *Cluster:* {{ template "cluster" $root }} + # *Description:* {{ .Annotations.description }} + # *Graph:* <{{ .GeneratorURL }}|:chart_with_upwards_trend:> + # *Runbook:* <{{ .Annotations.runbook }}|:spiral_note_pad:> + # *Details:* + # {{ range .Labels.SortedPairs }} • *{{ .Name }}:* `{{ .Value }}` + # {{ end }} + + ingress: + enabled: false + + annotations: {} + + labels: {} + + ## Hosts must be provided if Ingress is enabled. + ## + hosts: [] + # - alertmanager.domain.com + + ## TLS configuration for Alertmanager Ingress + ## Secret must be manually created in the namespace + ## + tls: [] + # - secretName: alertmanager-general-tls + # hosts: + # - alertmanager.example.com + + ## Configuration for Alertmanager service + ## + service: + annotations: {} + labels: {} + clusterIP: "" + + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## + nodePort: 30903 + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + ## Service type + ## + type: ClusterIP + + ## If true, create a serviceMonitor for alertmanager + ## + serviceMonitor: + selfMonitor: true + + ## Settings affecting alertmanagerSpec + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#alertmanagerspec + ## + alertmanagerSpec: + ## Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata + ## Metadata Labels and Annotations gets propagated to the Alertmanager pods. + ## + podMetadata: {} + + ## Image of Alertmanager + ## + image: + repository: quay.io/prometheus/alertmanager + tag: v0.16.1 + + ## Secrets is a list of Secrets in the same namespace as the Alertmanager object, which shall be mounted into the + ## Alertmanager Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + ## + secrets: [] + + ## ConfigMaps is a list of ConfigMaps in the same namespace as the Alertmanager object, which shall be mounted into the Alertmanager Pods. + ## The ConfigMaps are mounted into /etc/alertmanager/configmaps/. + ## + configMaps: [] + + ## Log level for Alertmanager to be configured with. + ## + logLevel: info + + ## Size is the expected size of the alertmanager cluster. The controller will eventually make the size of the + ## running cluster equal to the expected size. + replicas: 1 + + ## Time duration Alertmanager shall retain data for. Default is '120h', and must match the regular expression + ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours). + ## + retention: 120h + + ## Storage is the definition of how storage will be used by the Alertmanager instances. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/storage.md + ## + storage: {} + # volumeClaimTemplate: + # spec: + # storageClassName: gluster + # accessModes: ["ReadWriteOnce"] + # resources: + # requests: + # storage: 50Gi + # selector: {} + + + ## The external URL the Alertmanager instances will be available under. This is necessary to generate correct URLs. This is necessary if Alertmanager is not served from root of a DNS name. string false + ## + externalUrl: + + ## The route prefix Alertmanager registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, + ## but the server serves requests under a different route prefix. For example for use with kubectl proxy. + ## + routePrefix: / + + ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions. + ## + paused: false + + ## Define which Nodes the Pods are scheduled on. + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Define resources requests and limits for single Pods. + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # requests: + # memory: 400Mi + + ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node. + ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. + ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. + ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. + ## + podAntiAffinity: "" + + ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. + ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone + ## + podAntiAffinityTopologyKey: kubernetes.io/hostname + + ## If specified, the pod's tolerations. + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + + ## SecurityContext holds pod-level security attributes and common container settings. + ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## + securityContext: + runAsNonRoot: true + runAsUser: 1000 + fsGroup: 2000 + + ## ListenLocal makes the Alertmanager server listen on loopback, so that it does not bind against the Pod IP. + ## Note this is only for the Alertmanager UI, not the gossip communication. + ## + listenLocal: false + + ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an Alertmanager pod. + ## + containers: [] + + ## Priority class assigned to the Pods + ## + priorityClassName: "" + + ## AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster. + ## + additionalPeers: [] + +## Using default values from https://github.com/helm/charts/blob/master/stable/grafana/values.yaml +## +grafana: + enabled: false + + ## Deploy default dashboards. + ## + defaultDashboardsEnabled: true + + adminPassword: prom-operator + + ingress: + ## If true, Prometheus Ingress will be created + ## + enabled: false + + ## Annotations for Prometheus Ingress + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + + ## Labels to be added to the Ingress + ## + labels: {} + + ## Hostnames. + ## Must be provided if Ingress is enable. + ## + # hosts: + # - prometheus.domain.com + hosts: [] + + ## TLS configuration for prometheus Ingress + ## Secret must be manually created in the namespace + ## + tls: [] + # - secretName: prometheus-general-tls + # hosts: + # - prometheus.example.com + + sidecar: + dashboards: + enabled: true + label: grafana_dashboard + datasources: + enabled: true + label: grafana_datasource + + extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /etc/grafana/ssl/ + # configMap: certs-configmap + # readOnly: true + + ## If true, create a serviceMonitor for grafana + ## + serviceMonitor: + selfMonitor: true + +## Component scraping the kube api server +## + +## Component scraping the kube api server +## +kubeApiServer: + enabled: false + tlsConfig: + serverName: kubernetes + insecureSkipVerify: false + + ## If your API endpoint address is not reachable (as in AKS) you can replace it with the kubernetes service + ## + relabelings: [] + # - sourceLabels: + # - __meta_kubernetes_namespace + # - __meta_kubernetes_service_name + # - __meta_kubernetes_endpoint_port_name + # action: keep + # regex: default;kubernetes;https + # - targetLabel: __address__ + # replacement: kubernetes.default.svc:443 + + serviceMonitor: + jobLabel: component + selector: + matchLabels: + component: apiserver + provider: kubernetes + +## Component scraping the kubelet and kubelet-hosted cAdvisor +## +kubelet: + enabled: false + namespace: kube-system + + serviceMonitor: + ## Enable scraping the kubelet over https. For requirements to enable this see + ## https://github.com/coreos/prometheus-operator/issues/926 + ## + https: false + # cAdvisorMetricRelabelings: + # - sourceLabels: [__name__, image] + # separator: ; + # regex: container_([a-z_]+); + # replacement: $1 + # action: drop + # - sourceLabels: [__name__] + # separator: ; + # regex: container_(network_tcp_usage_total|network_udp_usage_total|tasks_state|cpu_load_average_10s) + # replacement: $1 + # action: drop + + +## Component scraping the kube controller manager +## +kubeControllerManager: + enabled: false + + ## If your kube controller manager is not deployed as a pod, specify IPs it can be found on + ## + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + ## If using kubeControllerManager.endpoints only the port and targetPort are used + ## + service: + port: 10252 + targetPort: 10252 + selector: + k8s-app: kube-controller-manager +## Component scraping coreDns. Use either this or kubeDns +## +coreDns: + enabled: false + service: + port: 9153 + targetPort: 9153 + selector: + k8s-app: coredns + +## Component scraping kubeDns. Use either this or coreDns +## +kubeDns: + enabled: false + service: + selector: + k8s-app: kube-dns +## Component scraping etcd +## +kubeEtcd: + enabled: false + + ## If your etcd is not deployed as a pod, specify IPs it can be found on + ## + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + ## Etcd service. If using kubeEtcd.endpoints only the port and targetPort are used + ## + service: + port: 4001 + targetPort: 4001 + selector: + k8s-app: etcd-server + + ## Configure secure access to the etcd cluster by loading a secret into prometheus and + ## specifying security configuration below. For example, with a secret named etcd-client-cert + ## + ## serviceMonitor: + ## scheme: https + ## insecureSkipVerify: false + ## serverName: localhost + ## caFile: /etc/prometheus/secrets/etcd-client-cert/etcd-ca + ## certFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client + ## keyFile: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key + ## + serviceMonitor: + scheme: http + insecureSkipVerify: false + serverName: "" + caFile: "" + certFile: "" + keyFile: "" + + +## Component scraping kube scheduler +## +kubeScheduler: + enabled: false + + ## If your kube scheduler is not deployed as a pod, specify IPs it can be found on + ## + endpoints: [] + # - 10.141.4.22 + # - 10.141.4.23 + # - 10.141.4.24 + + ## If using kubeScheduler.endpoints only the port and targetPort are used + ## + service: + port: 10251 + targetPort: 10251 + selector: + k8s-app: kube-scheduler + +## Component scraping kube state metrics +## +kubeStateMetrics: + enabled: false + +## Configuration for kube-state-metrics subchart +## +kube-state-metrics: + rbac: + create: true + podSecurityPolicy: + enabled: true + +## Deploy node exporter as a daemonset to all nodes +## +nodeExporter: + enabled: false + + ## Use the value configured in prometheus-node-exporter.podLabels + ## + jobLabel: jobLabel + +## Configuration for prometheus-node-exporter subchart +## +prometheus-node-exporter: + podLabels: + ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards + ## + jobLabel: node-exporter + extraArgs: + - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/) + - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$ + +## Manages Prometheus and Alertmanager components +## +prometheusOperator: + enabled: true + + ## Service account for Alertmanager to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + create: true + name: "" + + ## Configuration for Prometheus operator service + ## + service: + annotations: {} + labels: {} + clusterIP: "" + + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## + nodePort: 30080 + + + ## Loadbalancer IP + ## Only use if service.type is "loadbalancer" + ## + loadBalancerIP: "" + loadBalancerSourceRanges: [] + + ## Service type + ## NodepPort, ClusterIP, loadbalancer + ## + type: NodePort + + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + ## Deploy CRDs used by Prometheus Operator. + ## + createCustomResource: true + + ## Customize CRDs API Group + crdApiGroup: monitoring.coreos.com + + ## Attempt to clean up CRDs created by Prometheus Operator. + ## + cleanupCustomResource: true + + ## Labels to add to the operator pod + ## + podLabels: {} + + ## Assign a PriorityClassName to pods if set + # priorityClassName: "" + + ## Define Log Format + # Use logfmt (default) or json-formatted logging + # logFormat: logfmt + + ## Decrease log verbosity to errors only + # logLevel: error + + ## If true, the operator will create and maintain a service for scraping kubelets + ## ref: https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus-operator/README.md + ## + kubeletService: + enabled: false + namespace: kube-system + + ## Create a servicemonitor for the operator + ## + serviceMonitor: + selfMonitor: false + + ## Resource limits & requests + ## + resources: {} + # limits: + # cpu: 200m + # memory: 200Mi + # requests: + # cpu: 100m + # memory: 100Mi + + ## Define which Nodes the Pods are scheduled on. + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Tolerations for use with node taints + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + + ## Assign the prometheus operator to run on specific nodes + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + affinity: {} + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + + securityContext: + runAsNonRoot: true + runAsUser: 65534 + + ## Prometheus-operator image + ## + image: + repository: quay.io/coreos/prometheus-operator + tag: v0.29.0 + pullPolicy: IfNotPresent + + ## Configmap-reload image to use for reloading configmaps + ## + configmapReloadImage: + repository: quay.io/coreos/configmap-reload + tag: v0.0.1 + + ## Prometheus-config-reloader image to use for config and rule reloading + ## + prometheusConfigReloaderImage: + repository: quay.io/coreos/prometheus-config-reloader + tag: v0.29.0 + + ## Hyperkube image to use when cleaning up + ## + hyperkubeImage: + repository: k8s.gcr.io/hyperkube + tag: v1.12.1 + pullPolicy: IfNotPresent + +## Deploy a Prometheus instance +## +prometheus: + + enabled: true + + ## DAaaS: Bring up a default instance when Operator comes up + ## set startup as false to bring up only operator. + startup: false + + ## Service account for Prometheuses to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + create: true + name: "" + + ## Configuration for Prometheus service + ## + service: + annotations: {} + labels: {} + clusterIP: "" + + + ## To be used with a proxy extraContainer port + targetPort: 9090 + + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## +# nodePort: 39090 + + ## Loadbalancer IP + ## Only use if service.type is "loadbalancer" + loadBalancerIP: "" + loadBalancerSourceRanges: [] + ## Service type + ## + type: NodePort + + sessionAffinity: "" + + rbac: + ## Create role bindings in the specified namespaces, to allow Prometheus monitoring + ## a role binding in the release namespace will always be created. + ## + roleNamespaces: + - kube-system + + ## Configure pod disruption budgets for Prometheus + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget + ## This configuration is immutable once created and will require the PDB to be deleted to be changed + ## https://github.com/kubernetes/kubernetes/issues/45398 + ## + podDisruptionBudget: + enabled: false + minAvailable: 1 + maxUnavailable: "" + + ingress: + enabled: false + annotations: {} + labels: {} + + ## Hostnames. + ## Must be provided if Ingress is enabled. + ## + # hosts: + # - prometheus.domain.com + hosts: [] + + ## TLS configuration for Prometheus Ingress + ## Secret must be manually created in the namespace + ## + tls: [] + # - secretName: prometheus-general-tls + # hosts: + # - prometheus.example.com + + serviceMonitor: + selfMonitor: false + + ## Settings affecting prometheusSpec + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## + prometheusSpec: + + ## Interval between consecutive scrapes. + ## + scrapeInterval: "" + + ## Interval between consecutive evaluations. + ## + evaluationInterval: "" + + ## ListenLocal makes the Prometheus server listen on loopback, so that it does not bind against the Pod IP. + ## + listenLocal: false + + ## Image of Prometheus. + ## + image: + repository: quay.io/prometheus/prometheus + tag: v2.7.1 + + ## Tolerations for use with node taints + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + + ## Alertmanagers to which alerts will be sent + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#alertmanagerendpoints + ## + ## Default configuration will connect to the alertmanager deployed as part of this release + ## + alertingEndpoints: [] + # - name: "" + # namespace: "" + # port: http + # scheme: http + + ## External labels to add to any time series or alerts when communicating with external systems + ## + externalLabels: {} + + ## External URL at which Prometheus will be reachable. + ## + externalUrl: "" + + ## Define which Nodes the Pods are scheduled on. + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Secrets is a list of Secrets in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. + ## The Secrets are mounted into /etc/prometheus/secrets/. Secrets changes after initial creation of a Prometheus object are not + ## reflected in the running Pods. To change the secrets mounted into the Prometheus Pods, the object must be deleted and recreated + ## with the new list of secrets. + ## + secrets: [] + + ## ConfigMaps is a list of ConfigMaps in the same namespace as the Prometheus object, which shall be mounted into the Prometheus Pods. + ## The ConfigMaps are mounted into /etc/prometheus/configmaps/. + ## + configMaps: [] + + ## Namespaces to be selected for PrometheusRules discovery. + ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery. + ## See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + ruleNamespaceSelector: {} + + ## If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the + ## prometheus resource to be created with selectors based on values in the helm deployment, + ## which will also match the PrometheusRule resources created + ## + ruleSelectorNilUsesHelmValues: true + + ## PrometheusRules to be selected for target discovery. + ## If {}, select all ServiceMonitors + ## + ruleSelector: {} + ## Example which select all prometheusrules resources + ## with label "prometheus" with values any of "example-rules" or "example-rules-2" + # ruleSelector: + # matchExpressions: + # - key: prometheus + # operator: In + # values: + # - example-rules + # - example-rules-2 + # + ## Example which select all prometheusrules resources with label "role" set to "example-rules" + # ruleSelector: + # matchLabels: + # role: example-rules + + ## If true, a nil or {} value for prometheus.prometheusSpec.serviceMonitorSelector will cause the + ## prometheus resource to be created with selectors based on values in the helm deployment, + ## which will also match the servicemonitors created + ## + serviceMonitorSelectorNilUsesHelmValues: true + + ## ServiceMonitors to be selected for target discovery. + ## If {}, select all ServiceMonitors + ## + serviceMonitorSelector: {} + ## Example which selects ServiceMonitors with label "prometheus" set to "somelabel" + # serviceMonitorSelector: + # matchLabels: + # prometheus: somelabel + + ## Namespaces to be selected for ServiceMonitor discovery. + ## See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage + ## + serviceMonitorNamespaceSelector: {} + + ## How long to retain metrics + ## + retention: 10d + + ## If true, the Operator won't process any Prometheus configuration changes + ## + paused: false + + ## Number of Prometheus replicas desired + ## + replicas: 1 + + ## Log level for Prometheus be configured in + ## + logLevel: info + + ## Prefix used to register routes, overriding externalUrl route. + ## Useful for proxies that rewrite URLs. + ## + routePrefix: / + + ## Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#metadata + ## Metadata Labels and Annotations gets propagated to the prometheus pods. + ## + podMetadata: {} + # labels: + # app: prometheus + # k8s-app: prometheus + + ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node. + ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. + ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. + ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. + podAntiAffinity: "" + + ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. + ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone + ## + podAntiAffinityTopologyKey: kubernetes.io/hostname + + ## The remote_read spec configuration for Prometheus. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#remotereadspec + remoteRead: {} + # - url: http://remote1/read + + ## The remote_write spec configuration for Prometheus. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#remotewritespec + remoteWrite: {} + # remoteWrite: + # - url: http://remote1/push + + ## Resource limits & requests + ## + resources: {} + # requests: + # memory: 400Mi + + ## Prometheus StorageSpec for persistent data + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/storage.md + ## + storageSpec: {} + # volumeClaimTemplate: + # spec: + # storageClassName: gluster + # accessModes: ["ReadWriteOnce"] + # resources: + # requests: + # storage: 50Gi + # selector: {} + + ## AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations + ## are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form + ## as specified in the official Prometheus documentation: + ## https://prometheus.io/docs/prometheus/latest/configuration/configuration/#. As scrape configs are + ## appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility + ## to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible + ## scrape configs are going to break Prometheus after the upgrade. + ## + ## The scrape configuraiton example below will find master nodes, provided they have the name .*mst.*, relabel the + ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes + ## + additionalScrapeConfigs: [] + # - job_name: kube-etcd + # kubernetes_sd_configs: + # - role: node + # scheme: https + # tls_config: + # ca_file: /etc/prometheus/secrets/etcd-client-cert/etcd-ca + # cert_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client + # key_file: /etc/prometheus/secrets/etcd-client-cert/etcd-client-key + # relabel_configs: + # - action: labelmap + # regex: __meta_kubernetes_node_label_(.+) + # - source_labels: [__address__] + # action: replace + # target_label: __address__ + # regex: ([^:;]+):(\d+) + # replacement: ${1}:2379 + # - source_labels: [__meta_kubernetes_node_name] + # action: keep + # regex: .*mst.* + # - source_labels: [__meta_kubernetes_node_name] + # action: replace + # target_label: node + # regex: (.*) + # replacement: ${1} + # metric_relabel_configs: + # - regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone) + # action: labeldrop + + + ## AdditionalAlertManagerConfigs allows for manual configuration of alertmanager jobs in the form as specified + ## in the official Prometheus documentation https://prometheus.io/docs/prometheus/latest/configuration/configuration/#. + ## AlertManager configurations specified are appended to the configurations generated by the Prometheus Operator. + ## As AlertManager configs are appended, the user is responsible to make sure it is valid. Note that using this + ## feature may expose the possibility to break upgrades of Prometheus. It is advised to review Prometheus release + ## notes to ensure that no incompatible AlertManager configs are going to break Prometheus after the upgrade. + ## + additionalAlertManagerConfigs: [] + # - consul_sd_configs: + # - server: consul.dev.test:8500 + # scheme: http + # datacenter: dev + # tag_separator: ',' + # services: + # - metrics-prometheus-alertmanager + + ## AdditionalAlertRelabelConfigs allows specifying Prometheus alert relabel configurations. Alert relabel configurations specified are appended + ## to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the + ## official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. + ## As alert relabel configs are appended, the user is responsible to make sure it is valid. Note that using this feature may expose the + ## possibility to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible alert relabel + ## configs are going to break Prometheus after the upgrade. + ## + additionalAlertRelabelConfigs: [] + # - separator: ; + # regex: prometheus_replica + # replacement: $1 + # action: labeldrop + + ## SecurityContext holds pod-level security attributes and common container settings. + ## This defaults to non root user with uid 1000 and gid 2000. + ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md + ## + securityContext: + runAsNonRoot: true + runAsUser: 1000 + fsGroup: 2000 + + ## Priority class assigned to the Pods + ## + priorityClassName: "" + + ## Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. + ## This section is experimental, it may change significantly without deprecation notice in any release. + ## This is experimental and may change significantly without backward compatibility in any release. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#thanosspec + ## + thanos: {} + + ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod. + ## if using proxy extraContainer update targetPort with proxy container port + containers: [] + + ## Enable additional scrape configs that are managed externally to this chart. Note that the prometheus + ## will fail to provision if the correct secret does not exist. + ## + additionalScrapeConfigsExternal: false + + additionalServiceMonitors: [] + ## Name of the ServiceMonitor to create + ## + # - name: "" + + ## Additional labels to set used for the ServiceMonitorSelector. Together with standard labels from + ## the chart + ## + # additionalLabels: {} + + ## Service label for use in assembling a job name of the form