From 50aafc5ef50a1280c9e85d12be3d24104258ae95 Mon Sep 17 00:00:00 2001 From: Dominic Lunanuova Date: Fri, 30 Mar 2018 02:29:23 +0000 Subject: Initial chart for dmaap - 2nd attempt This should conform to new OOM standard helm structure. It starts a directory called dmaap which will hold all dmaap components. But for now it only has buscontroller. Once we get this working, we can add message-router. (see DMAAP-386) Patch 2 gets private postgresql working. I'd prefer to integreate with common postgresql from Tony in a future commit to avoid any immediate delivery timing dependency. Patch 3 corrects some port mapping from service to pod. Change-Id: Id9838d7ddb2ccccfc8b0e3f3b9e50f9b5672c484 Signed-off-by: Dominic Lunanuova Issue-ID: DMAAP-117 Signed-off-by: Dominic Lunanuova --- .../dmaap/charts/postgresql/templates/Notes.txt | 35 ++++++ .../dmaap/charts/postgresql/templates/_helpers.tpl | 36 ++++++ .../charts/postgresql/templates/deployment.yaml | 128 +++++++++++++++++++++ .../charts/postgresql/templates/networkpolicy.yaml | 28 +++++ .../dmaap/charts/postgresql/templates/pvc.yaml | 28 +++++ .../dmaap/charts/postgresql/templates/secrets.yaml | 19 +++ .../dmaap/charts/postgresql/templates/svc.yaml | 30 +++++ 7 files changed, 304 insertions(+) create mode 100644 kubernetes/dmaap/charts/postgresql/templates/Notes.txt create mode 100644 kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl create mode 100644 kubernetes/dmaap/charts/postgresql/templates/deployment.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/pvc.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/secrets.yaml create mode 100644 kubernetes/dmaap/charts/postgresql/templates/svc.yaml (limited to 'kubernetes/dmaap/charts/postgresql/templates') diff --git a/kubernetes/dmaap/charts/postgresql/templates/Notes.txt b/kubernetes/dmaap/charts/postgresql/templates/Notes.txt new file mode 100644 index 0000000000..9b49bb2982 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/Notes.txt @@ -0,0 +1,35 @@ +# PostgreSQL can be accessed via port 5432 on the following DNS name from within your cluster: +# {{ template "postgresql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local +# +# To get your user password run: +# +# PGPASSWORD=$(kubectl get secret --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }} -o jsonpath="{.data.postgres-password}" | base64 --decode; echo) +# +# To connect to your database run the following command (using the env variable from above): +# +# kubectl run --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }}-client --restart=Never --rm --tty -i --image postgres \ +# --env "PGPASSWORD=$PGPASSWORD" \{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +# --labels="{{ template "postgresql.fullname" . }}-client=true" \{{- end }} +# --command -- psql -U {{ default "postgres" .Values.postgresUser }} \ +# -h {{ template "postgresql.fullname" . }} {{ default "postgres" .Values.postgresDatabase }} +# +# {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +# Note: Since NetworkPolicy is enabled, only pods with label +# {{ template "postgresql.fullname" . }}-client=true" +# will be able to connect to this PostgreSQL cluster. +# {{- end }} +# +# To connect to your database directly from outside the K8s cluster: +# {{- if contains "NodePort" .Values.service.type }} +# PGHOST=$(kubectl get nodes --namespace {{ .Values.global.nsPrefix }} -o jsonpath='{.items[0].status.addresses[0].address}') +# PGPORT=$(kubectl get svc --namespace {{ .Values.global.nsPrefix }} {{ template "postgresql.fullname" . }} -o jsonpath='{.spec.ports[0].nodePort}') +# +# {{- else if contains "ClusterIP" .Values.service.type }} +# PGHOST=127.0.0.1 +# PGPORT={{ default "5432" .Values.service.port }} +# +# # Execute the following commands to route the connection: +# export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.nsPrefix }} -l "app={{ template "postgresql.fullname" . }}" -o jsonpath="{.items[0].metadata.name}") +# kubectl port-forward --namespace {{ .Values.global.nsPrefix }} $POD_NAME {{ default "5432" .Values.service.port }}:{{ default "5432" .Values.service.port }} +# +# {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl b/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl new file mode 100644 index 0000000000..b2d3d523a9 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/_helpers.tpl @@ -0,0 +1,36 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "postgresql.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "postgresql.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "postgresql.networkPolicy.apiVersion" -}} +{{- if and (ge .Capabilities.KubeVersion.Minor "4") (le .Capabilities.KubeVersion.Minor "6") -}} +"extensions/v1beta1" +{{- else if ge .Capabilities.KubeVersion.Minor "7" -}} +"networking.k8s.io/v1" +{{- end -}} +{{- end -}} diff --git a/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml b/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml new file mode 100644 index 0000000000..57acfbda9b --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/deployment.yaml @@ -0,0 +1,128 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "postgresql.fullname" . }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + template: + metadata: + labels: + app: {{ template "postgresql.fullname" . }} + spec: + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 8 }} + {{- end }} + {{- if .Values.schedulerName }} + schedulerName: "{{ .Values.schedulerName }}" + {{- end }} + containers: + - name: {{ template "postgresql.fullname" . }} + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: {{ default "" .Values.imagePullPolicy | quote }} + args: + {{- range $key, $value := default dict .Values.postgresConfig }} + - -c + - '{{ $key | snakecase }}={{ $value }}' + {{- end }} + env: + - name: POSTGRES_USER + value: {{ default "postgres" .Values.global.postgresUser | quote }} + # Required for pg_isready in the health probes. + - name: PGUSER + value: {{ default "postgres" .Values.global.postgresUser | quote }} + - name: POSTGRES_DB + value: {{ default "" .Values.global.postgresDatabase | quote }} + - name: POSTGRES_INITDB_ARGS + value: {{ default "" .Values.postgresInitdbArgs | quote }} + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_PASSWORD + value: {{ default "postgres" .Values.global.postgresPassword | quote }} +# original code: +# valueFrom: +# secretKeyRef: +# name: {{ template "postgresql.fullname" . }} +# key: postgres-password + - name: POD_IP + valueFrom: { fieldRef: { fieldPath: status.podIP } } + ports: + - name: postgresql + containerPort: 5432 + livenessProbe: + exec: + command: + - sh + - -c + - exec pg_isready --host $POD_IP + initialDelaySeconds: 120 + timeoutSeconds: 5 + failureThreshold: 6 + readinessProbe: + exec: + command: + - sh + - -c + - exec pg_isready --host $POD_IP + initialDelaySeconds: 5 + timeoutSeconds: 3 + periodSeconds: 5 + resources: +{{ toYaml .Values.resources | indent 10 }} + volumeMounts: + - name: data + mountPath: {{ .Values.persistence.mountPath }} + subPath: {{ .Values.persistence.subPath }} +{{- if .Values.metrics.enabled }} + - name: metrics + image: "{{ .Values.metrics.image }}:{{ .Values.metrics.imageTag }}" + imagePullPolicy: {{ default "" .Values.metrics.imagePullPolicy | quote }} + env: + - name: DATA_SOURCE_NAME + value: postgresql://postgres@127.0.0.1:5432?sslmode=disable + ports: + - name: metrics + containerPort: 9187 + {{- if .Values.metrics.customMetrics }} + args: ["-extend.query-path", "/conf/custom-metrics.yaml"] + volumeMounts: + - name: custom-metrics + mountPath: /conf + readOnly: true + {{- end }} + resources: +{{ toYaml .Values.metrics.resources | indent 10 }} +{{- end }} + volumes: + - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "postgresql.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} + - name: custom-metrics + secret: + secretName: {{ template "postgresql.fullname" . }} + items: + - key: custom-metrics.yaml + path: custom-metrics.yaml + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.imagePullSecrets }} + {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml b/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml new file mode 100644 index 0000000000..92f3b71b15 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "postgresql.networkPolicy.apiVersion" . }} +metadata: + name: "{{ template "postgresql.fullname" . }}" + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + podSelector: + matchLabels: + app: "{{ template "postgresql.fullname" . }}" + ingress: + # Allow inbound connections + - ports: + - port: 5432 + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "postgresql.fullname" . }}-client: "true" + {{- end }} + # Allow prometheus scrapes + - ports: + - port: 9187 +{{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml b/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml new file mode 100644 index 0000000000..f1d38dfb14 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/pvc.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml b/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml new file mode 100644 index 0000000000..6dd4c7da55 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/secrets.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "postgresql.fullname" . }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +type: Opaque +data: + {{ if .Values.postgresPassword }} + postgres-password: {{ .Values.postgresPassword | b64enc | quote }} + {{ else }} + postgres-password: {{ randAlphaNum 10 | b64enc | quote }} + {{ end }} + {{- if .Values.metrics.customMetrics }} + custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | b64enc | quote }} + {{- end }} diff --git a/kubernetes/dmaap/charts/postgresql/templates/svc.yaml b/kubernetes/dmaap/charts/postgresql/templates/svc.yaml new file mode 100644 index 0000000000..f6373c8368 --- /dev/null +++ b/kubernetes/dmaap/charts/postgresql/templates/svc.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: Service +metadata: + name: dmaap-prov-{{ template "postgresql.name" . }} + namespace: {{ .Values.global.nsPrefix }} + labels: + app: {{ template "postgresql.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.metrics.enabled }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9187" +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - name: postgresql + port: {{ .Values.service.port }} + targetPort: postgresql + {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + selector: + app: {{ template "postgresql.fullname" . }} -- cgit 1.2.3-korg