From c75736fa89fdf9337928718e515b2443b3cea406 Mon Sep 17 00:00:00 2001 From: Philipp Born Date: Thu, 29 Dec 2022 13:29:58 +0100 Subject: [PATCH] chore: overhaul chart This should greatly improve readability of the chart itself - moved the `Pod` spec for both the `Deployment` and `StatefulSet` into a common template in `_pod.yaml` - replace a bunch of `if $value; print $value`-type blocks with `with $value; print .` - replaced `command.set` in `values.yaml` with `command` directly - this was broken anyways, as the chart wrongly referenced `command.cmd` for both `Deployment` and `StatefulSet` - populated contrib/charts/dragonfly/ci/ folder for development/CI purposes Signed-off-by: Philipp Born --- contrib/charts/dragonfly/README.md | 35 +++++- .../charts/dragonfly/ci/affinity-values.yaml | 12 ++ .../ci/command_extraargs-values.yaml | 6 + .../dragonfly/ci/extravolumes-values.yaml | 8 ++ .../dragonfly/ci/initcontainer-values.yaml | 4 + .../dragonfly/ci/persistent-values.yaml | 3 + .../charts/dragonfly/ci/resources-values.yaml | 7 ++ .../dragonfly/ci/securitycontext-values.yaml | 5 + contrib/charts/dragonfly/ci/tls-values.yaml | 24 ++++ .../dragonfly/ci/tolerations-values.yaml | 3 + contrib/charts/dragonfly/templates/_pod.tpl | 104 ++++++++++++++++++ .../dragonfly/templates/deployment.yaml | 94 +--------------- .../dragonfly/templates/prometheusrule.yaml | 10 +- .../charts/dragonfly/templates/service.yaml | 7 ++ .../dragonfly/templates/serviceaccount.yaml | 4 +- .../dragonfly/templates/servicemonitor.yaml | 23 ++-- .../dragonfly/templates/statefulset.yaml | 97 +--------------- .../dragonfly/templates/tls-secret.yaml | 4 +- contrib/charts/dragonfly/values.yaml | 11 +- 19 files changed, 249 insertions(+), 212 deletions(-) create mode 100644 contrib/charts/dragonfly/ci/affinity-values.yaml create mode 100644 contrib/charts/dragonfly/ci/command_extraargs-values.yaml create mode 100644 contrib/charts/dragonfly/ci/extravolumes-values.yaml create mode 100644 contrib/charts/dragonfly/ci/initcontainer-values.yaml create mode 100644 contrib/charts/dragonfly/ci/persistent-values.yaml create mode 100644 contrib/charts/dragonfly/ci/resources-values.yaml create mode 100644 contrib/charts/dragonfly/ci/securitycontext-values.yaml create mode 100644 contrib/charts/dragonfly/ci/tls-values.yaml create mode 100644 contrib/charts/dragonfly/ci/tolerations-values.yaml create mode 100644 contrib/charts/dragonfly/templates/_pod.tpl diff --git a/contrib/charts/dragonfly/README.md b/contrib/charts/dragonfly/README.md index 1396b98f5b45..77db9ac5f68f 100644 --- a/contrib/charts/dragonfly/README.md +++ b/contrib/charts/dragonfly/README.md @@ -1,34 +1,60 @@ # dragonfly -![Version: 0.12.0](https://img.shields.io/badge/Version-0.12.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.12.0](https://img.shields.io/badge/AppVersion-v0.12.0-informational?style=flat-square) +![Version: v0.12.0](https://img.shields.io/badge/Version-v0.12.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.12.0](https://img.shields.io/badge/AppVersion-v0.12.0-informational?style=flat-square) Dragonfly is a modern in-memory datastore, fully compatible with Redis and Memcached APIs. +**Homepage:** + +## Source Code + +* + +## Requirements + +Kubernetes: `>=1.23.0-0` + ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | Affinity for pod assignment | -| command.set | list | `[]` | Allow overriding the container's command | +| command | list | `[]` | Allow overriding the container's command | | extraArgs | list | `[]` | Extra arguments to pass to the dragonfly binary | | extraVolumeMounts | list | `[]` | Extra volume mounts corresponding to the volumes mounted above | | extraVolumes | list | `[]` | Extra volumes to mount into the pods | | fullnameOverride | string | `""` | String to fully override dragonfly.fullname | | image.pullPolicy | string | `"IfNotPresent"` | Dragonfly image pull policy | | image.repository | string | `"docker.dragonflydb.io/dragonflydb/dragonfly"` | Container Image Registry to pull the image from | -| image.tag | string | `"latest"` | Overrides the image tag whose default is the chart appVersion. | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | Container Registry Secret names in an array | | initContainers | list | `[]` | A list of initContainers to run before each pod starts | | nameOverride | string | `""` | String to partially override dragonfly.fullname | | nodeSelector | object | `{}` | Node labels for pod assignment | | podAnnotations | object | `{}` | Annotations for pods | | podSecurityContext | object | `{}` | Set securityContext for pod itself | +| probes.livenessProbe.exec.command[0] | string | `"/bin/sh"` | | +| probes.livenessProbe.exec.command[1] | string | `"/usr/local/bin/healthcheck.sh"` | | +| probes.livenessProbe.failureThreshold | int | `3` | | +| probes.livenessProbe.initialDelaySeconds | int | `10` | | +| probes.livenessProbe.periodSeconds | int | `10` | | +| probes.livenessProbe.successThreshold | int | `1` | | +| probes.livenessProbe.timeoutSeconds | int | `5` | | +| probes.readinessProbe.exec.command[0] | string | `"/bin/sh"` | | +| probes.readinessProbe.exec.command[1] | string | `"/usr/local/bin/healthcheck.sh"` | | +| probes.readinessProbe.failureThreshold | int | `3` | | +| probes.readinessProbe.initialDelaySeconds | int | `10` | | +| probes.readinessProbe.periodSeconds | int | `10` | | +| probes.readinessProbe.successThreshold | int | `1` | | +| probes.readinessProbe.timeoutSeconds | int | `5` | | | prometheusRule.enabled | bool | `false` | Deploy a PrometheusRule | | prometheusRule.spec | list | `[]` | PrometheusRule.Spec https://awesome-prometheus-alerts.grep.to/rules | | replicaCount | int | `1` | Number of replicas to deploy | | resources.limits | object | `{}` | The resource limits for the containers | | resources.requests | object | `{}` | The requested resources for the containers | | securityContext | object | `{}` | Set securityContext for containers | +| service.annotations | object | `{}` | Extra annotations for the service | +| service.lablels | object | `{}` | Extra labels for the service | | service.metrics.portName | string | `"metrics"` | name for the metrics port | | service.metrics.serviceType | string | `"ClusterIP"` | serviceType for the metrics service | | service.port | int | `6379` | Dragonfly service port | @@ -36,6 +62,7 @@ Dragonfly is a modern in-memory datastore, fully compatible with Redis and Memca | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| serviceMonitor.annotations | object | `{}` | additional annotations to apply to the metrics | | serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator | | serviceMonitor.interval | string | `"10s"` | scrape interval | | serviceMonitor.labels | object | `{}` | additional labels to apply to the metrics | @@ -51,4 +78,4 @@ Dragonfly is a modern in-memory datastore, fully compatible with Redis and Memca | tolerations | list | `[]` | Tolerations for pod assignment | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0) +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/contrib/charts/dragonfly/ci/affinity-values.yaml b/contrib/charts/dragonfly/ci/affinity-values.yaml new file mode 100644 index 000000000000..2e8bf87635cc --- /dev/null +++ b/contrib/charts/dragonfly/ci/affinity-values.yaml @@ -0,0 +1,12 @@ +affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - dragonfly + topologyKey: kubernetes.io/hostname + weight: 100 diff --git a/contrib/charts/dragonfly/ci/command_extraargs-values.yaml b/contrib/charts/dragonfly/ci/command_extraargs-values.yaml new file mode 100644 index 000000000000..d5fd401b7720 --- /dev/null +++ b/contrib/charts/dragonfly/ci/command_extraargs-values.yaml @@ -0,0 +1,6 @@ +command: + - /usr/local/bin/dragonfly + - --logtostderr + +extraArgs: + - --cache_mode=true diff --git a/contrib/charts/dragonfly/ci/extravolumes-values.yaml b/contrib/charts/dragonfly/ci/extravolumes-values.yaml new file mode 100644 index 000000000000..12fa02f3ad11 --- /dev/null +++ b/contrib/charts/dragonfly/ci/extravolumes-values.yaml @@ -0,0 +1,8 @@ +extraVolumes: + - name: tmp + emptyDir: + sizeLimit: 500Mi + +extraVolumeMounts: + - mountPath: /tmp + name: tmp diff --git a/contrib/charts/dragonfly/ci/initcontainer-values.yaml b/contrib/charts/dragonfly/ci/initcontainer-values.yaml new file mode 100644 index 000000000000..14437d45df25 --- /dev/null +++ b/contrib/charts/dragonfly/ci/initcontainer-values.yaml @@ -0,0 +1,4 @@ +initContainers: + - name: busybox + image: busybox:1.28 + command: ['sh', '-c', 'sleep 1'] diff --git a/contrib/charts/dragonfly/ci/persistent-values.yaml b/contrib/charts/dragonfly/ci/persistent-values.yaml new file mode 100644 index 000000000000..7a5e3c3b276a --- /dev/null +++ b/contrib/charts/dragonfly/ci/persistent-values.yaml @@ -0,0 +1,3 @@ +storage: + enabled: true + requests: 128Mi diff --git a/contrib/charts/dragonfly/ci/resources-values.yaml b/contrib/charts/dragonfly/ci/resources-values.yaml new file mode 100644 index 000000000000..853111d57e87 --- /dev/null +++ b/contrib/charts/dragonfly/ci/resources-values.yaml @@ -0,0 +1,7 @@ +resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 100m + memory: 128Mi diff --git a/contrib/charts/dragonfly/ci/securitycontext-values.yaml b/contrib/charts/dragonfly/ci/securitycontext-values.yaml new file mode 100644 index 000000000000..40e555c3e6c3 --- /dev/null +++ b/contrib/charts/dragonfly/ci/securitycontext-values.yaml @@ -0,0 +1,5 @@ +podSecurityContext: + allowPrivilegeEscalation: false + +securityContext: + readOnlyRootFilesystem: true diff --git a/contrib/charts/dragonfly/ci/tls-values.yaml b/contrib/charts/dragonfly/ci/tls-values.yaml new file mode 100644 index 000000000000..b14a781af5ad --- /dev/null +++ b/contrib/charts/dragonfly/ci/tls-values.yaml @@ -0,0 +1,24 @@ +tls: + enabled: true + existing_secret: "" + cert: | + -----BEGIN CERTIFICATE----- + MIIB8zCCAZqgAwIBAgIEbb2Z2jAKBggqhkjOPQQDAzBZMQswCQYDVQQGEwJGTzEg + MB4GA1UEAwwXZHJhZ29uZmx5LmRyYWdvbmZseS5zdmMxDDAKBgNVBAgMA2ZvbzEM + MAoGA1UEBwwDZm9vMQwwCgYDVQQKDANmb28wHhcNMjIxMjI5MTIwMzI3WhcNMzIx + MjI2MTIwMzI3WjBZMQswCQYDVQQGEwJGTzEgMB4GA1UEAwwXZHJhZ29uZmx5LmRy + YWdvbmZseS5zdmMxDDAKBgNVBAgMA2ZvbzEMMAoGA1UEBwwDZm9vMQwwCgYDVQQK + DANmb28wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWNfTuNjhPEi7h1ciCS0It + fKgiBhxLGlF3MtjlFTjCrzkynSSABoMtNljcDE0hm/izbRUogAcDFcvknvChzxaq + o1AwTjAdBgNVHQ4EFgQUSN6FbsJZ2EUfX3beCh5cEo6cktQwHwYDVR0jBBgwFoAU + SN6FbsJZ2EUfX3beCh5cEo6cktQwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAwNH + ADBEAiB6tG5xzyj4iT/e0wpCMRHOvlQKQexByhyNPAhro9ZCRgIgaDcd9vM8rCbb + JPRyzm0iN9OWM/A24nmm3itn3I4rcD0= + -----END CERTIFICATE----- + + key: | + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEINh6eMDrBlAiT68T8ovzGn6JZbJevUefYkIIYNWww55yoAoGCCqGSM49 + AwEHoUQDQgAEFjX07jY4TxIu4dXIgktCLXyoIgYcSxpRdzLY5RU4wq85Mp0kgAaD + LTZY3AxNIZv4s20VKIAHAxXL5J7woc8Wqg== + -----END EC PRIVATE KEY----- diff --git a/contrib/charts/dragonfly/ci/tolerations-values.yaml b/contrib/charts/dragonfly/ci/tolerations-values.yaml new file mode 100644 index 000000000000..030fb87876f5 --- /dev/null +++ b/contrib/charts/dragonfly/ci/tolerations-values.yaml @@ -0,0 +1,3 @@ +tolerations: + - effect: NoSchedule + operator: Exists diff --git a/contrib/charts/dragonfly/templates/_pod.tpl b/contrib/charts/dragonfly/templates/_pod.tpl new file mode 100644 index 000000000000..fc150b6dc291 --- /dev/null +++ b/contrib/charts/dragonfly/templates/_pod.tpl @@ -0,0 +1,104 @@ +{{- define "dragonfly.volumemounts" -}} +{{- if or (.Values.storage.enabled) (.Values.extraVolumeMounts) (.Values.tls.enabled) }} +volumeMounts: + {{- if .Values.storage.enabled }} + - mountPath: /data + name: "{{ .Release.Name }}-data" + {{- end }} + {{- if and .Values.tls .Values.tls.enabled }} + - mountPath: /etc/dragonfly/tls + name: tls + {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 2 }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "dragonfly.pod" -}} +serviceAccountName: {{ include "dragonfly.serviceAccountName" . }} +{{- with .Values.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.podSecurityContext }} +securityContext: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- with .Values.initContainers }} +initContainers: + {{- toYaml . | nindent 2 }} + {{- with $.Values.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- include "dragonfly.volumemounts" $ | nindent 4 }} +{{- end }} +containers: + - name: {{ .Chart.Name }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 6 }} + {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: dragonfly + containerPort: 6379 + protocol: TCP + {{- with .Values.probes }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.command }} + command: + {{- toYaml . | nindent 6 }} + {{- end }} + args: + - "--alsologtostderr" + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if .Values.tls.enabled }} + - "--tls" + - "--tls_cert_file=/etc/dragonfly/tls/tls.crt" + - "--tls_key_file=/etc/dragonfly/tls/tls.key" + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- include "dragonfly.volumemounts" . | nindent 4 }} + +{{- with .Values.nodeSelector }} +nodeSelector: + {{- toYaml . | nindent 2 }} +{{- end }} + +{{- with .Values.affinity }} +affinity: + {{- toYaml . | nindent 2 }} +{{- end }} + +{{- with .Values.tolerations }} +tolerations: + {{- toYaml . | nindent 2 }} +{{- end }} + +{{- if or (.Values.tls.enabled) (.Values.extraVolumes) }} +volumes: +{{- if and .Values.tls .Values.tls.enabled }} + {{- if .Values.tls.existing_secret }} + - name: tls + secret: + secretName: {{ .Values.tls.existing_secret }} + {{- else }} + - name: tls + secret: + secretName: {{ include "dragonfly.fullname" . }}-tls + {{- end }} +{{- end }} +{{- with .Values.extraVolumes }} + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/contrib/charts/dragonfly/templates/deployment.yaml b/contrib/charts/dragonfly/templates/deployment.yaml index ba6b33a69578..adc0e35dc5e6 100644 --- a/contrib/charts/dragonfly/templates/deployment.yaml +++ b/contrib/charts/dragonfly/templates/deployment.yaml @@ -13,98 +13,14 @@ spec: template: metadata: annotations: -{{- if .Values.tls.enabled }} -{{- if not .Values.tls.existing_secret }} + {{- if and (.Values.tls.enabled) (not .Values.tls.existing_secret) }} checksum/tls-secret: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }} -{{- end }} -{{- end }} - {{- with .Values.podAnnotations }} + {{- end }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} labels: {{- include "dragonfly.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "dragonfly.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} -{{- if .Values.initContainers }} - initContainers: {{- toYaml .Values.initContainers | nindent 6 }} - {{- if .Values.resources }} - resources: - {{- toYaml .Values.resources | nindent 10 }} - {{- end }} - {{- if .Values.extraVolumeMounts }} - volumeMounts: - {{- toYaml .Values.extraVolumeMounts | nindent 10 }} - {{- end }} -{{- end }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: dragonfly - containerPort: 6379 - protocol: TCP - {{- with .Values.probes }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- if .Values.command.cmd }} - command: - {{ toYaml .Values.command.cmd | nindent 12 }} - {{- end }} - args: - - "--alsologtostderr" - {{- if .Values.extraArgs }} - {{- toYaml .Values.extraArgs | nindent 12 }} - {{- end }} -{{- if .Values.tls.enabled }} - - "--tls" - - "--tls_cert_file=/etc/dragonfly/tls/tls.crt" - - "--tls_key_file=/etc/dragonfly/tls/tls.key" -{{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - {{- if .Values.tls.enabled }} - - mountPath: /etc/dragonfly/tls - name: tls - {{- end }} -{{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} -{{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: -{{- if .Values.tls.enabled }} - {{- if .Values.tls.existing_secret }} - - name: tls - secret: - secretName: {{ .Values.tls.existing_secret }} - {{- else }} - - name: tls - secret: - secretName: {{ include "dragonfly.fullname" . }}-tls - {{- end }} -{{- end }} -{{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 8 }} -{{- end }} - + {{- include "dragonfly.pod" . | nindent 6 }} {{- end }} diff --git a/contrib/charts/dragonfly/templates/prometheusrule.yaml b/contrib/charts/dragonfly/templates/prometheusrule.yaml index 29323cd32dff..cca354798511 100644 --- a/contrib/charts/dragonfly/templates/prometheusrule.yaml +++ b/contrib/charts/dragonfly/templates/prometheusrule.yaml @@ -5,16 +5,10 @@ metadata: name: {{ template "dragonfly.fullname" . }}-metrics namespace: {{ .Release.Namespace }} labels: - chart: {{ template "dragonfly.chart" . }} - app: {{ template "dragonfly.name" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - {{- if .Values.serviceMonitor.labels }} - {{- toYaml .Values.serviceMonitor.labels | nindent 4 }} - {{- end }} + {{- include "dragonfly.labels" . | nindent 4 }} spec: groups: - name: {{ template "dragonfly.name" . }} rules: -{{- toYaml .Values.prometheusRule.spec | nindent 4 }} + {{- toYaml .Values.prometheusRule.spec | nindent 4 }} {{- end }} diff --git a/contrib/charts/dragonfly/templates/service.yaml b/contrib/charts/dragonfly/templates/service.yaml index c555d3374d9a..79d530fb1e1f 100644 --- a/contrib/charts/dragonfly/templates/service.yaml +++ b/contrib/charts/dragonfly/templates/service.yaml @@ -2,7 +2,14 @@ apiVersion: v1 kind: Service metadata: name: {{ include "dragonfly.fullname" . }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} labels: + {{- with .Values.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- include "dragonfly.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} diff --git a/contrib/charts/dragonfly/templates/serviceaccount.yaml b/contrib/charts/dragonfly/templates/serviceaccount.yaml index deef7e3b7c8c..9b8bbc603515 100644 --- a/contrib/charts/dragonfly/templates/serviceaccount.yaml +++ b/contrib/charts/dragonfly/templates/serviceaccount.yaml @@ -3,10 +3,10 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "dragonfly.serviceAccountName" . }} - labels: - {{- include "dragonfly.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} + labels: + {{- include "dragonfly.labels" . | nindent 4 }} {{- end }} diff --git a/contrib/charts/dragonfly/templates/servicemonitor.yaml b/contrib/charts/dragonfly/templates/servicemonitor.yaml index 214b5e70ce87..db6faa05182a 100644 --- a/contrib/charts/dragonfly/templates/servicemonitor.yaml +++ b/contrib/charts/dragonfly/templates/servicemonitor.yaml @@ -3,29 +3,30 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "dragonfly.fullname" . }}-metrics - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} + {{- with .Values.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + {{- with .Values.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} {{- end }} labels: - chart: {{ template "dragonfly.chart" . }} - app: {{ template "dragonfly.name" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - {{- if .Values.serviceMonitor.labels }} - {{- toYaml .Values.serviceMonitor.labels | nindent 4 }} + {{- with .Values.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} {{- end }} + {{- include "dragonfly.labels" . | nindent 4 }} spec: endpoints: - interval: {{ .Values.serviceMonitor.interval }} - {{- if .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + {{- with .Values.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ . }} {{- end }} honorLabels: true port: {{ default "metrics" .Values.service.metrics.portName }} path: /metrics {{- if .Values.tls.enabled }} scheme: https - tls: + tlsConfig: insecureSkipVerify: true {{- else }} scheme: http diff --git a/contrib/charts/dragonfly/templates/statefulset.yaml b/contrib/charts/dragonfly/templates/statefulset.yaml index d5e59cd77632..847c54df0b86 100644 --- a/contrib/charts/dragonfly/templates/statefulset.yaml +++ b/contrib/charts/dragonfly/templates/statefulset.yaml @@ -14,103 +14,16 @@ spec: template: metadata: annotations: -{{- if .Values.tls.enabled }} -{{- if not .Values.tls.existing_secret }} + {{- if and (.Values.tls.enabled) (not .Values.tls.existing_secret) }} checksum/tls-secret: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }} -{{- end }} -{{- end }} - {{- with .Values.podAnnotations }} + {{- end }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} labels: {{- include "dragonfly.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "dragonfly.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} -{{- if .Values.initContainers }} - initContainers: {{- toYaml .Values.initContainers | nindent 6 }} - {{- if .Values.resources }} - resources: - {{- toYaml .Values.resources | nindent 10 }} - {{- end }} - volumeMounts: - - mountPath: /data - name: "{{ .Release.Name }}-data" - {{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 10 }} - {{- end }} -{{- end }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: dragonfly - containerPort: 6379 - protocol: TCP - {{- with .Values.probes }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- if .Values.command.cmd }} - command: - {{ toYaml .Values.command.cmd | nindent 12 }} - {{- end }} - args: - - "--alsologtostderr" - {{- if .Values.extraArgs }} - {{- toYaml .Values.extraArgs | nindent 12 }} - {{- end }} -{{- if .Values.tls.enabled }} - - "--tls" - - "--tls_cert_file=/etc/dragonfly/tls/tls.crt" - - "--tls_key_file=/etc/dragonfly/tls/tls.key" -{{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - mountPath: /data - name: "{{ .Release.Name }}-data" -{{- if .Values.tls.enabled }} - - mountPath: /etc/dragonfly/tls - name: tls -{{- end }} -{{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} -{{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: -{{- if .Values.tls.enabled }} - {{- if .Values.tls.existing_secret }} - - name: tls - secret: - secretName: {{ .Values.tls.existing_secret }} - {{- else }} - - name: tls - secret: - secretName: {{ include "dragonfly.fullname" . }}-tls - {{- end }} -{{- end }} -{{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 8 }} -{{- end }} + {{- include "dragonfly.pod" . | nindent 6 }} volumeClaimTemplates: - metadata: name: "{{ .Release.Name }}-data" diff --git a/contrib/charts/dragonfly/templates/tls-secret.yaml b/contrib/charts/dragonfly/templates/tls-secret.yaml index 8a967edf1a7d..c4c59e9cc05d 100644 --- a/contrib/charts/dragonfly/templates/tls-secret.yaml +++ b/contrib/charts/dragonfly/templates/tls-secret.yaml @@ -1,5 +1,4 @@ -{{- if and .Values.tls.enabled .Values.tls.cert .Values.tls.key }} -{{- if not .Values.tls.existing_secret }} +{{- if and (.Values.tls.enabled) (.Values.tls.cert) (.Values.tls.key) (not .Values.tls.existing_secret) }} apiVersion: v1 kind: Secret metadata: @@ -11,4 +10,3 @@ data: tls.crt: {{ default "" .Values.tls.cert | b64enc | quote }} tls.key: {{ default "" .Values.tls.key | b64enc | quote }} {{- end }} -{{- end }} diff --git a/contrib/charts/dragonfly/values.yaml b/contrib/charts/dragonfly/values.yaml index db675bbce473..3e71856188c2 100644 --- a/contrib/charts/dragonfly/values.yaml +++ b/contrib/charts/dragonfly/values.yaml @@ -52,6 +52,10 @@ service: type: ClusterIP # -- Dragonfly service port port: 6379 + # -- Extra annotations for the service + annotations: {} + # -- Extra labels for the service + lablels: {} metrics: # -- name for the metrics port portName: metrics @@ -65,6 +69,8 @@ serviceMonitor: namespace: "" # -- additional labels to apply to the metrics labels: {} + # -- additional annotations to apply to the metrics + annotations: {} # -- scrape interval interval: 10s # -- scrape timeout @@ -130,9 +136,8 @@ probes: failureThreshold: 3 successThreshold: 1 -command: - # -- Allow overriding the container's command - set: [] +# -- Allow overriding the container's command +command: [] # -- Extra arguments to pass to the dragonfly binary extraArgs: []