mirror of
https://github.com/bitnami/charts.git
synced 2026-03-05 06:47:25 +08:00
[bitnami/opensearch] Add Opensearch chart (#17509)
* Revert elastic README.md Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Helm dependency build Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Add released tags Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove exporter metrics Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove unused helpers Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update probes Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Add dashboards test (tcp) Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Add service target port Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Remove tlsSecretNames unused references Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Refactor opensearch.service.name Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Remove http-os value Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Remove unused values Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove dashboards.extraRoles Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove unused values Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * fix ingest.containerPorts.restAPI Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * chore(opensearch): PR comments Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * chore(opensearch): typo Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * chore(opensearch): typo Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * fix(opensearch): delete ingest specific containerPorts Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * fix(opensearch): imagePullPolicy on sysctl initContainers Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * feat(opensearch): add VPA's Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * feat(opensearch): add capabilities.drop on containerSecurityContexts Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * chore(opensearch): delegate sysctl redundant initContainer to a helper Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * fix(opensearch): disable serviceAccounts automounts Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana] Release 9.0.1 (#17505) * [bitnami/grafana] Release 9.0.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-mimir] Fix helm error when gateway.auth.existingSecret is set (#17469) Signed-off-by: Zac Stevenson <zstevenson@payments.ca> * [bitnami/charts] Fix permissions in license-headers workflow (#17464) Signed-off-by: Fran Mulero <fmulero@vmware.com> * [bitnami/apache] Release 9.6.4 (#17508) * [bitnami/apache] Release 9.6.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mastodon] Release 1.5.5 (#17510) * [bitnami/mastodon] Release 1.5.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/argo-cd] Release 4.7.14 (#17511) * [bitnami/argo-cd] Release 4.7.14 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/wordpress] Release 16.1.25 (#17512) * [bitnami/wordpress] Release 16.1.25 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/whereabouts] Release 0.4.2 (#17514) * [bitnami/whereabouts] Release 0.4.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/matomo] Release 1.1.6 (#17516) * [bitnami/matomo] Release 1.1.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mariadb] Release 12.2.7 (#17518) * [bitnami/mariadb] Release 12.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-operator] Release 3.0.0 (#17152) * [bitnami/grafana-operator] Release 3.0.0 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update to grafana-operator 5 Signed-off-by: mauraza <gibone@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update names of clusterrole and role Signed-off-by: mauraza <gibone@vmware.com> * Grafana update yaml Signed-off-by: mauraza <gibone@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Grafana update yaml and endpoint Signed-off-by: mauraza <gibone@vmware.com> * Update bitnami/grafana-operator/values.yaml Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> * Update bitnami/grafana-operator/values.yaml Co-authored-by: Fran de Paz Galán <fdepaz@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> * Update bitnami/grafana-operator/templates/deployment.yaml Co-authored-by: Fran de Paz Galán <fdepaz@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update bitnami/grafana-operator/values.yaml Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> * Update README.md and remove unnecessary variables Signed-off-by: mauraza <gibone@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Remove pluginsInitContainerImage Signed-off-by: mauraza <gibone@vmware.com> * Review changes Signed-off-by: mauraza <gibone@vmware.com> * Update bitnami/grafana-operator/README.md Co-authored-by: Fran de Paz Galán <fdepaz@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: mauraza <gibone@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> Co-authored-by: mauraza <gibone@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Fran de Paz Galán <fdepaz@vmware.com> * [bitnami/magento] Update chown of the deployment (#17418) * [bitnami/magento] Update chown of the deployment Signed-off-by: mauraza <gibone@vmware.com> * Increase timeouts Signed-off-by: mauraza <gibone@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update uncaught:exception Signed-off-by: mauraza <gibone@vmware.com> * Change hostname vmware-magento.my to magento.my Signed-off-by: mauraza <gibone@vmware.com> * little change of review changes Signed-off-by: mauraza <gibone@vmware.com> --------- Signed-off-by: mauraza <gibone@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/magento] Release 22.1.3 (#17231) * [bitnami/magento] Release 22.1.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * bumps the version of the chart Signed-off-by: mauraza <gibone@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: mauraza <gibone@vmware.com> Co-authored-by: mauraza <gibone@vmware.com> * [bitnami/mxnet] Release 3.3.5 (#17519) * [bitnami/mxnet] Release 3.3.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/postgresql] Fix postgres random password generation (#17502) Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * [bitnami/minio] Release 12.6.6 (#17523) * [bitnami/minio] Release 12.6.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/milvus] feat: 🎉 Add chart (#17425) * [bitnami/milvus] feat: 🎉 Add chart Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * chore: 🔧 Add to cd-pipeline Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * docs: 📝 Update documentation Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Change health check endpoint Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Update Attu endpoint Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> --------- Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * [bitnami/jaeger] Release 1.2.6 (#17526) * [bitnami/jaeger] Release 1.2.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/ghost] Release 19.3.23 (#17528) * [bitnami/ghost] Release 19.3.23 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/supabase] Release 0.3.10 (#17529) * [bitnami/supabase] Release 0.3.10 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mastodon] Release 1.5.6 (#17530) * [bitnami/mastodon] Release 1.5.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/clickhouse] Release 3.5.4 (#17533) * [bitnami/clickhouse] Release 3.5.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/rabbitmq-cluster-operator] Release 3.4.3 (#17535) * [bitnami/rabbitmq-cluster-operator] Release 3.4.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/milvus] Bump kafka major version and update license header (#17538) Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/grafana-operator] Release 3.0.1 (#17541) * [bitnami/grafana-operator] Release 3.0.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kong] Release 9.3.4 (#17212) * [bitnami/kong] Release 9.3.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Sync RBAC resources Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> Co-authored-by: Jose Antonio Carmona <jcarmona@vmware.com> * [bitnami/redis-cluster] Release 8.6.7 (#17546) * [bitnami/redis-cluster] Release 8.6.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis] Release 17.11.8 (#17545) * [bitnami/redis] Release 17.11.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-operator] Release 3.0.2 (#17547) * [bitnami/grafana-operator] Release 3.0.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/airflow] Release 14.3.1 (#17548) * [bitnami/airflow] Release 14.3.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/tomcat] Release 10.9.4 (#17550) * [bitnami/tomcat] Release 10.9.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/prestashop] Release 17.1.4 (#17552) * [bitnami/prestashop] Release 17.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Run license check on modified files (#17542) Signed-off-by: Fran Mulero <fmulero@vmware.com> * [bitnami/matomo] Release 1.1.7 (#17558) * [bitnami/matomo] Release 1.1.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jenkins] Release 12.2.4 (#17560) * [bitnami/jenkins] Release 12.2.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Use os-shell in tempate and Jaeger runtime params (#17557) * Use os-shell in tempate and Jaeger runtime params Signed-off-by: Joseda Rios <jdrios@vmware.com> * Update comments in all related files Signed-off-by: Joseda Rios <jdrios@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Joseda Rios <jdrios@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/rabbitmq-cluster-operator] update CRDs (#17551) * [bitnami/rabbitmq-cluster-operator] update CRDs Signed-off-by: Ihor Hrytskiv <ihor.hrytskiv@macpaw.com> * Update bitnami/rabbitmq-cluster-operator/Chart.yaml Co-authored-by: Ibone González Mauraza <gibone@vmware.com> Signed-off-by: ihor-hrytskiv <39990360+ihor-hrytskiv@users.noreply.github.com> --------- Signed-off-by: Ihor Hrytskiv <ihor.hrytskiv@macpaw.com> Signed-off-by: ihor-hrytskiv <39990360+ihor-hrytskiv@users.noreply.github.com> Co-authored-by: Ibone González Mauraza <gibone@vmware.com> * [bitnami/postgresql] fix invalid indentation for replica metrics extra envs (#17553) Signed-off-by: Ondrej Zvara <zvara.ondrej@gmail.com> * [bitnami/fluentd] Release 5.8.5 (#17563) * [bitnami/fluentd] Release 5.8.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redmine] Release 22.1.5 (#17565) * [bitnami/redmine] Release 22.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mastodon] Release 1.5.7 (#17564) * [bitnami/mastodon] Release 1.5.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/aspnet-core] Release 4.3.3 (#17570) * [bitnami/aspnet-core] Release 4.3.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kong] Release 9.4.1 (#17571) * [bitnami/kong] Release 9.4.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/suitecrm] Release 12.1.4 (#17572) * [bitnami/suitecrm] Release 12.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/joomla] Release 14.1.5 (#17573) * [bitnami/joomla] Release 14.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/minio] Release 12.6.7 (#17575) * [bitnami/minio] Release 12.6.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/oauth2-proxy] make google-group as list instead of string (#17524) * make google-group as list instead of string Signed-off-by: omer nitzan <omer2500@gmail.com> * bump version Signed-off-by: omer nitzan <omer2500@gmail.com> * change variable name to groups Signed-off-by: omer nitzan <omer2500@gmail.com> * change this to these Signed-off-by: omer nitzan <omer2500@gmail.com> --------- Signed-off-by: omer nitzan <omer2500@gmail.com> * Include service.annotations in template (#17567) Signed-off-by: Zac Stevenson <zstevenson@payments.ca> * [bitnami/moodle] Release 16.1.4 (#17577) * [bitnami/moodle] Release 16.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/milvus] fix: 🐛 Add emptyDir to init job /tmp (#17578) Depending on the system, a cat HERE-DOCUMENT command may create a temporary file in /tmp. This PR ensures that /tmp is writable so the file can be created Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * [bitnami/apisix] Reorder chart dependencies (#17583) Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/fluent-bit] Release 0.4.7 (#17585) * [bitnami/fluent-bit] Release 0.4.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/milvus] Release 1.0.1 (#17544) * [bitnami/milvus] Release 1.0.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * chore: 🔧 Bump version Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * test: ✅ Update field check Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> Co-authored-by: Javier Salmeron Garcia <jsalmeron@vmware.com> * [bitnami/consul] Release 1 (#17593) * [bitnami/consul] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kiam] Release 1 (#17611) * [bitnami/kiam] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/fluent-bit] Release 0 updating components versions (#17597) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/flink] Release 0 (#17595) * [bitnami/flink] Release 0 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/aspnet-core] Release 4 (#17592) * [bitnami/aspnet-core] Release 4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis] don't include `@` for unauthenticated URI (#17493) Signed-off-by: Pat Riehecky <riehecky@fnal.gov> * [bitnami/rabbitmq] Updating the tls certs through values.yaml not restarting the pods (#17537) Signed-off-by: Rahul Sadanandan <rahulsadanandan13@gmail.com> * [bitnami/mediawiki] Release 1 (#17618) * [bitnami/mediawiki] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/minio] Release 1 updating components versions (#17627) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jenkins] Release 1 updating components versions (#17605) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/cert-manager] Release 0.11.6 (#17632) * [bitnami/cert-manager] Release 0.11.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mxnet] Release 3.3.6 (#17646) * [bitnami/mxnet] Release 3.3.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/argo-cd] Release 4.7.15 (#17635) * [bitnami/argo-cd] Release 4.7.15 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kafka] Release 23.0.3 (#17642) * [bitnami/kafka] Release 23.0.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/oauth2-proxy] Release 3.7.6 (#17645) * [bitnami/oauth2-proxy] Release 3.7.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/airflow] Release 14.3.2 (#17631) * [bitnami/airflow] Release 14.3.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/odoo] Release 23.2.6 (#17644) * [bitnami/odoo] Release 23.2.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-mimir] Release 0.5.5 (#17641) * [bitnami/grafana-mimir] Release 0.5.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-loki] Release 2.10.1 (#17640) * [bitnami/grafana-loki] Release 2.10.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/nginx] Release 15.1.1 (#17647) * [bitnami/nginx] Release 15.1.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/contour] Release 12.1.2 (#17637) * [bitnami/contour] Release 12.1.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/nginx-ingress-controller] Release 9.7.6 (#17648) * [bitnami/nginx-ingress-controller] Release 9.7.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/postgresql-ha] Release 11.7.8 (#17654) * [bitnami/postgresql-ha] Release 11.7.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/rabbitmq] Release 12.0.6 (#17660) * [bitnami/rabbitmq] Release 12.0.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/wildfly] Release 15.1.4 (#17670) * [bitnami/wildfly] Release 15.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/spark] Release 7.1.1 (#17665) * [bitnami/spark] Release 7.1.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redmine] Release 22.1.6 updating components versions (#17662) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/tomcat] Release 10.9.5 (#17666) * [bitnami/tomcat] Release 10.9.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/solr] Release 7.5.3 (#17667) * [bitnami/solr] Release 7.5.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/elasticsearch] Release 19.10.4 (#17630) * [bitnami/elasticsearch] Release 19.10.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/wordpress] Release 16.1.26 (#17674) * [bitnami/wordpress] Release 16.1.26 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/sonarqube] Release 3.2.7 (#17669) * [bitnami/sonarqube] Release 3.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mariadb] Release 12.2.8 (#17681) * [bitnami/mariadb] Release 12.2.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/appsmith] Release 0.3.10 (#17671) * [bitnami/appsmith] Release 0.3.10 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jupyterhub] Release 4.1.7 (#17678) * [bitnami/jupyterhub] Release 4.1.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana] Release 9.0.2 (#17677) * [bitnami/grafana] Release 9.0.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/thanos] Release 12.8.4 (#17682) * [bitnami/thanos] Release 12.8.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/suitecrm] Release 12.1.5 updating components versions (#17683) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/drupal] Release 14.1.6 (#17684) * [bitnami/drupal] Release 14.1.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/sealed-secrets] Release 1.4.5 (#17686) * [bitnami/sealed-secrets] Release 1.4.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/argo-workflows] Release 5.3.7 (#17688) * [bitnami/argo-workflows] Release 5.3.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana] Release 9.0.3 (#17689) * [bitnami/grafana] Release 9.0.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kubeapps] Release 12.4.7 (#17690) * [bitnami/kubeapps] Release 12.4.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/pinniped] Release 1.2.4 (#17694) * [bitnami/pinniped] Release 1.2.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kafka] Release 23.0.4 (#17695) * [bitnami/kafka] Release 23.0.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/airflow] Release 14.3.3 (#17696) * [bitnami/airflow] Release 14.3.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/argo-cd] Release 4.7.16 (#17698) * [bitnami/argo-cd] Release 4.7.16 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/minio] Allow templates for ingress hostnames (#17290) Signed-off-by: Fabian Scheidt <mail@fabian-scheidt.com> Signed-off-by: Andrés Bono <andresbono@vmware.com> Co-authored-by: Andrés Bono <andresbono@vmware.com> * [bitnami/redis] add sampleLimit and targetLimit for redis chart (#17587) * add sampleLimit and targetLimit for redis chart Signed-off-by: Markus Blaschke <mblaschke82@gmail.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * add sampleLimit and targetLimit for redis chart Signed-off-by: Markus Blaschke <mblaschke82@gmail.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Markus Blaschke <mblaschke82@gmail.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/rabbitmq-cluster-operator] Support toggle to disable rabbitmq messaging topology operator installation (#17539) * Support toggle for RabbitMQ Messaging Topology Operator installation Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * Generate README for new configuration parameter Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * Update version bump Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * Update version bump Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * fix VIB issue Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * rollback version bump to 3.4.3 Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * update version bump for CI/CD issue Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * Also add toggle for goss validation, should not verify status of rmq-op-webhook if messaging topology operator installation disabled Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * refinement as comments Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> * Updated Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> --------- Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> Signed-off-by: Martin.Zhou <xixiangzouyibian@users.noreply.github.com> Co-authored-by: Zhou, Martin <Martin_Zhou2@Dell.com> * [bitnami/ghost] Release 19.3.24 (#17719) * [bitnami/ghost] Release 19.3.24 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis] Release 17.13.1 (#17713) * [bitnami/redis] Release 17.13.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/postgresql-ha] Release 11.7.9 (#17702) * [bitnami/postgresql-ha] Release 11.7.9 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/fluentd] Release 5.8.6 (#17710) * [bitnami/fluentd] Release 5.8.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mongodb] Release 13.15.5 (#17700) * [bitnami/mongodb] Release 13.15.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/postgresql] Release 12.6.6 (#17705) * [bitnami/postgresql] Release 12.6.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mysql] Release 9.10.6 (#17679) * [bitnami/mysql] Release 9.10.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/vault] Release 0.2.6 (#17675) * [bitnami/vault] Release 0.2.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/whereabouts] Release 0.4.3 (#17673) * [bitnami/whereabouts] Release 0.4.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mongodb-sharded] Release 6.5.6 (#17703) * [bitnami/mongodb-sharded] Release 6.5.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/wordpress] Release 16.1.27 (#17697) * [bitnami/wordpress] Release 16.1.27 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/zookeeper] Release 11.4.4 (#17672) * [bitnami/zookeeper] Release 11.4.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mariadb-galera] Release 8.2.7 (#17676) * [bitnami/mariadb-galera] Release 8.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/tensorflow-resnet] Release 3.8.4 (#17668) * [bitnami/tensorflow-resnet] Release 3.8.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/supabase] Release 0.3.11 (#17701) * [bitnami/supabase] Release 0.3.11 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/nats] Release 7.8.6 (#17699) * [bitnami/nats] Release 7.8.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/prometheus] Release 0.1.7 (#17664) * [bitnami/prometheus] Release 0.1.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/schema-registry] Release 12.1.1 (#17663) * [bitnami/schema-registry] Release 12.1.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis-cluster] Release 8.6.8 (#17661) * [bitnami/redis-cluster] Release 8.6.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/magento] Release 22.1.5 (#17680) * [bitnami/magento] Release 22.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/phpbb] Release 13.1.4 (#17651) * [bitnami/phpbb] Release 13.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/prestashop] Release 17.1.5 (#17656) * [bitnami/prestashop] Release 17.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/phpmyadmin] Release 11.1.4 (#17655) * [bitnami/phpmyadmin] Release 11.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jaeger] Release 1.2.7 (#17653) * [bitnami/jaeger] Release 1.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/parse] Release 20.2.5 (#17652) * [bitnami/parse] Release 20.2.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/apache] Release 9.6.5 (#17636) * [bitnami/apache] Release 9.6.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/pytorch] Release 3.2.7 (#17657) * [bitnami/pytorch] Release 3.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/joomla] Release 14.1.6 updating components versions (#17638) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kube-prometheus] Release 8.15.2 (#17658) * [bitnami/kube-prometheus] Release 8.15.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/multus-cni] Release 1 (#17624) * [bitnami/multus-cni] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/osclass] Release 15.1.3 (#17650) * [bitnami/osclass] Release 15.1.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/harbor] Release 16.7.1 (#17643) * [bitnami/harbor] Release 16.7.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/metrics-server] Release 6 (#17622) * [bitnami/metrics-server] Release 6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/cassandra] Release 10.4.4 (#17634) * [bitnami/cassandra] Release 10.4.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/concourse] Release 2.2.4 (#17633) * [bitnami/concourse] Release 2.2.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/moodle] Release 1 updating components versions (#17626) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/metallb] Release 4 (#17625) * [bitnami/metallb] Release 4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/matomo] Release 1 updating components versions (#17621) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kube-state-metrics] Release 3 (#17616) * [bitnami/kube-state-metrics] Release 3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/node-exporter] Release 3 (#17623) * [bitnami/node-exporter] Release 3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/milvus] Release 1 (#17619) * [bitnami/milvus] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/memcached] Release 6 (#17617) * [bitnami/memcached] Release 6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/etcd] Release 9 (#17591) * [bitnami/etcd] Release 9 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/clickhouse] Release 3 (#17594) * [bitnami/clickhouse] Release 3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/apisix] Release 2 (#17599) * [bitnami/apisix] Release 2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/dokuwiki] Release 1 (#17596) * [bitnami/dokuwiki] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-tempo] Release 2 (#17602) * [bitnami/grafana-tempo] Release 2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/influxdb] Release 5 (#17604) * [bitnami/influxdb] Release 5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/gitea] Release 0 (#17607) * [bitnami/gitea] Release 0 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/haproxy] Release 0 (#17606) * [bitnami/haproxy] Release 0 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/logstash] Release 5 (#17610) * [bitnami/logstash] Release 5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/keycloak] Release 1 (#17608) * [bitnami/keycloak] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update Chart.lock Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami/flux] Release 0 (#17609) * [bitnami/flux] Release 0 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kibana] Release 1 (#17613) * [bitnami/kibana] Release 1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/ejbca] Release 7 (#17598) * [bitnami/ejbca] Release 7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kubernetes-event-exporter] Release 2 (#17615) * [bitnami/kubernetes-event-exporter] Release 2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis] Release 17.13.2 (#17720) * [bitnami/redis] Release 17.13.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kong] Release 9 (#17614) * [bitnami/kong] Release 9 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redis-cluster] Release 8.6.9 (#17721) * [bitnami/redis-cluster] Release 8.6.9 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mastodon] Release 1 updating components versions (#17612) Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/grafana-operator] Release 3 (#17603) * [bitnami/grafana-operator] Release 3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jasperreports] Release 15.1.4 (#17639) * [bitnami/jasperreports] Release 15.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/odoo] Release 23.2.7 (#17722) * [bitnami/odoo] Release 23.2.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/rabbitmq-cluster-operator] Release 3.6.1 (#17706) * [bitnami/rabbitmq-cluster-operator] Release 3.5.1 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> * [bitnami-bot] Updating Bitnami team members Signed-off-by: bitnami-bot <bitnami-bot@vmware.com> * [bitnami/airflow] Updates the git container version (#17728) * [bitnami/airflow] Updates the git container version Signed-off-by: Rafael Rios Saavedra <rrios@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Rafael Rios Saavedra <rrios@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/zookeeper] Release 11.4.5 (#17732) * [bitnami/zookeeper] Release 11.4.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/pytorch] Fix git init container (#17729) * [bitnami/pytorch] Fix git init container Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mxnet] Fix git init container (#17731) * [bitnami/mxnet] Fix git init container Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/zookeeper] Release 11.4.6 (#17734) * [bitnami/zookeeper] Release 11.4.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/kafka] Release 23.0.5 (#17735) * [bitnami/kafka] Release 23.0.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/argo-workflows] Release 5.3.8 (#17738) * [bitnami/argo-workflows] Release 5.3.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/thanos] Release 12.8.5 (#17740) * [bitnami/thanos] Release 12.8.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/pinniped] Release 1.2.5 (#17739) * [bitnami/pinniped] Release 1.2.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/rabbitmq-cluster-operator] Release 3.6.2 (#17741) * [bitnami/rabbitmq-cluster-operator] Release 3.6.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/osclass] Release 15.1.4 (#17743) * [bitnami/osclass] Release 15.1.4 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/phpmyadmin] Release 11.1.5 (#17744) * [bitnami/phpmyadmin] Release 11.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/phpbb] Release 13.1.5 (#17746) * [bitnami/phpbb] Release 13.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/magento] Release 22.1.6 (#17745) * [bitnami/magento] Release 22.1.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/jasperreports] Release 15.1.5 (#17747) * [bitnami/jasperreports] Release 15.1.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/sealed-secrets] Release 1.4.6 (#17742) * [bitnami/sealed-secrets] Release 1.4.6 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/redmine] Release 22.1.7 (#17748) * [bitnami/redmine] Release 22.1.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/ghost] Release 19.3.25 (#17749) * [bitnami/ghost] Release 19.3.25 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/sealed-secrets] Release 1.4.7 (#17751) * [bitnami/sealed-secrets] Release 1.4.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/node-exporter] Release 3.6.2 (#17750) * [bitnami/node-exporter] Release 3.6.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/rabbitmq] Release 12.0.7 (#17752) * [bitnami/rabbitmq] Release 12.0.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/schema-registry] Release 12.1.2 (#17753) * [bitnami/schema-registry] Release 12.1.2 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/mongodb] Try to seed mongodb with pss-restricted (#17236) * [bitnami/mongodb] Try to seed mongodb with pss-restricted where possible Signed-off-by: Pat Riehecky <riehecky@fnal.gov> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Pat Riehecky <riehecky@fnal.gov> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> * [bitnami/kube-prometheus] Fix typo in alertmanager values description (#17707) Signed-off-by: Andrés Bono <andresbono@vmware.com> * [bitnami/zookeeper] Release 11.4.7 (#17756) * [bitnami/zookeeper] Release 11.4.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/apache] Rewrite Ingress TLS logic (#17124) * [bitnami/apache] Make `ingress.tls` into a bool Its contents were not parsed anyway since chart version [v9.0.0](https://github.com/bitnami/charts/pull/7491/), so this change has no functional effect. Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Cleanup messy ingress.tls logic I have convinced myself that this change has no functional effect. * `ingress.tls` always had to be set, so that logic is the same. * It is now possible to set `ingress.tls` without setting `ingress.certManager` or `ingress.selfSigned`. What's the harm in that? Perhaps someone would like to provide a TLS secret manually... Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Remove unused value ingress.hosts Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Bump chart version Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Remove ingress.certManager This change removes the long deprecated annotation for cert-manager from the Ingress resource. NOTE: Technically, this is a breaking change. If someone is using the `ingress.certManager` value, they will lose the annotation. I imagine there are few cases where the annotation has any effect, but there's always someone out there running some really odd configuration... It's of course still possible to have the annotation, it just has to be included in `ingress.annotations`, along with the rest of the annotations. Since the value is no longer in use anywhere, we also remove it from values.yaml. Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Bump chart version Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * [bitnami/apache] Revert breaking change by checking ingress.selfSigned Before this change, I had accidentally missed the case where the user has `--set 'ingress.enabled=true,ingress.selfSigned=true'`, which inadvertently introduced a breaking change. This change makes sure this case is covered as before the PR was merged. Signed-off-by: Andreas Lindhé <andreas@lindhe.io> * Full standardization of ingress Signed-off-by: Andrés Bono <andresbono@vmware.com> --------- Signed-off-by: Andreas Lindhé <andreas@lindhe.io> Signed-off-by: Andrés Bono <andresbono@vmware.com> Co-authored-by: Andrés Bono <andresbono@vmware.com> * [bitnami/kube-prometheus] Bump Helm chart version (#17758) Signed-off-by: Andrés Bono <andresbono@vmware.com> * [bitnami/moodle] Delegate targetPort when no LB or ClusterIP set (#17759) * fix(moddle): delegate targetPort when no LB or ClusterIP set Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * chore(moddle): bump minor Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> --------- Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * [bitnami/mysql] Release 9.10.7 (#17760) * [bitnami/mysql] Release 9.10.7 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * chore: Rename GH action used to run readme generator (#17761) Signed-off-by: juan131 <juan.ariza.1311993@gmail.com> * [bitnami/zookeeper] Release 11.4.8 (#17765) * [bitnami/zookeeper] Release 11.4.8 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/wordpress] Release 16.1.28 (#17769) * [bitnami/wordpress] Release 16.1.28 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/tensorflow-resnet] Release 3.8.5 (#17770) * [bitnami/tensorflow-resnet] Release 3.8.5 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/minio] Release 12.6.10 (#17771) * [bitnami/minio] Release 12.6.10 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/contour] allow to manipulate container securityContext fields for each container (#17456) * [bitnami/contour] container sec contaxt spec improvement Signed-off-by: Ugur <ugurozturk918@gmail.com> * [bitnami/contour] container sec contaxt spec improvement fix Signed-off-by: Ugur <ugurozturk918@gmail.com> * [bitnami/contour] container sec contaxt spec improvement fix Signed-off-by: Ugur <ugurozturk918@gmail.com> * [bitnami/contour] container sec contaxt spec improvement - review fix Signed-off-by: Ugur <ugurozturk918@gmail.com> * [bitnami/contour] container sec contaxt spec improvement - metadata fix Signed-off-by: Ugur <ugurozturk918@gmail.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Ugur <ugurozturk918@gmail.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Juan José Martos <jotamartos@gmail.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Juan José Martos <jotamartos@gmail.com> * [bitnami/pinniped] fix: deploy credentialissuer only for concierge (#17737) Signed-off-by: Zadkiel Aharonian <hello@zadkiel.fr> * [bitnami/etcd] Add feature extraVolumeClaimTemplate (#17763) Signed-off-by: Andrei Kondratiev <andrei@nefeli.io> * Fixes usePasswordFiles (#17773) Signed-off-by: Rafael Rios Saavedra <rrios@vmware.com> * feat(opensearch): add NetworkPolicies Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * docs(opensearch): update README.md Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * fix(opensearch): remove metrics references Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * docs(opensearch): remove upgrade ES guides Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * test(opensearch): add test for extraConfig Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * test(opensearch): fix values for extraConfig Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * test(opensearch): add capabilities test Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * feat(opensearch): add seccompProfiles Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * feat(opensearch): dummy commit Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> * feat(opensearch): dummy commit Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> --------- Signed-off-by: Alberto Otero Lorenzo <lorenzoa@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Zac Stevenson <zstevenson@payments.ca> Signed-off-by: Fran Mulero <fmulero@vmware.com> Signed-off-by: mauraza <gibone@vmware.com> Signed-off-by: Ibone González Mauraza <gibone@vmware.com> Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> Signed-off-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Signed-off-by: Jose Antonio Carmona <jcarmona@vmware.com> Signed-off-by: Joseda Rios <jdrios@vmware.com> Signed-off-by: Ihor Hrytskiv <ihor.hrytskiv@macpaw.com> Signed-off-by: ihor-hrytskiv <39990360+ihor-hrytskiv@users.noreply.github.com> Signed-off-by: Ondrej Zvara <zvara.ondrej@gmail.com> Signed-off-by: omer nitzan <omer2500@gmail.com> Signed-off-by: Pat Riehecky <riehecky@fnal.gov> Signed-off-by: Rahul Sadanandan <rahulsadanandan13@gmail.com> Signed-off-by: Fabian Scheidt <mail@fabian-scheidt.com> Signed-off-by: Andrés Bono <andresbono@vmware.com> Signed-off-by: Markus Blaschke <mblaschke82@gmail.com> Signed-off-by: Zhou, Martin <Martin_Zhou2@Dell.com> Signed-off-by: Martin.Zhou <xixiangzouyibian@users.noreply.github.com> Signed-off-by: bitnami-bot <bitnami-bot@vmware.com> Signed-off-by: Rafael Rios Saavedra <rrios@vmware.com> Signed-off-by: Andreas Lindhé <andreas@lindhe.io> Signed-off-by: juan131 <juan.ariza.1311993@gmail.com> Signed-off-by: Ugur <ugurozturk918@gmail.com> Signed-off-by: Juan José Martos <jotamartos@gmail.com> Signed-off-by: Zadkiel Aharonian <hello@zadkiel.fr> Signed-off-by: Andrei Kondratiev <andrei@nefeli.io> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Zac Stevenson <57682749+zstevenson-payments@users.noreply.github.com> Co-authored-by: Fran Mulero <fmulero@vmware.com> Co-authored-by: mauraza <gibone@vmware.com> Co-authored-by: Carlos Rodríguez Hernández <carlosrh@vmware.com> Co-authored-by: Fran de Paz Galán <fdepaz@vmware.com> Co-authored-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: Javier J. Salmerón-García <jsalmeron@vmware.com> Co-authored-by: Jose Antonio Carmona <jcarmona@vmware.com> Co-authored-by: Joseda Rios <jotadrilo@users.noreply.github.com> Co-authored-by: ihor-hrytskiv <39990360+ihor-hrytskiv@users.noreply.github.com> Co-authored-by: Ondrej Zvara <zvara.ondrej@gmail.com> Co-authored-by: omer2500 <omer2500@gmail.com> Co-authored-by: Pat Riehecky <3534830+jcpunk@users.noreply.github.com> Co-authored-by: Rahul Sadanandan <rahulsadanandan13@gmail.com> Co-authored-by: Fabian Scheidt <mail@fabian-scheidt.com> Co-authored-by: Andrés Bono <andresbono@vmware.com> Co-authored-by: Markus Blaschke <mblaschke82@gmail.com> Co-authored-by: Martin.Zhou <xixiangzouyibian@users.noreply.github.com> Co-authored-by: Zhou, Martin <Martin_Zhou2@Dell.com> Co-authored-by: Rafael Ríos Saavedra <rrios@vmware.com> Co-authored-by: Andreas Lindhé <lindhe@users.noreply.github.com> Co-authored-by: Juan Ariza Toledano <juan.ariza.1311993@gmail.com> Co-authored-by: Ugur Can Ozturk <57688057+ugur99@users.noreply.github.com> Co-authored-by: Juan José Martos <jotamartos@gmail.com> Co-authored-by: Zadkiel Aharonian <hello@zadkiel.fr> Co-authored-by: Andrei Kondratiev <andrei@nefeli.io>
This commit is contained in:
Alberto Otero
7
.vib/opensearch/cypress/cypress.json
Normal file
7
.vib/opensearch/cypress/cypress.json
Normal file
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"baseUrl": "http://localhost",
|
||||
"responseTimeout": 30000,
|
||||
"env": {
|
||||
"nodeNumber": 4
|
||||
}
|
||||
}
|
||||
4
.vib/opensearch/cypress/cypress/fixtures/documents.json
Normal file
4
.vib/opensearch/cypress/cypress/fixtures/documents.json
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"name": "Simon",
|
||||
"origin": "Belfast, UK"
|
||||
}
|
||||
@@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Copyright VMware, Inc.
|
||||
* SPDX-License-Identifier: APACHE-2.0
|
||||
*/
|
||||
|
||||
/// <reference types="cypress" />
|
||||
import { random } from '../support/utils';
|
||||
import body from '../fixtures/documents.json';
|
||||
|
||||
it('can check cluster health', () => {
|
||||
cy.request({
|
||||
method: 'GET',
|
||||
url: '/_cluster/health',
|
||||
form: true,
|
||||
}).then((response) => {
|
||||
expect(response.status).to.eq(200);
|
||||
expect(response.body.status).to.contain('green');
|
||||
expect(response.body.number_of_nodes).to.eq(Cypress.env('nodeNumber'));
|
||||
});
|
||||
});
|
||||
|
||||
it('can index a search and retrieve it', () => {
|
||||
cy.request({
|
||||
method: 'PUT',
|
||||
url: 'favorite_candy' + random,
|
||||
form: true,
|
||||
}).then((response) => {
|
||||
expect(response.status).to.eq(200);
|
||||
expect(response.body.acknowledged).to.eq(true);
|
||||
expect(response.body.shards_acknowledged).to.eq(true);
|
||||
expect(response.body.index).to.eq(`favorite_candy${random}`);
|
||||
});
|
||||
|
||||
cy.request({
|
||||
method: 'GET',
|
||||
url: 'favorite_candy' + random,
|
||||
form: true,
|
||||
}).then((response) => {
|
||||
expect(response.status).to.eq(200);
|
||||
});
|
||||
});
|
||||
|
||||
it('can index a document and retrieve it', () => {
|
||||
cy.request({
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json; charset=utf-8' },
|
||||
url: `favorite_dj/_create/${random}`,
|
||||
body: body,
|
||||
}).then((response) => {
|
||||
expect(response.status).to.eq(201);
|
||||
expect(response.body._index).to.eq('favorite_dj');
|
||||
expect(response.body.result).to.eq('created');
|
||||
});
|
||||
|
||||
cy.request({
|
||||
method: 'GET',
|
||||
url: 'favorite_dj/_source/' + random,
|
||||
form: true,
|
||||
}).then((response) => {
|
||||
expect(response.status).to.eq(200);
|
||||
expect(response.body.name).to.eq(body.name);
|
||||
expect(response.body.origin).to.eq(body.origin);
|
||||
});
|
||||
});
|
||||
10
.vib/opensearch/cypress/cypress/support/utils.js
Normal file
10
.vib/opensearch/cypress/cypress/support/utils.js
Normal file
@@ -0,0 +1,10 @@
|
||||
/*
|
||||
* Copyright VMware, Inc.
|
||||
* SPDX-License-Identifier: APACHE-2.0
|
||||
*/
|
||||
|
||||
/// <reference types="cypress" />
|
||||
|
||||
export let random = (Math.floor(Math.random() * 10000) + 10000)
|
||||
.toString()
|
||||
.substring(1);
|
||||
30
.vib/opensearch/goss/goss.yaml
Normal file
30
.vib/opensearch/goss/goss.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
# Copyright VMware, Inc.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
|
||||
file:
|
||||
/opt/bitnami/opensearch/config/opensearch.yml:
|
||||
mode: "0644"
|
||||
filetype: file
|
||||
contains:
|
||||
- /port.*{{ .Vars.containerPorts.transport }}/
|
||||
- /allow_nmap:.*false/
|
||||
exists: true
|
||||
/bitnami/opensearch/data:
|
||||
mode: "0644"
|
||||
filetype: directory
|
||||
exists: true
|
||||
addr:
|
||||
# Container ports
|
||||
tcp://opensearch-dashboards:{{ .Vars.dashboards.service.ports.http }}:
|
||||
reachable: true
|
||||
timeout: 180000
|
||||
command:
|
||||
check-no-capabilities:
|
||||
exec: cat /proc/1/status
|
||||
exit-status: 0
|
||||
stdout:
|
||||
- "CapInh: 0000000000000000"
|
||||
- "CapPrm: 0000000000000000"
|
||||
- "CapEff: 0000000000000000"
|
||||
- "CapBnd: 0000000000000000"
|
||||
- "CapAmb: 0000000000000000"
|
||||
27
.vib/opensearch/runtime-parameters.yaml
Normal file
27
.vib/opensearch/runtime-parameters.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
master:
|
||||
replicaCount: 1
|
||||
coordinating:
|
||||
replicaCount: 1
|
||||
data:
|
||||
replicaCount: 1
|
||||
ingest:
|
||||
enabled: true
|
||||
replicaCount: 1
|
||||
service:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
restAPI: 80
|
||||
transport: 9300
|
||||
sysctlImage:
|
||||
enabled: true
|
||||
containerPorts:
|
||||
transport: 9300
|
||||
dashboards:
|
||||
enabled: true
|
||||
service:
|
||||
ports:
|
||||
http: 5605
|
||||
extraConfig:
|
||||
node:
|
||||
store:
|
||||
allow_mmap: false
|
||||
85
.vib/opensearch/vib-publish.json
Normal file
85
.vib/opensearch/vib-publish.json
Normal file
@@ -0,0 +1,85 @@
|
||||
{
|
||||
"phases": {
|
||||
"package": {
|
||||
"context": {
|
||||
"resources": {
|
||||
"url": "{SHA_ARCHIVE}",
|
||||
"path": "/bitnami/opensearch"
|
||||
}
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"action_id": "helm-package"
|
||||
},
|
||||
{
|
||||
"action_id": "helm-lint"
|
||||
}
|
||||
]
|
||||
},
|
||||
"verify": {
|
||||
"context": {
|
||||
"resources": {
|
||||
"url": "{SHA_ARCHIVE}",
|
||||
"path": "/bitnami/opensearch"
|
||||
},
|
||||
"target_platform": {
|
||||
"target_platform_id": "{VIB_ENV_ALTERNATIVE_TARGET_PLATFORM}",
|
||||
"size": {
|
||||
"name": "L4"
|
||||
}
|
||||
}
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"action_id": "health-check",
|
||||
"params": {
|
||||
"endpoint": "lb-opensearch-tcp-rest-api",
|
||||
"app_protocol": "HTTP"
|
||||
}
|
||||
},
|
||||
{
|
||||
"action_id": "goss",
|
||||
"params": {
|
||||
"resources": {
|
||||
"path": "/.vib"
|
||||
},
|
||||
"tests_file": "opensearch/goss/goss.yaml",
|
||||
"vars_file": "opensearch/runtime-parameters.yaml",
|
||||
"remote": {
|
||||
"pod": {
|
||||
"workload": "sts-opensearch-master"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"action_id": "cypress",
|
||||
"params": {
|
||||
"resources": {
|
||||
"path": "/.vib/opensearch/cypress"
|
||||
},
|
||||
"endpoint": "lb-opensearch-tcp-rest-api",
|
||||
"app_protocol": "HTTP"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"publish": {
|
||||
"actions": [
|
||||
{
|
||||
"action_id": "helm-publish",
|
||||
"params": {
|
||||
"repository": {
|
||||
"kind": "S3",
|
||||
"url": "{VIB_ENV_S3_URL}",
|
||||
"authn": {
|
||||
"access_key_id": "{VIB_ENV_S3_ACCESS_KEY_ID}",
|
||||
"secret_access_key": "{VIB_ENV_S3_SECRET_ACCESS_KEY}"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
68
.vib/opensearch/vib-verify.json
Normal file
68
.vib/opensearch/vib-verify.json
Normal file
@@ -0,0 +1,68 @@
|
||||
{
|
||||
"phases": {
|
||||
"package": {
|
||||
"context": {
|
||||
"resources": {
|
||||
"url": "{SHA_ARCHIVE}",
|
||||
"path": "/bitnami/opensearch"
|
||||
}
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"action_id": "helm-package"
|
||||
},
|
||||
{
|
||||
"action_id": "helm-lint"
|
||||
}
|
||||
]
|
||||
},
|
||||
"verify": {
|
||||
"context": {
|
||||
"resources": {
|
||||
"url": "{SHA_ARCHIVE}",
|
||||
"path": "/bitnami/opensearch"
|
||||
},
|
||||
"target_platform": {
|
||||
"target_platform_id": "{VIB_ENV_ALTERNATIVE_TARGET_PLATFORM}",
|
||||
"size": {
|
||||
"name": "M4"
|
||||
}
|
||||
}
|
||||
},
|
||||
"actions": [
|
||||
{
|
||||
"action_id": "health-check",
|
||||
"params": {
|
||||
"endpoint": "lb-opensearch-tcp-rest-api",
|
||||
"app_protocol": "HTTP"
|
||||
}
|
||||
},
|
||||
{
|
||||
"action_id": "goss",
|
||||
"params": {
|
||||
"resources": {
|
||||
"path": "/.vib"
|
||||
},
|
||||
"tests_file": "opensearch/goss/goss.yaml",
|
||||
"vars_file": "opensearch/runtime-parameters.yaml",
|
||||
"remote": {
|
||||
"pod": {
|
||||
"workload": "sts-opensearch-master"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"action_id": "cypress",
|
||||
"params": {
|
||||
"resources": {
|
||||
"path": "/.vib/opensearch/cypress"
|
||||
},
|
||||
"endpoint": "lb-opensearch-tcp-rest-api",
|
||||
"app_protocol": "HTTP"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
21
bitnami/opensearch/.helmignore
Normal file
21
bitnami/opensearch/.helmignore
Normal file
@@ -0,0 +1,21 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
26
bitnami/opensearch/Chart.yaml
Normal file
26
bitnami/opensearch/Chart.yaml
Normal file
@@ -0,0 +1,26 @@
|
||||
# Copyright VMware, Inc.
|
||||
# SPDX-License-Identifier: APACHE-2.0
|
||||
|
||||
annotations:
|
||||
category: Analytics
|
||||
licenses: Apache-2.0
|
||||
apiVersion: v2
|
||||
appVersion: 2.8.0
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
tags:
|
||||
- bitnami-common
|
||||
version: 2.x.x
|
||||
description: Opensearch is a distributed search and analytics engine. It is used for web search, log monitoring, and real-time analytics. Ideal for Big Data applications.
|
||||
home: https://bitnami.com
|
||||
icon: https://bitnami.com/assets/stacks/opensearch/img/opensearch-stack-220x234.png
|
||||
keywords:
|
||||
- opensearch
|
||||
maintainers:
|
||||
- name: VMware, Inc.
|
||||
url: https://github.com/bitnami/charts
|
||||
name: opensearch
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/opensearch
|
||||
version: 0.1.0
|
||||
926
bitnami/opensearch/README.md
Normal file
926
bitnami/opensearch/README.md
Normal file
@@ -0,0 +1,926 @@
|
||||
<!--- app-name: Opensearch -->
|
||||
|
||||
# Bitnami Opensearch Stack
|
||||
|
||||
Opensearch is a distributed search and analytics engine. It is used for web search, log monitoring, and real-time analytics. Ideal for Big Data applications.
|
||||
|
||||
[Overview of Opensearch](https://www.open.co/products/opensearch)
|
||||
|
||||
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
|
||||
|
||||
## TL;DR
|
||||
|
||||
```console
|
||||
helm install my-release oci://registry-1.docker.io/bitnamicharts/opensearch
|
||||
```
|
||||
|
||||
## Introduction
|
||||
|
||||
This chart bootstraps a [Opensearch](https://github.com/bitnami/containers/tree/main/bitnami/opensearch) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters.
|
||||
|
||||
Looking to use Opensearch in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes 1.19+
|
||||
- Helm 3.2.0+
|
||||
- PV provisioner support in the underlying infrastructure
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install the chart with the release name `my-release`:
|
||||
|
||||
```console
|
||||
helm install my-release oci://registry-1.docker.io/bitnamicharts/opensearch
|
||||
```
|
||||
|
||||
These commands deploy Opensearch on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
|
||||
|
||||
> **Tip**: List all releases using `helm list`
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To uninstall/delete the `my-release` release:
|
||||
|
||||
```console
|
||||
helm delete my-release
|
||||
```
|
||||
|
||||
The command removes all the Kubernetes components associated with the chart and deletes the release. Remove also the chart using `--purge` option:
|
||||
|
||||
```console
|
||||
helm delete --purge my-release
|
||||
```
|
||||
|
||||
## Parameters
|
||||
|
||||
### Global parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------- | ----------------------------------------------- | ----- |
|
||||
| `global.imageRegistry` | Global Docker image registry | `""` |
|
||||
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
|
||||
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
|
||||
|
||||
### Common parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------ | --------------------------------------------------------------------------------------- | --------------- |
|
||||
| `kubeVersion` | Override Kubernetes version | `""` |
|
||||
| `nameOverride` | String to partially override common.names.fullname | `""` |
|
||||
| `fullnameOverride` | String to fully override common.names.fullname | `""` |
|
||||
| `commonLabels` | Labels to add to all deployed objects | `{}` |
|
||||
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
|
||||
| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` |
|
||||
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
|
||||
| `namespaceOverride` | String to fully override common.names.namespace | `""` |
|
||||
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
|
||||
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
|
||||
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
|
||||
|
||||
### Opensearch cluster Parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- |
|
||||
| `clusterName` | Opensearch cluster name | `open` |
|
||||
| `containerPorts.restAPI` | Opensearch REST API port | `9200` |
|
||||
| `containerPorts.transport` | Opensearch Transport port | `9300` |
|
||||
| `plugins` | Comma, semi-colon or space separated list of plugins to install at initialization | `""` |
|
||||
| `snapshotRepoPath` | File System snapshot repository path | `""` |
|
||||
| `config` | Override opensearch configuration | `{}` |
|
||||
| `extraConfig` | Append extra configuration to the opensearch node configuration | `{}` |
|
||||
| `extraHosts` | A list of external hosts which are part of this cluster | `[]` |
|
||||
| `extraVolumes` | A list of volumes to be added to the pod | `[]` |
|
||||
| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` |
|
||||
| `initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` |
|
||||
| `initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` |
|
||||
| `initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` |
|
||||
| `extraEnvVars` | Array containing extra env vars to be added to all pods (evaluated as a template) | `[]` |
|
||||
| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all pods (evaluated as a template) | `""` |
|
||||
| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all pods (evaluated as a template) | `""` |
|
||||
| `sidecars` | Add additional sidecar containers to the all opensearch node pod(s) | `[]` |
|
||||
| `initContainers` | Add additional init containers to the all opensearch node pod(s) | `[]` |
|
||||
| `useIstioLabels` | Use this variable to add Istio labels to all pods | `true` |
|
||||
| `image.registry` | Opensearch image registry | `docker.io` |
|
||||
| `image.repository` | Opensearch image repository | `bitnami/opensearch` |
|
||||
| `image.tag` | Opensearch image tag (immutable tags are recommended) | `2.8.0-debian-11-r0` |
|
||||
| `image.digest` | Opensearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | Opensearch image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Opensearch image pull secrets | `[]` |
|
||||
| `image.debug` | Enable Opensearch image debug mode | `false` |
|
||||
| `security.enabled` | Enable X-Pack Security settings | `false` |
|
||||
| `security.adminPassword` | Password for 'admin' user | `""` |
|
||||
| `security.logstashPassword` | Password for Logstash | `""` |
|
||||
| `security.existingSecret` | Name of the existing secret containing the Opensearch password and | `""` |
|
||||
| `security.fipsMode` | Configure opensearch with FIPS 140 compliant mode | `false` |
|
||||
|
||||
### Opensearch admin parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------------ | ------------------------------------------------------------------------------------------------------- | --------------------------- |
|
||||
| `security.tls.admin.existingSecret` | Existing secret containing the certificates for admin | `""` |
|
||||
| `security.tls.restEncryption` | Enable SSL/TLS encryption for Opensearch REST API. | `false` |
|
||||
| `security.tls.autoGenerated` | Create self-signed TLS certificates. | `true` |
|
||||
| `security.tls.verificationMode` | Verification mode for SSL communications. | `full` |
|
||||
| `security.tls.master.existingSecret` | Existing secret containing the certificates for the master nodes | `""` |
|
||||
| `security.tls.data.existingSecret` | Existing secret containing the certificates for the data nodes | `""` |
|
||||
| `security.tls.ingest.existingSecret` | Existing secret containing the certificates for the ingest nodes | `""` |
|
||||
| `security.tls.coordinating.existingSecret` | Existing secret containing the certificates for the coordinating nodes | `""` |
|
||||
| `security.tls.keystoreFilename` | Name of the keystore file | `opensearch.keystore.jks` |
|
||||
| `security.tls.truststoreFilename` | Name of the truststore | `opensearch.truststore.jks` |
|
||||
| `security.tls.usePemCerts` | Use this variable if your secrets contain PEM certificates instead of JKS/PKCS12 | `false` |
|
||||
| `security.tls.passwordsSecret` | Existing secret containing the Keystore and Truststore passwords, or key password if PEM certs are used | `""` |
|
||||
| `security.tls.keystorePassword` | Password to access the JKS/PKCS12 keystore or PEM key when they are password-protected. | `""` |
|
||||
| `security.tls.truststorePassword` | Password to access the JKS/PKCS12 truststore when they are password-protected. | `""` |
|
||||
| `security.tls.keyPassword` | Password to access the PEM key when they are password-protected. | `""` |
|
||||
| `security.tls.secretKeystoreKey` | Name of the secret key containing the Keystore password | `""` |
|
||||
| `security.tls.secretTruststoreKey` | Name of the secret key containing the Truststore password | `""` |
|
||||
| `security.tls.secretKey` | Name of the secret key containing the PEM key password | `""` |
|
||||
| `security.tls.nodesDN` | A comma separated list of DN for nodes | `""` |
|
||||
| `security.tls.adminDN` | A comma separated list of DN for admins | `""` |
|
||||
|
||||
### Traffic Exposure Parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ |
|
||||
| `service.type` | Opensearch service type | `ClusterIP` |
|
||||
| `service.ports.restAPI` | Opensearch service REST API port | `9200` |
|
||||
| `service.ports.transport` | Opensearch service transport port | `9300` |
|
||||
| `service.nodePorts.restAPI` | Node port for REST API | `""` |
|
||||
| `service.nodePorts.transport` | Node port for REST API | `""` |
|
||||
| `service.clusterIP` | Opensearch service Cluster IP | `""` |
|
||||
| `service.loadBalancerIP` | Opensearch service Load Balancer IP | `""` |
|
||||
| `service.loadBalancerSourceRanges` | Opensearch service Load Balancer sources | `[]` |
|
||||
| `service.externalTrafficPolicy` | Opensearch service external traffic policy | `Cluster` |
|
||||
| `service.annotations` | Additional custom annotations for Opensearch service | `{}` |
|
||||
| `service.extraPorts` | Extra ports to expose in Opensearch service (normally used with the `sidecars` value) | `[]` |
|
||||
| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `ingress.enabled` | Enable ingress record generation for Opensearch | `false` |
|
||||
| `ingress.pathType` | Ingress path type | `ImplementationSpecific` |
|
||||
| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
|
||||
| `ingress.hostname` | Default host for the ingress record | `opensearch.local` |
|
||||
| `ingress.path` | Default path for the ingress record | `/` |
|
||||
| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` |
|
||||
| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` |
|
||||
| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` |
|
||||
| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` |
|
||||
| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` |
|
||||
| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` |
|
||||
| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` |
|
||||
| `ingress.secrets` | Custom TLS certificates as secrets | `[]` |
|
||||
| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` |
|
||||
|
||||
### Master-elegible nodes parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
|
||||
| `master.masterOnly` | Deploy the Opensearch master-elegible nodes as master-only nodes. Recommended for high-demand deployments. | `true` |
|
||||
| `master.replicaCount` | Number of master-elegible replicas to deploy | `2` |
|
||||
| `master.extraRoles` | Append extra roles to the node role | `[]` |
|
||||
| `master.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
|
||||
| `master.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
|
||||
| `master.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
|
||||
| `master.nameOverride` | String to partially override opensearch.master.fullname | `""` |
|
||||
| `master.fullnameOverride` | String to fully override opensearch.master.fullname | `""` |
|
||||
| `master.servicenameOverride` | String to fully override opensearch.master.servicename | `""` |
|
||||
| `master.annotations` | Annotations for the master statefulset | `{}` |
|
||||
| `master.updateStrategy.type` | Master-elegible nodes statefulset stategy type | `RollingUpdate` |
|
||||
| `master.resources.limits` | The resources limits for opensearch containers | `{}` |
|
||||
| `master.resources.requests` | The requested resources for opensearch containers | `{}` |
|
||||
| `master.heapSize` | Opensearch master-eligible node heap size. | `128m` |
|
||||
| `master.podSecurityContext.enabled` | Enabled master-elegible pods' Security Context | `true` |
|
||||
| `master.podSecurityContext.fsGroup` | Set master-elegible pod's Security Context fsGroup | `1001` |
|
||||
| `master.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `master.containerSecurityContext.enabled` | Enabled master-elegible containers' Security Context | `true` |
|
||||
| `master.containerSecurityContext.runAsUser` | Set master-elegible containers' Security Context runAsUser | `1001` |
|
||||
| `master.containerSecurityContext.runAsNonRoot` | Set master-elegible containers' Security Context runAsNonRoot | `true` |
|
||||
| `master.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
|
||||
| `master.hostAliases` | master-elegible pods host aliases | `[]` |
|
||||
| `master.podLabels` | Extra labels for master-elegible pods | `{}` |
|
||||
| `master.podAnnotations` | Annotations for master-elegible pods | `{}` |
|
||||
| `master.podAffinityPreset` | Pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `master.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `master.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `master.nodeAffinityPreset.key` | Node label key to match. Ignored if `master.affinity` is set | `""` |
|
||||
| `master.nodeAffinityPreset.values` | Node label values to match. Ignored if `master.affinity` is set | `[]` |
|
||||
| `master.affinity` | Affinity for master-elegible pods assignment | `{}` |
|
||||
| `master.nodeSelector` | Node labels for master-elegible pods assignment | `{}` |
|
||||
| `master.tolerations` | Tolerations for master-elegible pods assignment | `[]` |
|
||||
| `master.priorityClassName` | master-elegible pods' priorityClassName | `""` |
|
||||
| `master.schedulerName` | Name of the k8s scheduler (other than default) for master-elegible pods | `""` |
|
||||
| `master.terminationGracePeriodSeconds` | In seconds, time the given to the Opensearch Master pod needs to terminate gracefully | `""` |
|
||||
| `master.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
|
||||
| `master.podManagementPolicy` | podManagementPolicy to manage scaling operation of Opensearch master pods | `Parallel` |
|
||||
| `master.startupProbe.enabled` | Enable/disable the startup probe (master nodes pod) | `false` |
|
||||
| `master.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (master nodes pod) | `90` |
|
||||
| `master.startupProbe.periodSeconds` | How often to perform the probe (master nodes pod) | `10` |
|
||||
| `master.startupProbe.timeoutSeconds` | When the probe times out (master nodes pod) | `5` |
|
||||
| `master.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (master nodes pod) | `1` |
|
||||
| `master.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `master.livenessProbe.enabled` | Enable/disable the liveness probe (master-eligible nodes pod) | `true` |
|
||||
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (master-eligible nodes pod) | `90` |
|
||||
| `master.livenessProbe.periodSeconds` | How often to perform the probe (master-eligible nodes pod) | `10` |
|
||||
| `master.livenessProbe.timeoutSeconds` | When the probe times out (master-eligible nodes pod) | `5` |
|
||||
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (master-eligible nodes pod) | `1` |
|
||||
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `master.readinessProbe.enabled` | Enable/disable the readiness probe (master-eligible nodes pod) | `true` |
|
||||
| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (master-eligible nodes pod) | `90` |
|
||||
| `master.readinessProbe.periodSeconds` | How often to perform the probe (master-eligible nodes pod) | `10` |
|
||||
| `master.readinessProbe.timeoutSeconds` | When the probe times out (master-eligible nodes pod) | `5` |
|
||||
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (master-eligible nodes pod) | `1` |
|
||||
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `master.customStartupProbe` | Override default startup probe | `{}` |
|
||||
| `master.customLivenessProbe` | Override default liveness probe | `{}` |
|
||||
| `master.customReadinessProbe` | Override default readiness probe | `{}` |
|
||||
| `master.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `master.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `master.lifecycleHooks` | for the master-elegible container(s) to automate configuration before or after startup | `{}` |
|
||||
| `master.extraEnvVars` | Array with extra environment variables to add to master-elegible nodes | `[]` |
|
||||
| `master.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for master-elegible nodes | `""` |
|
||||
| `master.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for master-elegible nodes | `""` |
|
||||
| `master.extraVolumes` | Optionally specify extra list of additional volumes for the master-elegible pod(s) | `[]` |
|
||||
| `master.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the master-elegible container(s) | `[]` |
|
||||
| `master.sidecars` | Add additional sidecar containers to the master-elegible pod(s) | `[]` |
|
||||
| `master.initContainers` | Add additional init containers to the master-elegible pod(s) | `[]` |
|
||||
| `master.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
|
||||
| `master.persistence.storageClass` | Persistent Volume Storage Class | `""` |
|
||||
| `master.persistence.existingClaim` | Existing Persistent Volume Claim | `""` |
|
||||
| `master.persistence.existingVolume` | Existing Persistent Volume for use as volume match label selector to the `volumeClaimTemplate`. Ignored when `master.persistence.selector` is set. | `""` |
|
||||
| `master.persistence.selector` | Configure custom selector for existing Persistent Volume. Overwrites `master.persistence.existingVolume` | `{}` |
|
||||
| `master.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
|
||||
| `master.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` |
|
||||
| `master.persistence.size` | Persistent Volume Size | `8Gi` |
|
||||
| `master.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `master.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
|
||||
| `master.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `master.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` |
|
||||
| `master.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
|
||||
| `master.networkPolicy.allowExternal` | The Policy model to apply | `true` |
|
||||
| `master.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `master.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `master.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `master.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `master.autoscaling.vpa.enabled` | Enable VPA | `false` |
|
||||
| `master.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
|
||||
| `master.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
|
||||
| `master.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
|
||||
| `master.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
|
||||
| `master.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
|
||||
| `master.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
|
||||
| `master.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` |
|
||||
| `master.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` |
|
||||
| `master.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
|
||||
| `master.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
|
||||
|
||||
### Data-only nodes parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
|
||||
| `data.replicaCount` | Number of data-only replicas to deploy | `2` |
|
||||
| `data.extraRoles` | Append extra roles to the node role | `[]` |
|
||||
| `data.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
|
||||
| `data.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
|
||||
| `data.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
|
||||
| `data.nameOverride` | String to partially override opensearch.data.fullname | `""` |
|
||||
| `data.fullnameOverride` | String to fully override opensearch.data.fullname | `""` |
|
||||
| `data.servicenameOverride` | String to fully override opensearch.data.servicename | `""` |
|
||||
| `data.annotations` | Annotations for the data statefulset | `{}` |
|
||||
| `data.updateStrategy.type` | Data-only nodes statefulset stategy type | `RollingUpdate` |
|
||||
| `data.resources.limits` | The resources limits for the data containers | `{}` |
|
||||
| `data.resources.requests` | The requested resources for the data containers | `{}` |
|
||||
| `data.heapSize` | Opensearch data node heap size. | `1024m` |
|
||||
| `data.podSecurityContext.enabled` | Enabled data pods' Security Context | `true` |
|
||||
| `data.podSecurityContext.fsGroup` | Set data pod's Security Context fsGroup | `1001` |
|
||||
| `data.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `data.containerSecurityContext.enabled` | Enabled data containers' Security Context | `true` |
|
||||
| `data.containerSecurityContext.runAsUser` | Set data containers' Security Context runAsUser | `1001` |
|
||||
| `data.containerSecurityContext.runAsNonRoot` | Set data containers' Security Context runAsNonRoot | `true` |
|
||||
| `data.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
|
||||
| `data.hostAliases` | data pods host aliases | `[]` |
|
||||
| `data.podLabels` | Extra labels for data pods | `{}` |
|
||||
| `data.podAnnotations` | Annotations for data pods | `{}` |
|
||||
| `data.podAffinityPreset` | Pod affinity preset. Ignored if `data.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `data.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `data.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `data.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `data.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `data.nodeAffinityPreset.key` | Node label key to match. Ignored if `data.affinity` is set | `""` |
|
||||
| `data.nodeAffinityPreset.values` | Node label values to match. Ignored if `data.affinity` is set | `[]` |
|
||||
| `data.affinity` | Affinity for data pods assignment | `{}` |
|
||||
| `data.nodeSelector` | Node labels for data pods assignment | `{}` |
|
||||
| `data.tolerations` | Tolerations for data pods assignment | `[]` |
|
||||
| `data.priorityClassName` | data pods' priorityClassName | `""` |
|
||||
| `data.schedulerName` | Name of the k8s scheduler (other than default) for data pods | `""` |
|
||||
| `data.terminationGracePeriodSeconds` | In seconds, time the given to the Opensearch data pod needs to terminate gracefully | `""` |
|
||||
| `data.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
|
||||
| `data.podManagementPolicy` | podManagementPolicy to manage scaling operation of Opensearch data pods | `Parallel` |
|
||||
| `data.startupProbe.enabled` | Enable/disable the startup probe (data nodes pod) | `false` |
|
||||
| `data.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (data nodes pod) | `90` |
|
||||
| `data.startupProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `data.startupProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `data.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `data.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `data.livenessProbe.enabled` | Enable/disable the liveness probe (data nodes pod) | `true` |
|
||||
| `data.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (data nodes pod) | `90` |
|
||||
| `data.livenessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `data.livenessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `data.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `data.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `data.readinessProbe.enabled` | Enable/disable the readiness probe (data nodes pod) | `true` |
|
||||
| `data.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (data nodes pod) | `90` |
|
||||
| `data.readinessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `data.readinessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `data.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `data.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `data.customStartupProbe` | Override default startup probe | `{}` |
|
||||
| `data.customLivenessProbe` | Override default liveness probe | `{}` |
|
||||
| `data.customReadinessProbe` | Override default readiness probe | `{}` |
|
||||
| `data.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `data.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `data.lifecycleHooks` | for the data container(s) to automate configuration before or after startup | `{}` |
|
||||
| `data.extraEnvVars` | Array with extra environment variables to add to data nodes | `[]` |
|
||||
| `data.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for data nodes | `""` |
|
||||
| `data.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for data nodes | `""` |
|
||||
| `data.extraVolumes` | Optionally specify extra list of additional volumes for the data pod(s) | `[]` |
|
||||
| `data.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the data container(s) | `[]` |
|
||||
| `data.sidecars` | Add additional sidecar containers to the data pod(s) | `[]` |
|
||||
| `data.initContainers` | Add additional init containers to the data pod(s) | `[]` |
|
||||
| `data.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
|
||||
| `data.persistence.storageClass` | Persistent Volume Storage Class | `""` |
|
||||
| `data.persistence.existingClaim` | Existing Persistent Volume Claim | `""` |
|
||||
| `data.persistence.existingVolume` | Existing Persistent Volume for use as volume match label selector to the `volumeClaimTemplate`. Ignored when `data.persistence.selector` is set. | `""` |
|
||||
| `data.persistence.selector` | Configure custom selector for existing Persistent Volume. Overwrites `data.persistence.existingVolume` | `{}` |
|
||||
| `data.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
|
||||
| `data.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` |
|
||||
| `data.persistence.size` | Persistent Volume Size | `8Gi` |
|
||||
| `data.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `data.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
|
||||
| `data.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `data.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` |
|
||||
| `data.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
|
||||
| `data.networkPolicy.allowExternal` | The Policy model to apply | `true` |
|
||||
| `data.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `data.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `data.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `data.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `data.autoscaling.vpa.enabled` | Enable VPA | `false` |
|
||||
| `data.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
|
||||
| `data.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
|
||||
| `data.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
|
||||
| `data.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
|
||||
| `data.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
|
||||
| `data.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
|
||||
| `data.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` |
|
||||
| `data.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` |
|
||||
| `data.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
|
||||
| `data.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
|
||||
|
||||
### Coordinating-only nodes parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ---------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
|
||||
| `coordinating.replicaCount` | Number of coordinating-only replicas to deploy | `2` |
|
||||
| `coordinating.extraRoles` | Append extra roles to the node role | `[]` |
|
||||
| `coordinating.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
|
||||
| `coordinating.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
|
||||
| `coordinating.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
|
||||
| `coordinating.nameOverride` | String to partially override opensearch.coordinating.fullname | `""` |
|
||||
| `coordinating.fullnameOverride` | String to fully override opensearch.coordinating.fullname | `""` |
|
||||
| `coordinating.servicenameOverride` | String to fully override opensearch.coordinating.servicename | `""` |
|
||||
| `coordinating.annotations` | Annotations for the coordinating-only statefulset | `{}` |
|
||||
| `coordinating.updateStrategy.type` | Coordinating-only nodes statefulset stategy type | `RollingUpdate` |
|
||||
| `coordinating.resources.limits` | The resources limits for the coordinating-only containers | `{}` |
|
||||
| `coordinating.resources.requests` | The requested resources for the coordinating-only containers | `{}` |
|
||||
| `coordinating.heapSize` | Opensearch coordinating node heap size. | `128m` |
|
||||
| `coordinating.podSecurityContext.enabled` | Enabled coordinating-only pods' Security Context | `true` |
|
||||
| `coordinating.podSecurityContext.fsGroup` | Set coordinating-only pod's Security Context fsGroup | `1001` |
|
||||
| `coordinating.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `coordinating.containerSecurityContext.enabled` | Enabled coordinating-only containers' Security Context | `true` |
|
||||
| `coordinating.containerSecurityContext.runAsUser` | Set coordinating-only containers' Security Context runAsUser | `1001` |
|
||||
| `coordinating.containerSecurityContext.runAsNonRoot` | Set coordinating-only containers' Security Context runAsNonRoot | `true` |
|
||||
| `coordinating.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
|
||||
| `coordinating.hostAliases` | coordinating-only pods host aliases | `[]` |
|
||||
| `coordinating.podLabels` | Extra labels for coordinating-only pods | `{}` |
|
||||
| `coordinating.podAnnotations` | Annotations for coordinating-only pods | `{}` |
|
||||
| `coordinating.podAffinityPreset` | Pod affinity preset. Ignored if `coordinating.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `coordinating.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `coordinating.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `coordinating.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `coordinating.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `coordinating.nodeAffinityPreset.key` | Node label key to match. Ignored if `coordinating.affinity` is set | `""` |
|
||||
| `coordinating.nodeAffinityPreset.values` | Node label values to match. Ignored if `coordinating.affinity` is set | `[]` |
|
||||
| `coordinating.affinity` | Affinity for coordinating-only pods assignment | `{}` |
|
||||
| `coordinating.nodeSelector` | Node labels for coordinating-only pods assignment | `{}` |
|
||||
| `coordinating.tolerations` | Tolerations for coordinating-only pods assignment | `[]` |
|
||||
| `coordinating.priorityClassName` | coordinating-only pods' priorityClassName | `""` |
|
||||
| `coordinating.schedulerName` | Name of the k8s scheduler (other than default) for coordinating-only pods | `""` |
|
||||
| `coordinating.terminationGracePeriodSeconds` | In seconds, time the given to the Opensearch coordinating pod needs to terminate gracefully | `""` |
|
||||
| `coordinating.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
|
||||
| `coordinating.podManagementPolicy` | podManagementPolicy to manage scaling operation of Opensearch coordinating pods | `Parallel` |
|
||||
| `coordinating.startupProbe.enabled` | Enable/disable the startup probe (coordinating-only nodes pod) | `false` |
|
||||
| `coordinating.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (coordinating-only nodes pod) | `90` |
|
||||
| `coordinating.startupProbe.periodSeconds` | How often to perform the probe (coordinating-only nodes pod) | `10` |
|
||||
| `coordinating.startupProbe.timeoutSeconds` | When the probe times out (coordinating-only nodes pod) | `5` |
|
||||
| `coordinating.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (coordinating-only nodes pod) | `1` |
|
||||
| `coordinating.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `coordinating.livenessProbe.enabled` | Enable/disable the liveness probe (coordinating-only nodes pod) | `true` |
|
||||
| `coordinating.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (coordinating-only nodes pod) | `90` |
|
||||
| `coordinating.livenessProbe.periodSeconds` | How often to perform the probe (coordinating-only nodes pod) | `10` |
|
||||
| `coordinating.livenessProbe.timeoutSeconds` | When the probe times out (coordinating-only nodes pod) | `5` |
|
||||
| `coordinating.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (coordinating-only nodes pod) | `1` |
|
||||
| `coordinating.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `coordinating.readinessProbe.enabled` | Enable/disable the readiness probe (coordinating-only nodes pod) | `true` |
|
||||
| `coordinating.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (coordinating-only nodes pod) | `90` |
|
||||
| `coordinating.readinessProbe.periodSeconds` | How often to perform the probe (coordinating-only nodes pod) | `10` |
|
||||
| `coordinating.readinessProbe.timeoutSeconds` | When the probe times out (coordinating-only nodes pod) | `5` |
|
||||
| `coordinating.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (coordinating-only nodes pod) | `1` |
|
||||
| `coordinating.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `coordinating.customStartupProbe` | Override default startup probe | `{}` |
|
||||
| `coordinating.customLivenessProbe` | Override default liveness probe | `{}` |
|
||||
| `coordinating.customReadinessProbe` | Override default readiness probe | `{}` |
|
||||
| `coordinating.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `coordinating.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `coordinating.lifecycleHooks` | for the coordinating-only container(s) to automate configuration before or after startup | `{}` |
|
||||
| `coordinating.extraEnvVars` | Array with extra environment variables to add to coordinating-only nodes | `[]` |
|
||||
| `coordinating.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for coordinating-only nodes | `""` |
|
||||
| `coordinating.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for coordinating-only nodes | `""` |
|
||||
| `coordinating.extraVolumes` | Optionally specify extra list of additional volumes for the coordinating-only pod(s) | `[]` |
|
||||
| `coordinating.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the coordinating-only container(s) | `[]` |
|
||||
| `coordinating.sidecars` | Add additional sidecar containers to the coordinating-only pod(s) | `[]` |
|
||||
| `coordinating.initContainers` | Add additional init containers to the coordinating-only pod(s) | `[]` |
|
||||
| `coordinating.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `coordinating.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
|
||||
| `coordinating.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `coordinating.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` |
|
||||
| `coordinating.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
|
||||
| `coordinating.networkPolicy.allowExternal` | The Policy model to apply | `true` |
|
||||
| `coordinating.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `coordinating.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `coordinating.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `coordinating.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `coordinating.autoscaling.vpa.enabled` | Enable VPA | `false` |
|
||||
| `coordinating.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
|
||||
| `coordinating.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
|
||||
| `coordinating.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
|
||||
| `coordinating.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
|
||||
| `coordinating.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
|
||||
| `coordinating.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
|
||||
| `coordinating.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` |
|
||||
| `coordinating.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` |
|
||||
| `coordinating.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
|
||||
| `coordinating.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
|
||||
|
||||
### Ingest-only nodes parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
|
||||
| `ingest.enabled` | Enable ingest nodes | `true` |
|
||||
| `ingest.replicaCount` | Number of ingest-only replicas to deploy | `2` |
|
||||
| `ingest.extraRoles` | Append extra roles to the node role | `[]` |
|
||||
| `ingest.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
|
||||
| `ingest.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
|
||||
| `ingest.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
|
||||
| `ingest.nameOverride` | String to partially override opensearch.ingest.fullname | `""` |
|
||||
| `ingest.fullnameOverride` | String to fully override opensearch.ingest.fullname | `""` |
|
||||
| `ingest.servicenameOverride` | String to fully override ingest.master.servicename | `""` |
|
||||
| `ingest.annotations` | Annotations for the ingest statefulset | `{}` |
|
||||
| `ingest.updateStrategy.type` | Ingest-only nodes statefulset stategy type | `RollingUpdate` |
|
||||
| `ingest.resources.limits` | The resources limits for the ingest-only containers | `{}` |
|
||||
| `ingest.resources.requests` | The requested resources for the ingest-only containers | `{}` |
|
||||
| `ingest.heapSize` | Opensearch ingest-only node heap size. | `128m` |
|
||||
| `ingest.podSecurityContext.enabled` | Enabled ingest-only pods' Security Context | `true` |
|
||||
| `ingest.podSecurityContext.fsGroup` | Set ingest-only pod's Security Context fsGroup | `1001` |
|
||||
| `ingest.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `ingest.containerSecurityContext.enabled` | Enabled ingest-only containers' Security Context | `true` |
|
||||
| `ingest.containerSecurityContext.runAsUser` | Set ingest-only containers' Security Context runAsUser | `1001` |
|
||||
| `ingest.containerSecurityContext.runAsNonRoot` | Set ingest-only containers' Security Context runAsNonRoot | `true` |
|
||||
| `ingest.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
|
||||
| `ingest.hostAliases` | ingest-only pods host aliases | `[]` |
|
||||
| `ingest.podLabels` | Extra labels for ingest-only pods | `{}` |
|
||||
| `ingest.podAnnotations` | Annotations for ingest-only pods | `{}` |
|
||||
| `ingest.podAffinityPreset` | Pod affinity preset. Ignored if `ingest.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `ingest.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `ingest.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `ingest.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `ingest.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `ingest.nodeAffinityPreset.key` | Node label key to match. Ignored if `ingest.affinity` is set | `""` |
|
||||
| `ingest.nodeAffinityPreset.values` | Node label values to match. Ignored if `ingest.affinity` is set | `[]` |
|
||||
| `ingest.affinity` | Affinity for ingest-only pods assignment | `{}` |
|
||||
| `ingest.nodeSelector` | Node labels for ingest-only pods assignment | `{}` |
|
||||
| `ingest.tolerations` | Tolerations for ingest-only pods assignment | `[]` |
|
||||
| `ingest.priorityClassName` | ingest-only pods' priorityClassName | `""` |
|
||||
| `ingest.schedulerName` | Name of the k8s scheduler (other than default) for ingest-only pods | `""` |
|
||||
| `ingest.terminationGracePeriodSeconds` | In seconds, time the given to the Opensearch ingest pod needs to terminate gracefully | `""` |
|
||||
| `ingest.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
|
||||
| `ingest.podManagementPolicy` | podManagementPolicy to manage scaling operation of Opensearch ingest pods | `Parallel` |
|
||||
| `ingest.startupProbe.enabled` | Enable/disable the startup probe (ingest-only nodes pod) | `false` |
|
||||
| `ingest.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (ingest-only nodes pod) | `90` |
|
||||
| `ingest.startupProbe.periodSeconds` | How often to perform the probe (ingest-only nodes pod) | `10` |
|
||||
| `ingest.startupProbe.timeoutSeconds` | When the probe times out (ingest-only nodes pod) | `5` |
|
||||
| `ingest.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (ingest-only nodes pod) | `1` |
|
||||
| `ingest.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `ingest.livenessProbe.enabled` | Enable/disable the liveness probe (ingest-only nodes pod) | `true` |
|
||||
| `ingest.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (ingest-only nodes pod) | `90` |
|
||||
| `ingest.livenessProbe.periodSeconds` | How often to perform the probe (ingest-only nodes pod) | `10` |
|
||||
| `ingest.livenessProbe.timeoutSeconds` | When the probe times out (ingest-only nodes pod) | `5` |
|
||||
| `ingest.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (ingest-only nodes pod) | `1` |
|
||||
| `ingest.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `ingest.readinessProbe.enabled` | Enable/disable the readiness probe (ingest-only nodes pod) | `true` |
|
||||
| `ingest.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (ingest-only nodes pod) | `90` |
|
||||
| `ingest.readinessProbe.periodSeconds` | How often to perform the probe (ingest-only nodes pod) | `10` |
|
||||
| `ingest.readinessProbe.timeoutSeconds` | When the probe times out (ingest-only nodes pod) | `5` |
|
||||
| `ingest.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (ingest-only nodes pod) | `1` |
|
||||
| `ingest.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `ingest.customStartupProbe` | Override default startup probe | `{}` |
|
||||
| `ingest.customLivenessProbe` | Override default liveness probe | `{}` |
|
||||
| `ingest.customReadinessProbe` | Override default readiness probe | `{}` |
|
||||
| `ingest.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `ingest.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `ingest.lifecycleHooks` | for the ingest-only container(s) to automate configuration before or after startup | `{}` |
|
||||
| `ingest.extraEnvVars` | Array with extra environment variables to add to ingest-only nodes | `[]` |
|
||||
| `ingest.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for ingest-only nodes | `""` |
|
||||
| `ingest.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for ingest-only nodes | `""` |
|
||||
| `ingest.extraVolumes` | Optionally specify extra list of additional volumes for the ingest-only pod(s) | `[]` |
|
||||
| `ingest.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the ingest-only container(s) | `[]` |
|
||||
| `ingest.sidecars` | Add additional sidecar containers to the ingest-only pod(s) | `[]` |
|
||||
| `ingest.initContainers` | Add additional init containers to the ingest-only pod(s) | `[]` |
|
||||
| `ingest.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `ingest.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
|
||||
| `ingest.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `ingest.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` |
|
||||
| `ingest.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
|
||||
| `ingest.networkPolicy.allowExternal` | The Policy model to apply | `true` |
|
||||
| `ingest.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `ingest.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `ingest.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `ingest.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `ingest.autoscaling.vpa.enabled` | Enable VPA | `false` |
|
||||
| `ingest.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
|
||||
| `ingest.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
|
||||
| `ingest.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
|
||||
| `ingest.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
|
||||
| `ingest.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
|
||||
| `ingest.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
|
||||
| `ingest.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` |
|
||||
| `ingest.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` |
|
||||
| `ingest.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
|
||||
| `ingest.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
|
||||
| `ingest.service.enabled` | Enable Ingest-only service | `false` |
|
||||
| `ingest.service.type` | Opensearch ingest-only service type | `ClusterIP` |
|
||||
| `ingest.service.ports.restAPI` | Opensearch service REST API port | `9200` |
|
||||
| `ingest.service.ports.transport` | Opensearch service transport port | `9300` |
|
||||
| `ingest.service.nodePorts.restAPI` | Node port for REST API | `""` |
|
||||
| `ingest.service.nodePorts.transport` | Node port for REST API | `""` |
|
||||
| `ingest.service.clusterIP` | Opensearch ingest-only service Cluster IP | `""` |
|
||||
| `ingest.service.loadBalancerIP` | Opensearch ingest-only service Load Balancer IP | `""` |
|
||||
| `ingest.service.loadBalancerSourceRanges` | Opensearch ingest-only service Load Balancer sources | `[]` |
|
||||
| `ingest.service.externalTrafficPolicy` | Opensearch ingest-only service external traffic policy | `Cluster` |
|
||||
| `ingest.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` |
|
||||
| `ingest.service.annotations` | Additional custom annotations for Opensearch ingest-only service | `{}` |
|
||||
| `ingest.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `ingest.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `ingest.ingress.enabled` | Enable ingress record generation for Opensearch | `false` |
|
||||
| `ingest.ingress.pathType` | Ingress path type | `ImplementationSpecific` |
|
||||
| `ingest.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
|
||||
| `ingest.ingress.hostname` | Default host for the ingress record | `opensearch-ingest.local` |
|
||||
| `ingest.ingress.path` | Default path for the ingress record | `/` |
|
||||
| `ingest.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` |
|
||||
| `ingest.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` |
|
||||
| `ingest.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` |
|
||||
| `ingest.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` |
|
||||
| `ingest.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` |
|
||||
| `ingest.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` |
|
||||
| `ingest.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` |
|
||||
| `ingest.ingress.secrets` | Custom TLS certificates as secrets | `[]` |
|
||||
| `ingest.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` |
|
||||
|
||||
### Init Container Parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
|
||||
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r131` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
|
||||
| `volumePermissions.resources.limits` | The resources limits for the container | `{}` |
|
||||
| `volumePermissions.resources.requests` | The requested resources for the container | `{}` |
|
||||
| `sysctlImage.enabled` | Enable kernel settings modifier image | `true` |
|
||||
| `sysctlImage.registry` | Kernel settings modifier image registry | `docker.io` |
|
||||
| `sysctlImage.repository` | Kernel settings modifier image repository | `bitnami/bitnami-shell` |
|
||||
| `sysctlImage.tag` | Kernel settings modifier image tag | `11-debian-11-r131` |
|
||||
| `sysctlImage.digest` | Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `sysctlImage.pullPolicy` | Kernel settings modifier image pull policy | `IfNotPresent` |
|
||||
| `sysctlImage.pullSecrets` | Kernel settings modifier image pull secrets | `[]` |
|
||||
| `sysctlImage.resources.limits` | The resources limits for the container | `{}` |
|
||||
| `sysctlImage.resources.requests` | The requested resources for the container | `{}` |
|
||||
|
||||
### Opensearch Dashborads Parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- |
|
||||
| `dashboards.enabled` | Enables Opensearch Dashboards deployment | `false` |
|
||||
| `dashboards.image.registry` | Opensearch Dashboards image registry | `docker.io` |
|
||||
| `dashboards.image.repository` | Opensearch Dashboards image repository | `bitnami/opensearch-dashboards` |
|
||||
| `dashboards.image.tag` | Opensearch Dashboards image tag (immutable tags are recommended) | `2.8.0-debian-11-r0` |
|
||||
| `dashboards.image.digest` | Opensearch Dashboards image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `dashboards.image.pullPolicy` | Opensearch Dashboards image pull policy | `IfNotPresent` |
|
||||
| `dashboards.image.pullSecrets` | Opensearch Dashboards image pull secrets | `[]` |
|
||||
| `dashboards.image.debug` | Enable Opensearch Dashboards image debug mode | `false` |
|
||||
| `dashboards.service.type` | Opensearch Dashboards service type | `ClusterIP` |
|
||||
| `dashboards.service.ports.http` | Opensearch Dashboards service web UI port | `5601` |
|
||||
| `dashboards.service.nodePorts.http` | Node port for web UI | `""` |
|
||||
| `dashboards.service.clusterIP` | Opensearch Dashboards service Cluster IP | `""` |
|
||||
| `dashboards.service.loadBalancerIP` | Opensearch Dashboards service Load Balancer IP | `""` |
|
||||
| `dashboards.service.loadBalancerSourceRanges` | Opensearch Dashboards service Load Balancer sources | `[]` |
|
||||
| `dashboards.service.externalTrafficPolicy` | Opensearch Dashboards service external traffic policy | `Cluster` |
|
||||
| `dashboards.service.annotations` | Additional custom annotations for Opensearch Dashboards service | `{}` |
|
||||
| `dashboards.service.extraPorts` | Extra ports to expose in Opensearch Dashboards service (normally used with the `sidecars` value) | `[]` |
|
||||
| `dashboards.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
|
||||
| `dashboards.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
|
||||
| `dashboards.containerPorts.http` | Opensearch Dashboards HTTP port | `5601` |
|
||||
| `dashboards.password` | Password for Opensearch Dashboards | `""` |
|
||||
| `dashboards.replicaCount` | Number of data-only replicas to deploy | `1` |
|
||||
| `dashboards.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` |
|
||||
| `dashboards.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` |
|
||||
| `dashboards.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` |
|
||||
| `dashboards.nameOverride` | String to partially override opensearch.dashboards.fullname | `""` |
|
||||
| `dashboards.fullnameOverride` | String to fully override opensearch.dashboards.fullname | `""` |
|
||||
| `dashboards.servicenameOverride` | String to fully override opensearch.dashboards.servicename | `""` |
|
||||
| `dashboards.updateStrategy.type` | Data-only nodes statefulset stategy type | `RollingUpdate` |
|
||||
| `dashboards.resources.limits` | The resources limits for the data containers | `{}` |
|
||||
| `dashboards.resources.requests` | The requested resources for the data containers | `{}` |
|
||||
| `dashboards.heapSize` | Opensearch data node heap size. | `1024m` |
|
||||
| `dashboards.podSecurityContext.enabled` | Enabled data pods' Security Context | `true` |
|
||||
| `dashboards.podSecurityContext.fsGroup` | Set dashboards pod's Security Context fsGroup | `1001` |
|
||||
| `dashboards.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` |
|
||||
| `dashboards.containerSecurityContext.enabled` | Enabled data containers' Security Context | `true` |
|
||||
| `dashboards.containerSecurityContext.runAsUser` | Set data containers' Security Context runAsUser | `1001` |
|
||||
| `dashboards.containerSecurityContext.runAsNonRoot` | Set data containers' Security Context runAsNonRoot | `true` |
|
||||
| `dashboards.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
|
||||
| `dashboards.hostAliases` | data pods host aliases | `[]` |
|
||||
| `dashboards.podLabels` | Extra labels for data pods | `{}` |
|
||||
| `dashboards.podAnnotations` | Annotations for data pods | `{}` |
|
||||
| `dashboards.podAffinityPreset` | Pod affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `dashboards.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `dashboards.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` |
|
||||
| `dashboards.nodeAffinityPreset.key` | Node label key to match. Ignored if `dashboards.affinity` is set | `""` |
|
||||
| `dashboards.nodeAffinityPreset.values` | Node label values to match. Ignored if `dashboards.affinity` is set | `[]` |
|
||||
| `dashboards.affinity` | Affinity for data pods assignment | `{}` |
|
||||
| `dashboards.nodeSelector` | Node labels for data pods assignment | `{}` |
|
||||
| `dashboards.tolerations` | Tolerations for data pods assignment | `[]` |
|
||||
| `dashboards.priorityClassName` | data pods' priorityClassName | `""` |
|
||||
| `dashboards.schedulerName` | Name of the k8s scheduler (other than default) for data pods | `""` |
|
||||
| `dashboards.terminationGracePeriodSeconds` | In seconds, time the given to the Opensearch data pod needs to terminate gracefully | `""` |
|
||||
| `dashboards.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
|
||||
| `dashboards.startupProbe.enabled` | Enable/disable the startup probe (data nodes pod) | `false` |
|
||||
| `dashboards.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (data nodes pod) | `120` |
|
||||
| `dashboards.startupProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `dashboards.startupProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `dashboards.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `dashboards.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `dashboards.livenessProbe.enabled` | Enable/disable the liveness probe (data nodes pod) | `true` |
|
||||
| `dashboards.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (data nodes pod) | `120` |
|
||||
| `dashboards.livenessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `dashboards.livenessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `dashboards.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `dashboards.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `dashboards.readinessProbe.enabled` | Enable/disable the readiness probe (data nodes pod) | `true` |
|
||||
| `dashboards.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (data nodes pod) | `120` |
|
||||
| `dashboards.readinessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` |
|
||||
| `dashboards.readinessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` |
|
||||
| `dashboards.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` |
|
||||
| `dashboards.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` |
|
||||
| `dashboards.customStartupProbe` | Override default startup probe | `{}` |
|
||||
| `dashboards.customLivenessProbe` | Override default liveness probe | `{}` |
|
||||
| `dashboards.customReadinessProbe` | Override default readiness probe | `{}` |
|
||||
| `dashboards.command` | Override default container command (useful when using custom images) | `[]` |
|
||||
| `dashboards.args` | Override default container args (useful when using custom images) | `[]` |
|
||||
| `dashboards.lifecycleHooks` | for the data container(s) to automate configuration before or after startup | `{}` |
|
||||
| `dashboards.extraEnvVars` | Array with extra environment variables to add to data nodes | `[]` |
|
||||
| `dashboards.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for data nodes | `""` |
|
||||
| `dashboards.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for data nodes | `""` |
|
||||
| `dashboards.extraVolumes` | Optionally specify extra list of additional volumes for the data pod(s) | `[]` |
|
||||
| `dashboards.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the data container(s) | `[]` |
|
||||
| `dashboards.sidecars` | Add additional sidecar containers to the data pod(s) | `[]` |
|
||||
| `dashboards.initContainers` | Add additional init containers to the data pod(s) | `[]` |
|
||||
| `dashboards.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
|
||||
| `dashboards.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` |
|
||||
| `dashboards.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
|
||||
| `dashboards.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` |
|
||||
| `dashboards.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
|
||||
| `dashboards.networkPolicy.allowExternal` | The Policy model to apply | `true` |
|
||||
| `dashboards.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `dashboards.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` |
|
||||
| `dashboards.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `dashboards.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
|
||||
| `dashboards.autoscaling.vpa.enabled` | Enable VPA | `false` |
|
||||
| `dashboards.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` |
|
||||
| `dashboards.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` |
|
||||
| `dashboards.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
|
||||
| `dashboards.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
|
||||
| `dashboards.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
|
||||
| `dashboards.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
|
||||
| `dashboards.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` |
|
||||
| `dashboards.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` |
|
||||
| `dashboards.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
|
||||
| `dashboards.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
|
||||
| `dashboards.tls.enabled` | Enable TLS for Opensearch Dashboards webserver | `false` |
|
||||
| `dashboards.tls.existingSecret` | Existing secret containing the certificates for Opensearch Dashboards webserver | `""` |
|
||||
| `dashboards.tls.autoGenerated` | Create self-signed TLS certificates. | `true` |
|
||||
|
||||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
|
||||
|
||||
```console
|
||||
helm install my-release \
|
||||
--set name=my-open,client.service.port=8080 \
|
||||
oci://registry-1.docker.io/bitnamicharts/opensearch
|
||||
```
|
||||
|
||||
The above command sets the Opensearch cluster name to `my-open` and REST port number to `8080`.
|
||||
|
||||
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
|
||||
|
||||
```console
|
||||
helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/opensearch
|
||||
```
|
||||
|
||||
> **Tip**: You can use the default [values.yaml](values.yaml).
|
||||
|
||||
## Configuration and installation details
|
||||
|
||||
### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
|
||||
|
||||
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
|
||||
|
||||
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
|
||||
|
||||
### Change OpenSearch version
|
||||
|
||||
To modify the OpenSearch version used in this chart you can specify a [valid image tag](https://hub.docker.com/r/bitnami/opensearch/tags/) using the `image.tag` parameter. For example, `image.tag=X.Y.Z`. This approach is also applicable to other images like exporters.
|
||||
|
||||
### Default kernel settings
|
||||
|
||||
Currently, Opensearch requires some changes in the kernel of the host machine to work as expected. If those values are not set in the underlying operating system, the OS containers fail to boot with ERROR messages. More information about these requirements can be found in the links below:
|
||||
|
||||
- [File Descriptor requirements](https://www.open.co/guide/en/opensearch/reference/current/file-descriptors.html)
|
||||
- [Virtual memory requirements](https://www.open.co/guide/en/opensearch/reference/current/vm-max-map-count.html)
|
||||
|
||||
This chart uses a **privileged** initContainer to change those settings in the Kernel by running: `sysctl -w vm.max_map_count=262144 && sysctl -w fs.file-max=65536`.
|
||||
You can disable the initContainer using the `sysctlImage.enabled=false` parameter.
|
||||
|
||||
### Enable bundled Kibana
|
||||
|
||||
This Opensearch chart contains Kibana as subchart, you can enable it just setting the `global.kibanaEnabled=true` parameter.
|
||||
To see the notes with some operational instructions from the Kibana chart, please use the `--render-subchart-notes` as part of your `helm install` command, in this way you can see the Kibana and OS notes in your terminal.
|
||||
|
||||
When enabling the bundled kibana subchart, there are a few gotchas that you should be aware of listed below.
|
||||
|
||||
#### Opensearch rest Encryption
|
||||
|
||||
When enabling opensearch' rest endpoint encryption you will also need to set `kibana.opensearch.security.tls.enabled` to the SAME value along with some additional values shown below for an "out of the box experience":
|
||||
|
||||
```yaml
|
||||
security:
|
||||
enabled: true
|
||||
# PASSWORD must be the same value passed to opensearch to get an "out of the box" experience
|
||||
openPassword: "<PASSWORD>"
|
||||
tls:
|
||||
# AutoGenerate TLS certs for open
|
||||
autoGenerated: true
|
||||
|
||||
kibana:
|
||||
opensearch:
|
||||
security:
|
||||
auth:
|
||||
enabled: true
|
||||
# default in the opensearch chart is open
|
||||
kibanaUsername: "<USERNAME>"
|
||||
kibanaPassword: "<PASSWORD>"
|
||||
tls:
|
||||
# Instruct kibana to connect to open over https
|
||||
enabled: true
|
||||
# Bit of a catch 22, as you will need to know the name upfront of your release
|
||||
existingSecret: RELEASENAME-opensearch-coordinating-crt # or just 'opensearch-coordinating-crt' if the release name happens to be 'opensearch'
|
||||
# As the certs are auto-generated, they are pemCerts so set to true
|
||||
usePemCerts: true
|
||||
```
|
||||
|
||||
At a bare-minimum, when working with kibana and opensearch together the following values MUST be the same, otherwise things will fail:
|
||||
|
||||
```yaml
|
||||
security:
|
||||
tls:
|
||||
restEncryption: true
|
||||
|
||||
# assumes global.kibanaEnabled=true
|
||||
kibana:
|
||||
opensearch:
|
||||
security:
|
||||
tls:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
### Adding extra environment variables
|
||||
|
||||
In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property.
|
||||
|
||||
```yaml
|
||||
extraEnvVars:
|
||||
- name: OPENSEARCH_VERSION
|
||||
value: 7.0
|
||||
```
|
||||
|
||||
Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values.
|
||||
|
||||
### Using custom init scripts
|
||||
|
||||
For advanced operations, the Bitnami Opensearch charts allows using custom init scripts that will be mounted inside `/docker-entrypoint.init-db`. You can include the file directly in your `values.yaml` with `initScripts`, or use a ConfigMap or a Secret (in case of sensitive data) for mounting these extra scripts. In this case you use the `initScriptsCM` and `initScriptsSecret` values.
|
||||
|
||||
```console
|
||||
initScriptsCM=special-scripts
|
||||
initScriptsSecret=special-scripts-sensitive
|
||||
```
|
||||
|
||||
### Snapshot and restore operations
|
||||
|
||||
As it's described in the [official documentation](https://www.open.co/guide/en/opensearch/reference/current/snapshots-register-repository.html#snapshots-filesystem-repository), it's necessary to register a snapshot repository before you can perform snapshot and restore operations.
|
||||
|
||||
This chart allows you to configure Opensearch to use a shared file system to store snapshots. To do so, you need to mount a RWX volume on every Opensearch node, and set the parameter `snapshotRepoPath` with the path where the volume is mounted. In the example below, you can find the values to set when using a NFS Perstitent Volume:
|
||||
|
||||
```yaml
|
||||
extraVolumes:
|
||||
- name: snapshot-repository
|
||||
nfs:
|
||||
server: nfs.example.com # Please change this to your NFS server
|
||||
path: /share1
|
||||
extraVolumeMounts:
|
||||
- name: snapshot-repository
|
||||
mountPath: /snapshots
|
||||
snapshotRepoPath: "/snapshots"
|
||||
```
|
||||
|
||||
### Sidecars and Init Containers
|
||||
|
||||
If you have a need for additional containers to run within the same pod as Opensearch components (e.g. an additional metrics or logging exporter), you can do so via the `XXX.sidecars` parameter(s), where XXX is placeholder you need to replace with the actual component(s). Simply define your container according to the Kubernetes container spec.
|
||||
|
||||
```yaml
|
||||
sidecars:
|
||||
- name: your-image-name
|
||||
image: your-image
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- name: portname
|
||||
containerPort: 1234
|
||||
```
|
||||
|
||||
Similarly, you can add extra init containers using the `initContainers` parameter.
|
||||
|
||||
```yaml
|
||||
initContainers:
|
||||
- name: your-image-name
|
||||
image: your-image
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- name: portname
|
||||
```
|
||||
|
||||
### Setting Pod's affinity
|
||||
|
||||
This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
|
||||
|
||||
As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters.
|
||||
|
||||
## Persistence
|
||||
|
||||
The [Bitnami Opensearch](https://github.com/bitnami/containers/tree/main/bitnami/opensearch) image stores the Opensearch data at the `/bitnami/opensearch/data` path of the container.
|
||||
|
||||
By default, the chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning. See the [Parameters](#parameters) section to configure the PVC.
|
||||
|
||||
### Adjust permissions of persistent volume mountpoint
|
||||
|
||||
As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it.
|
||||
|
||||
By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions.
|
||||
As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination.
|
||||
|
||||
You can enable this initContainer by setting `volumePermissions.enabled` to `true`.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues).
|
||||
|
||||
## License
|
||||
|
||||
Copyright © 2023 VMware, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
<http://www.apache.org/licenses/LICENSE-2.0>
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
121
bitnami/opensearch/templates/NOTES.txt
Normal file
121
bitnami/opensearch/templates/NOTES.txt
Normal file
@@ -0,0 +1,121 @@
|
||||
CHART NAME: {{ .Chart.Name }}
|
||||
CHART VERSION: {{ .Chart.Version }}
|
||||
APP VERSION: {{ .Chart.AppVersion }}
|
||||
|
||||
{{- if contains .Values.service.type "LoadBalancer" }}
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
WARNING
|
||||
|
||||
By specifying "service.type=LoadBalancer" you have most likely
|
||||
exposed the Opensearch service externally.
|
||||
|
||||
Please note that Opensearch does not implement a authentication
|
||||
mechanism to secure your cluster. For security reasons, we strongly
|
||||
suggest that you switch to "ClusterIP" or "NodePort".
|
||||
-------------------------------------------------------------------------------
|
||||
{{- end }}
|
||||
{{- if not .Values.sysctlImage.enabled }}
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
WARNING
|
||||
|
||||
Opensearch requires some changes in the kernel of the host machine to
|
||||
work as expected. If those values are not set in the underlying operating
|
||||
system, the OS containers fail to boot with ERROR messages.
|
||||
|
||||
To check whether the host machine meets the requirements, run the command
|
||||
below:
|
||||
|
||||
kubectl logs --namespace {{ include "common.names.namespace" . }} $(kubectl get --namespace {{ include "common.names.namespace" . }} \
|
||||
pods -l app={{ template "common.names.name" . }},role=master -o jsonpath='{.items[0].metadata.name}') \
|
||||
opensearch
|
||||
|
||||
You can adapt the Kernel parameters on you cluster as described in the
|
||||
official documentation:
|
||||
|
||||
https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster
|
||||
|
||||
As an alternative, you can specify "sysctlImage.enabled=true" to use a
|
||||
privileged initContainer to change those settings in the Kernel:
|
||||
|
||||
helm upgrade --namespace {{ include "common.names.namespace" . }} {{ .Release.Name }} oci://registry-1.docker.io/bitnamicharts/opensearch --set sysctlImage.enabled=true
|
||||
|
||||
Note that this requires the ability to run privileged containers, which is likely not
|
||||
the case on many secure clusters. To cover this use case, you can also set some parameters
|
||||
in the config file to customize the default settings:
|
||||
|
||||
https://www.open.co/guide/en/opensearch/reference/current/index-modules-store.html
|
||||
https://www.open.co/guide/en/cloud-on-k8s/master/k8s-virtual-memory.html
|
||||
|
||||
For that, you can place the desired parameters by using the "config" block present in the values.yaml
|
||||
|
||||
{{- else if .Values.sysctlImage.enabled }}
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
WARNING
|
||||
|
||||
Opensearch requires some changes in the kernel of the host machine to
|
||||
work as expected. If those values are not set in the underlying operating
|
||||
system, the OS containers fail to boot with ERROR messages.
|
||||
|
||||
More information about these requirements can be found in the links below:
|
||||
|
||||
https://www.open.co/guide/en/opensearch/reference/current/file-descriptors.html
|
||||
https://www.open.co/guide/en/opensearch/reference/current/vm-max-map-count.html
|
||||
|
||||
This chart uses a privileged initContainer to change those settings in the Kernel
|
||||
by running: sysctl -w vm.max_map_count=262144 && sysctl -w fs.file-max=65536
|
||||
|
||||
{{- end }}
|
||||
|
||||
** Please be patient while the chart is being deployed **
|
||||
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with:
|
||||
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }}
|
||||
|
||||
Get the list of pods by executing:
|
||||
|
||||
kubectl get pods --namespace {{ include "common.names.namespace" . }} -l app.kubernetes.io/instance={{ .Release.Name }}
|
||||
|
||||
Access the pod you want to debug by executing
|
||||
|
||||
kubectl exec --namespace {{ include "common.names.namespace" . }} -ti <NAME OF THE POD> -- bash
|
||||
|
||||
In order to replicate the container startup scripts execute this command:
|
||||
|
||||
/opt/bitnami/scripts/opensearch/entrypoint.sh /opt/bitnami/scripts/opensearch/run.sh
|
||||
|
||||
{{- else }}
|
||||
|
||||
Opensearch can be accessed within the cluster on port {{ include "opensearch.service.ports.restAPI" . }} at {{ template "opensearch.service.name" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}
|
||||
|
||||
To access from outside the cluster execute the following commands:
|
||||
|
||||
{{- if contains "NodePort" .Values.service.type }}
|
||||
|
||||
export NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "opensearch.service.name" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
curl http://$NODE_IP:$NODE_PORT/
|
||||
{{- else if contains "LoadBalancer" .Values.service.type }}
|
||||
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -w {{ template "opensearch.service.name" . }}'
|
||||
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ template "opensearch.service.name" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
|
||||
curl http://$SERVICE_IP:{{ include "opensearch.service.ports.restAPI" . }}/
|
||||
{{- else if contains "ClusterIP" .Values.service.type }}
|
||||
|
||||
kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ template "opensearch.service.name" . }} {{ include "opensearch.service.ports.restAPI" . }}:9200 &
|
||||
curl http://127.0.0.1:9200/
|
||||
{{- end }}
|
||||
|
||||
{{- include "common.warnings.rollingTag" .Values.image }}
|
||||
{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }}
|
||||
{{- include "common.warnings.rollingTag" .Values.sysctlImage }}
|
||||
|
||||
{{- end }}
|
||||
{{ include "opensearch.validateValues" . }}
|
||||
656
bitnami/opensearch/templates/_helpers.tpl
Normal file
656
bitnami/opensearch/templates/_helpers.tpl
Normal file
@@ -0,0 +1,656 @@
|
||||
{{/*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
|
||||
{{/*
|
||||
Return the proper OS image name
|
||||
*/}}
|
||||
{{- define "opensearch.image" -}}
|
||||
{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Docker Image Registry Secret Names
|
||||
*/}}
|
||||
{{- define "opensearch.imagePullSecrets" -}}
|
||||
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.sysctlImage .Values.volumePermissions.image) "global" .Values.global) }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper sysctl image name
|
||||
*/}}
|
||||
{{- define "opensearch.sysctl.image" -}}
|
||||
{{ include "common.images.image" (dict "imageRoot" .Values.sysctlImage "global" .Values.global) }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper sysctl image name
|
||||
*/}}
|
||||
{{- define "opensearch.sysctl.initContainer" -}}
|
||||
## Image that performs the sysctl operation to modify Kernel settings (needed sometimes to avoid boot errors)
|
||||
- name: sysctl
|
||||
image: {{ include "opensearch.sysctl.image" . }}
|
||||
imagePullPolicy: {{ .Values.sysctlImage.pullPolicy | quote }}
|
||||
command:
|
||||
- /bin/bash
|
||||
- -ec
|
||||
- |
|
||||
{{- include "opensearch.sysctlIfLess" (dict "key" "vm.max_map_count" "value" "262144") | nindent 14 }}
|
||||
{{- include "opensearch.sysctlIfLess" (dict "key" "fs.file-max" "value" "65536") | nindent 14 }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
{{- if .Values.sysctlImage.resources }}
|
||||
resources: {{- toYaml .Values.sysctlImage.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper image name (for the init container volume-permissions image)
|
||||
*/}}
|
||||
{{- define "opensearch.volumePermissions.image" -}}
|
||||
{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Name for the Opensearch service
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
Required for the Kibana subchart to find Opensearch service.
|
||||
*/}}
|
||||
{{- define "opensearch.service.name" -}}
|
||||
{{- printf "%s" ( include "common.names.fullname" . ) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Port number for the Opensearch service REST API port
|
||||
Required for the Kibana subchart to find Opensearch service.
|
||||
*/}}
|
||||
{{- define "opensearch.service.ports.restAPI" -}}
|
||||
{{- printf "%d" (int .Values.service.ports.restAPI) -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified master name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.master.fullname" -}}
|
||||
{{- $name := default "master" .Values.master.nameOverride -}}
|
||||
{{- if .Values.master.fullnameOverride -}}
|
||||
{{- .Values.master.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "common.names.fullname" .) $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default master service name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.master.servicename" -}}
|
||||
{{- if .Values.master.servicenameOverride -}}
|
||||
{{- .Values.master.servicenameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-hl" (include "opensearch.master.fullname" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified coordinating name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.coordinating.fullname" -}}
|
||||
{{- $name := default "coordinating" .Values.coordinating.nameOverride -}}
|
||||
{{- if .Values.coordinating.fullnameOverride -}}
|
||||
{{- .Values.coordinating.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "common.names.fullname" .) $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default coordinating service name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.coordinating.servicename" -}}
|
||||
{{- if .Values.coordinating.servicenameOverride -}}
|
||||
{{- .Values.coordinating.servicenameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-hl" (include "opensearch.coordinating.fullname" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified data name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.data.fullname" -}}
|
||||
{{- $name := default "data" .Values.data.nameOverride -}}
|
||||
{{- if .Values.data.fullnameOverride -}}
|
||||
{{- .Values.data.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "common.names.fullname" .) $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default data service name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.data.servicename" -}}
|
||||
{{- if .Values.data.servicenameOverride -}}
|
||||
{{- .Values.data.servicenameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-hl" (include "opensearch.data.fullname" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified ingest name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.ingest.fullname" -}}
|
||||
{{- $name := default "ingest" .Values.ingest.nameOverride -}}
|
||||
{{- if .Values.ingest.fullnameOverride -}}
|
||||
{{- .Values.ingest.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "common.names.fullname" .) $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default ingest service name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.ingest.servicename" -}}
|
||||
{{- if .Values.ingest.servicenameOverride -}}
|
||||
{{- .Values.ingest.servicenameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-hl" (include "opensearch.ingest.fullname" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns true if at least one master-elegible node replica has been configured.
|
||||
*/}}
|
||||
{{- define "opensearch.master.enabled" -}}
|
||||
{{- if or .Values.master.autoscaling.enabled (gt (int .Values.master.replicaCount) 0) -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns true if at least one coordinating-only node replica has been configured.
|
||||
*/}}
|
||||
{{- define "opensearch.coordinating.enabled" -}}
|
||||
{{- if or .Values.coordinating.autoscaling.enabled (gt (int .Values.coordinating.replicaCount) 0) -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns true if at least one data-only node replica has been configured.
|
||||
*/}}
|
||||
{{- define "opensearch.data.enabled" -}}
|
||||
{{- if or .Values.data.autoscaling.enabled (gt (int .Values.data.replicaCount) 0) -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns true if at least one ingest-only node replica has been configured.
|
||||
*/}}
|
||||
{{- define "opensearch.ingest.enabled" -}}
|
||||
{{- if and .Values.ingest.enabled (or .Values.ingest.autoscaling.enabled (gt (int .Values.ingest.replicaCount) 0)) -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the hostname of every OpenSearch seed node
|
||||
*/}}
|
||||
{{- define "opensearch.hosts" -}}
|
||||
{{- $clusterDomain := .Values.clusterDomain }}
|
||||
{{- $releaseNamespace := include "common.names.namespace" . }}
|
||||
{{- if (include "opensearch.master.enabled" .) -}}
|
||||
{{- $masterFullname := include "opensearch.master.servicename" .}}
|
||||
{{- $masterFullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }},
|
||||
{{- end -}}
|
||||
{{- if (include "opensearch.coordinating.enabled" .) -}}
|
||||
{{- $coordinatingFullname := include "opensearch.coordinating.servicename" .}}
|
||||
{{- $coordinatingFullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }},
|
||||
{{- end -}}
|
||||
{{- if (include "opensearch.data.enabled" .) -}}
|
||||
{{- $dataFullname := include "opensearch.data.servicename" .}}
|
||||
{{- $dataFullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }},
|
||||
{{- end -}}
|
||||
{{- if (include "opensearch.ingest.enabled" .) -}}
|
||||
{{- $ingestFullname := include "opensearch.ingest.servicename" .}}
|
||||
{{- $ingestFullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }},
|
||||
{{- end -}}
|
||||
{{- range .Values.extraHosts }}
|
||||
{{- . }},
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get the initialization scripts volume name.
|
||||
*/}}
|
||||
{{- define "opensearch.initScripts" -}}
|
||||
{{- printf "%s-init-scripts" (include "common.names.fullname" .) -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get the initialization scripts ConfigMap name.
|
||||
*/}}
|
||||
{{- define "opensearch.initScriptsCM" -}}
|
||||
{{- printf "%s" .Values.initScriptsCM -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Get the initialization scripts Secret name.
|
||||
*/}}
|
||||
{{- define "opensearch.initScriptsSecret" -}}
|
||||
{{- printf "%s" .Values.initScriptsSecret -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the master service account to use
|
||||
*/}}
|
||||
{{- define "opensearch.master.serviceAccountName" -}}
|
||||
{{- if .Values.master.serviceAccount.create -}}
|
||||
{{ default (include "opensearch.master.fullname" .) .Values.master.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.master.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the coordinating-only service account to use
|
||||
*/}}
|
||||
{{- define "opensearch.coordinating.serviceAccountName" -}}
|
||||
{{- if .Values.coordinating.serviceAccount.create -}}
|
||||
{{ default (include "opensearch.coordinating.fullname" .) .Values.coordinating.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.coordinating.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the data service account to use
|
||||
*/}}
|
||||
{{- define "opensearch.data.serviceAccountName" -}}
|
||||
{{- if .Values.data.serviceAccount.create -}}
|
||||
{{ default (include "opensearch.data.fullname" .) .Values.data.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.data.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the ingest service account to use
|
||||
*/}}
|
||||
{{- define "opensearch.ingest.serviceAccountName" -}}
|
||||
{{- if .Values.ingest.serviceAccount.create -}}
|
||||
{{ default (include "opensearch.ingest.fullname" .) .Values.ingest.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.ingest.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the opensearch TLS credentials secret for master nodes.
|
||||
*/}}
|
||||
{{- define "opensearch.master.tlsSecretName" -}}
|
||||
{{- $secretName := .Values.security.tls.master.existingSecret -}}
|
||||
{{- if $secretName -}}
|
||||
{{- printf "%s" (tpl $secretName $) -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-crt" (include "opensearch.master.fullname" .) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the opensearch admin TLS credentials secret for all nodes.
|
||||
*/}}
|
||||
{{- define "opensearch.admin.tlsSecretName" -}}
|
||||
{{- $secretName := .Values.security.tls.admin.existingSecret -}}
|
||||
{{- if $secretName -}}
|
||||
{{- printf "%s" (tpl $secretName $) -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-admin-crt" (include "common.names.fullname" .) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if a TLS credentials secret object should be created
|
||||
*/}}
|
||||
{{- define "opensearch.createTlsSecret" -}}
|
||||
{{- if and .Values.security.enabled .Values.security.tls.autoGenerated (not (include "opensearch.security.tlsSecretsProvided" .)) }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if an authentication credentials secret object should be created
|
||||
*/}}
|
||||
{{- define "opensearch.createSecret" -}}
|
||||
{{- if and .Values.security.enabled (not .Values.security.existingSecret) }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the Opensearch authentication credentials secret name
|
||||
*/}}
|
||||
{{- define "opensearch.secretName" -}}
|
||||
{{- default (include "common.names.fullname" .) .Values.security.existingSecret -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if a TLS password secret object should be created
|
||||
*/}}
|
||||
{{- define "opensearch.createTlsPasswordsSecret" -}}
|
||||
{{- if and .Values.security.enabled (not .Values.security.tls.passwordsSecret) (or .Values.security.tls.keystorePassword .Values.security.tls.truststorePassword .Values.security.tls.keyPassword ) }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the Opensearch TLS password secret name
|
||||
*/}}
|
||||
{{- define "opensearch.tlsPasswordsSecret" -}}
|
||||
{{- default (printf "%s-tls-pass" (include "common.names.fullname" .)) .Values.security.tls.passwordsSecret -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns the name of the secret key containing the Keystore password
|
||||
*/}}
|
||||
{{- define "opensearch.keystorePasswordKey" -}}
|
||||
{{- if .Values.security.tls.secretKeystoreKey -}}
|
||||
{{- printf "%s" .Values.security.tls.secretKeystoreKey -}}
|
||||
{{- else -}}
|
||||
{{- print "keystore-password"}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Returns the name of the secret key containing the Truststore password
|
||||
*/}}
|
||||
{{- define "opensearch.truststorePasswordKey" -}}
|
||||
{{- if .Values.security.tls.secretTruststoreKey -}}
|
||||
{{- printf "%s" .Values.security.tls.secretTruststoreKey -}}
|
||||
{{- else -}}
|
||||
{{- print "truststore-password"}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns the name of the secret key containing the PEM key password
|
||||
*/}}
|
||||
{{- define "opensearch.keyPasswordKey" -}}
|
||||
{{- if .Values.security.tls.secretKey -}}
|
||||
{{- printf "%s" .Values.security.tls.secretKey -}}
|
||||
{{- else -}}
|
||||
{{- print "key-password"}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Add environment variables to configure database values
|
||||
*/}}
|
||||
{{- define "opensearch.configure.security" -}}
|
||||
{{- $nodesDN := list }}
|
||||
{{- if and (include "opensearch.master.enabled" .) }}
|
||||
{{- $nodesDN = append $nodesDN (printf "CN=%s" (include "opensearch.master.fullname" .))}}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.data.enabled" .) }}
|
||||
{{- $nodesDN = append $nodesDN (printf "CN=%s" (include "opensearch.data.fullname" .))}}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.coordinating.enabled" .) }}
|
||||
{{- $nodesDN = append $nodesDN (printf "CN=%s" (include "opensearch.coordinating.fullname" .))}}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.ingest.enabled" .) }}
|
||||
{{- $nodesDN = append $nodesDN (printf "CN=%s" (include "opensearch.ingest.fullname" .))}}
|
||||
{{- end }}
|
||||
- name: OPENSEARCH_SECURITY_NODES_DN
|
||||
value: {{ coalesce .Values.security.tls.nodesDN ( join ";" $nodesDN ) }}
|
||||
- name: OPENSEARCH_SECURITY_ADMIN_DN
|
||||
value: {{ coalesce .Values.security.tls.adminDN "CN=admin;CN=admin" }}
|
||||
- name: OPENSEARCH_ENABLE_SECURITY
|
||||
value: "true"
|
||||
- name: OPENSEARCH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.secretName" . }}
|
||||
key: opensearch-password
|
||||
- name: OPENSEARCH_DASHBOARDS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.secretName" . }}
|
||||
key: opensearch-dashboards-password
|
||||
- name: LOGSTASH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.secretName" . }}
|
||||
key: logstash-password
|
||||
- name: OPENSEARCH_ENABLE_FIPS_MODE
|
||||
value: {{ .Values.security.fipsMode | quote }}
|
||||
- name: OPENSEARCH_TLS_VERIFICATION_MODE
|
||||
value: {{ .Values.security.tls.verificationMode | quote }}
|
||||
- name: OPENSEARCH_ENABLE_REST_TLS
|
||||
value: {{ ternary "true" "false" .Values.security.tls.restEncryption | quote }}
|
||||
{{- if or (include "opensearch.createTlsSecret" .) .Values.security.tls.usePemCerts }}
|
||||
- name: OPENSEARCH_TLS_USE_PEM
|
||||
value: "true"
|
||||
{{- else }}
|
||||
- name: OPENSEARCH_KEYSTORE_LOCATION
|
||||
value: "/opt/bitnami/opensearch/config/certs/{{ .Values.security.tls.keystoreFilename }}"
|
||||
- name: OPENSEARCH_TRUSTSTORE_LOCATION
|
||||
value: "/opt/bitnami/opensearch/config/certs/{{ .Values.security.tls.truststoreFilename }}"
|
||||
{{- end }}
|
||||
{{- if and (not .Values.security.tls.usePemCerts) (or .Values.security.tls.keystorePassword .Values.security.tls.passwordsSecret) }}
|
||||
- name: OPENSEARCH_KEYSTORE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.tlsPasswordsSecret" . }}
|
||||
key: {{ include "opensearch.keystorePasswordKey" . | quote }}
|
||||
{{- end }}
|
||||
{{- if and (not .Values.security.tls.usePemCerts) (or .Values.security.tls.truststorePassword .Values.security.tls.passwordsSecret) }}
|
||||
- name: OPENSEARCH_TRUSTSTORE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.tlsPasswordsSecret" . }}
|
||||
key: {{ include "opensearch.truststorePasswordKey" . | quote }}
|
||||
{{- end }}
|
||||
{{- if and .Values.security.tls.usePemCerts (or .Values.security.tls.keyPassword .Values.security.tls.passwordsSecret) }}
|
||||
- name: OPENSEARCH_KEY_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.tlsPasswordsSecret" . }}
|
||||
key: {{ include "opensearch.keyPasswordKey" . | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Returns true if at least 1 existing secret was provided
|
||||
*/}}
|
||||
{{- define "opensearch.security.tlsSecretsProvided" -}}
|
||||
{{- $masterSecret := (and (include "opensearch.master.enabled" .) .Values.security.tls.master.existingSecret) -}}
|
||||
{{- $coordinatingSecret := (and (include "opensearch.coordinating.enabled" .) .Values.security.tls.coordinating.existingSecret) -}}
|
||||
{{- $dataSecret := (and (include "opensearch.data.enabled" .) .Values.security.tls.data.existingSecret) -}}
|
||||
{{- $ingestSecret := (and (include "opensearch.ingest.enabled" .) .Values.security.tls.ingest.existingSecret) -}}
|
||||
{{- if or $masterSecret $coordinatingSecret $dataSecret $ingestSecret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate values of Opensearch - Existing secret not provided for master nodes */}}
|
||||
{{- define "opensearch.validateValues.security.missingTlsSecrets.master" -}}
|
||||
{{- $masterSecret := (and (include "opensearch.master.enabled" .) (not .Values.security.tls.master.existingSecret)) -}}
|
||||
{{- if and .Values.security.enabled (include "opensearch.security.tlsSecretsProvided" .) $masterSecret -}}
|
||||
opensearch: security.tls.master.existingSecret
|
||||
Missing secret containing the TLS certificates for the Opensearch master nodes.
|
||||
Provide the certificates using --set .security.tls.master.existingSecret="my-secret".
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate values of Opensearch - Existing secret not provided for coordinating-only nodes */}}
|
||||
{{- define "opensearch.validateValues.security.missingTlsSecrets.coordinating" -}}
|
||||
{{- $coordinatingSecret := (and (include "opensearch.coordinating.enabled" .) (not .Values.security.tls.coordinating.existingSecret)) -}}
|
||||
{{- if and .Values.security.enabled (include "opensearch.security.tlsSecretsProvided" .) $coordinatingSecret -}}
|
||||
opensearch: security.tls.coordinating.existingSecret
|
||||
Missing secret containing the TLS certificates for the Opensearch coordinating-only nodes.
|
||||
Provide the certificates using --set .security.tls.coordinating.existingSecret="my-secret".
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate values of Opensearch - Existing secret not provided for data nodes */}}
|
||||
{{- define "opensearch.validateValues.security.missingTlsSecrets.data" -}}
|
||||
{{- $dataSecret := (and (include "opensearch.data.enabled" .) (not .Values.security.tls.data.existingSecret)) -}}
|
||||
{{- if and .Values.security.enabled (include "opensearch.security.tlsSecretsProvided" .) $dataSecret -}}
|
||||
opensearch: security.tls.data.existingSecret
|
||||
Missing secret containing the TLS certificates for the Opensearch data nodes.
|
||||
Provide the certificates using --set .security.tls.data.existingSecret="my-secret".
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate values of Opensearch - Existing secret not provided for ingest nodes */}}
|
||||
{{- define "opensearch.validateValues.security.missingTlsSecrets.ingest" -}}
|
||||
{{- $ingestSecret := (and (include "opensearch.ingest.enabled" .) (not .Values.security.tls.ingest.existingSecret)) -}}
|
||||
{{- if and .Values.security.enabled (include "opensearch.security.tlsSecretsProvided" .) $ingestSecret -}}
|
||||
opensearch: security.tls.ingest.existingSecret
|
||||
Missing secret containing the TLS certificates for the Opensearch ingest nodes.
|
||||
Provide the certificates using --set .security.tls.ingest.existingSecret="my-secret".
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate values of Opensearch - TLS enabled but no certificates provided */}}
|
||||
{{- define "opensearch.validateValues.security.tls" -}}
|
||||
{{- if and .Values.security.enabled (not .Values.security.tls.autoGenerated) (not (include "opensearch.security.tlsSecretsProvided" .)) -}}
|
||||
opensearch: security.tls
|
||||
In order to enable X-Pack Security, it is necessary to configure TLS.
|
||||
Three different mechanisms can be used:
|
||||
- Provide an existing secret containing the Keystore and Truststore for each role
|
||||
- Provide an existing secret containing the PEM certificates for each role and enable `security.tls.usePemCerts=true`
|
||||
- Enable using auto-generated certificates with `security.tls.autoGenerated=true`
|
||||
Existing secrets containing either JKS/PKCS12 or PEM certificates can be provided using --set Values.security.tls.master.existingSecret=master-certs,
|
||||
--set Values.security.tls.data.existingSecret=data-certs, --set Values.security.tls.coordinating.existingSecret=coordinating-certs, --set Values.security.tls.ingest.existingSecret=ingest-certs
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Validate at least Opensearch one master node is configured */}}
|
||||
{{- define "opensearch.validateValues.master.replicas" -}}
|
||||
{{- if not (include "opensearch.master.enabled" .) -}}
|
||||
opensearch: master.replicas
|
||||
Opensearch needs at least one master-elegible node to form a cluster.
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Compile all warnings into a single message, and call fail.
|
||||
*/}}
|
||||
{{- define "opensearch.validateValues" -}}
|
||||
{{- $messages := list -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.master.replicas" .) -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.security.tls" .) -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.security.missingTlsSecrets.master" .) -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.security.missingTlsSecrets.data" .) -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.security.missingTlsSecrets.coordinating" .) -}}
|
||||
{{- $messages := append $messages (include "opensearch.validateValues.security.missingTlsSecrets.ingest" .) -}}
|
||||
{{- $messages := without $messages "" -}}
|
||||
{{- $message := join "\n" $messages -}}
|
||||
|
||||
{{- if $message -}}
|
||||
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Sysctl set if less then
|
||||
*/}}
|
||||
{{- define "opensearch.sysctlIfLess" -}}
|
||||
CURRENT=`sysctl -n {{ .key }}`;
|
||||
DESIRED="{{ .value }}";
|
||||
if [ "$DESIRED" -gt "$CURRENT" ]; then
|
||||
sysctl -w {{ .key }}={{ .value }};
|
||||
fi;
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified dashboards name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.fullname" -}}
|
||||
{{- $name := default "dashboards" .Values.dashboards.nameOverride -}}
|
||||
{{- if .Values.data.fullnameOverride -}}
|
||||
{{- .Values.data.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" (include "common.names.fullname" .) $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the dashboards service account to use
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.serviceAccountName" -}}
|
||||
{{- if .Values.dashboards.serviceAccount.create -}}
|
||||
{{ default (include "opensearch.dashboards.fullname" .) .Values.dashboards.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.dashboards.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default Dashboards service name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.servicename" -}}
|
||||
{{- if .Values.dashboards.servicenameOverride -}}
|
||||
{{- .Values.dashboards.servicenameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s" (include "opensearch.dashboards.fullname" .) | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Opensearch Dashboards image name
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.image" -}}
|
||||
{{ include "common.images.image" (dict "imageRoot" .Values.dashboards.image "global" .Values.global) }}
|
||||
{{- end -}}
|
||||
|
||||
|
||||
{{/*
|
||||
Set Opensearch URL.
|
||||
*/}}
|
||||
{{- define "opensearch.url" -}}
|
||||
{{- $protocol := ternary "https" "http" .Values.security.tls.restEncryption -}}
|
||||
{{- printf "%s://%s:%s" $protocol (include "opensearch.service.name" .) (include "opensearch.service.ports.restAPI" .) -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the opensearch TLS credentials secret for Dashboards UI.
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.tlsSecretName" -}}
|
||||
{{- $secretName := .Values.dashboards.tls.existingSecret -}}
|
||||
{{- if $secretName -}}
|
||||
{{- printf "%s" (tpl $secretName $) -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-crt" (include "opensearch.dashboards.fullname" .) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if a TLS credentials secret object should be created
|
||||
*/}}
|
||||
{{- define "opensearch.dashboards.createTlsSecret" -}}
|
||||
{{- if and .Values.dashboards.tls.enabled .Values.dashboards.tls.autoGenerated (not .Values.dashboards.tls.existingSecret) }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
28
bitnami/opensearch/templates/configmap.yaml
Normal file
28
bitnami/opensearch/templates/configmap.yaml
Normal file
@@ -0,0 +1,28 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if or .Values.config .Values.extraConfig }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
data:
|
||||
{{- if .Values.config }}
|
||||
opensearch.yml: |-
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.config "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraConfig }}
|
||||
my_opensearch.yml: |-
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.extraConfig "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
52
bitnami/opensearch/templates/coordinating/hpa.yaml
Normal file
52
bitnami/opensearch/templates/coordinating/hpa.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.coordinating.enabled" .) .Values.coordinating.autoscaling.hpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
minReplicas: {{ .Values.coordinating.autoscaling.hpa.minReplicas }}
|
||||
maxReplicas: {{ .Values.coordinating.autoscaling.hpa.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.coordinating.autoscaling.hpa.targetCPU }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.coordinating.autoscaling.hpa.targetCPU }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.coordinating.autoscaling.hpa.targetCPU }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.autoscaling.hpa.targetMemory }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.coordinating.autoscaling.hpa.targetMemory }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.coordinating.autoscaling.hpa.targetMemory }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
77
bitnami/opensearch/templates/coordinating/networkpolicy.yaml
Normal file
77
bitnami/opensearch/templates/coordinating/networkpolicy.yaml
Normal file
@@ -0,0 +1,77 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.coordinating.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "opensearch.coordinating.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
# Allow dns resolution
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
# Allow outbound connections to other cluster pods
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
- port: {{ .Values.dashboards.service.ports.http }}
|
||||
to:
|
||||
- podSelector:
|
||||
matchLabels: {{- include "common.labels.standard" . | nindent 14 }}
|
||||
{{- if .Values.coordinating.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.podLabels "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.networkPolicy.extraEgress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
{{- if not .Values.coordinating.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "common.names.fullname" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.networkPolicy.ingressNSMatchLabels }}
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.coordinating.networkPolicy.ingressNSMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.networkPolicy.ingressNSPodMatchLabels }}
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.coordinating.networkPolicy.ingressNSPodMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.networkPolicy.extraIngress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.networkPolicy.extraIngress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
30
bitnami/opensearch/templates/coordinating/pdb.yaml
Normal file
30
bitnami/opensearch/templates/coordinating/pdb.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and ( include "opensearch.coordinating.enabled" . ) .Values.coordinating.pdb.create }}
|
||||
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.coordinating.pdb.minAvailable }}
|
||||
minAvailable: {{ .Values.coordinating.pdb.minAvailable }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ .Values.coordinating.pdb.maxUnavailable }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- end }}
|
||||
@@ -0,0 +1,27 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.coordinating.enabled" .) .Values.coordinating.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.serviceAccountName" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.coordinating.serviceAccount.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.serviceAccount.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.coordinating.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end -}}
|
||||
307
bitnami/opensearch/templates/coordinating/statefulset.yaml
Normal file
307
bitnami/opensearch/templates/coordinating/statefulset.yaml
Normal file
@@ -0,0 +1,307 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.coordinating.enabled" .) }}
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: coordinating-only
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.coordinating.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.coordinating.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.coordinating.autoscaling.hpa.enabled }}
|
||||
replicas: {{ .Values.coordinating.replicaCount }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.coordinating.updateStrategy }}
|
||||
updateStrategy: {{- toYaml .Values.coordinating.updateStrategy | nindent 4 }}
|
||||
{{- end }}
|
||||
serviceName: {{ include "opensearch.coordinating.servicename" . }}
|
||||
podManagementPolicy: {{ .Values.coordinating.podManagementPolicy }}
|
||||
template:
|
||||
metadata:
|
||||
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: coordinating-only
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.podLabels "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if and (include "opensearch.createTlsSecret" .) (not .Values.security.tls.coordinating.existingSecret) }}
|
||||
checksum/tls: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.podAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.podAnnotations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "opensearch.coordinating.serviceAccountName" . }}
|
||||
{{- include "opensearch.imagePullSecrets" . | nindent 6 }}
|
||||
{{- if .Values.coordinating.hostAliases }}
|
||||
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.hostAliases "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.affinity }}
|
||||
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.affinity "context" $) | nindent 8 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.coordinating.podAffinityPreset "component" "coordinating-only" "context" $) | nindent 10 }}
|
||||
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.coordinating.podAntiAffinityPreset "component" "coordinating-only" "context" $) | nindent 10 }}
|
||||
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.coordinating.nodeAffinityPreset.type "key" .Values.coordinating.nodeAffinityPreset.key "values" .Values.coordinating.nodeAffinityPreset.values) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.nodeSelector }}
|
||||
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.nodeSelector "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.tolerations }}
|
||||
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.tolerations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.schedulerName }}
|
||||
schedulerName: {{ .Values.coordinating.schedulerName }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.topologySpreadConstraints }}
|
||||
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.topologySpreadConstraints "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.priorityClassName }}
|
||||
priorityClassName: {{ .Values.coordinating.priorityClassName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ .Values.coordinating.terminationGracePeriodSeconds }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.coordinating.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.coordinating.initContainers .Values.sysctlImage.enabled }}
|
||||
initContainers:
|
||||
{{- if .Values.sysctlImage.enabled }}
|
||||
{{- include "opensearch.sysctl.initContainer" . | nindent 8}}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: opensearch
|
||||
image: {{ include "opensearch.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
{{- if .Values.coordinating.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.coordinating.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.coordinating.command }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.command "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
||||
{{- else if .Values.coordinating.args }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.args "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.lifecycleHooks }}
|
||||
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.lifecycleHooks "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: MY_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_NAME
|
||||
value: {{ .Values.clusterName | quote }}
|
||||
- name: OPENSEARCH_IS_DEDICATED_NODE
|
||||
value: "yes"
|
||||
- name: OPENSEARCH_NODE_ROLES
|
||||
value: {{ ternary "" (join "," .Values.coordinating.extraRoles) (empty .Values.coordinating.extraRoles) | quote }}
|
||||
- name: OPENSEARCH_TRANSPORT_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.transport | quote }}
|
||||
- name: OPENSEARCH_HTTP_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.restAPI | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_HOSTS
|
||||
value: {{ include "opensearch.hosts" . | quote }}
|
||||
- name: OPENSEARCH_TOTAL_NODES
|
||||
value: {{ add (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) (ternary .Values.data.autoscaling.hpa.minReplicas .Values.data.replicaCount .Values.data.autoscaling.hpa.enabled) | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_MASTER_HOSTS
|
||||
{{- $opensearchMasterFullname := include "opensearch.master.fullname" . }}
|
||||
{{- $replicas := int (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) }}
|
||||
value: {{ range $i, $e := until $replicas }}{{ printf "%s-%d" $opensearchMasterFullname $e }} {{ end }}
|
||||
- name: OPENSEARCH_MINIMUM_MASTER_NODES
|
||||
value: {{ add (div (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) 2) 1 | quote }}
|
||||
- name: OPENSEARCH_ADVERTISED_HOSTNAME
|
||||
value: "$(MY_POD_NAME).{{ (include "opensearch.coordinating.servicename" .)}}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}"
|
||||
{{- if .Values.plugins }}
|
||||
- name: OPENSEARCH_PLUGINS
|
||||
value: {{ .Values.plugins | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.heapSize }}
|
||||
- name: OPENSEARCH_HEAP_SIZE
|
||||
value: {{ .Values.coordinating.heapSize | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
{{- include "opensearch.configure.security" . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret .Values.coordinating.extraEnvVarsCM .Values.coordinating.extraEnvVarsSecret }}
|
||||
envFrom:
|
||||
{{- if .Values.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.coordinating.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.coordinating.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: rest-api
|
||||
containerPort: {{ .Values.containerPorts.restAPI }}
|
||||
- name: transport
|
||||
containerPort: {{ .Values.containerPorts.transport }}
|
||||
{{- if not .Values.diagnosticMode.enabled }}
|
||||
{{- if .Values.coordinating.customStartupProbe }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.customStartupProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.coordinating.startupProbe.enabled }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.coordinating.startupProbe "enabled") "context" $) | nindent 12 }}
|
||||
tcpSocket:
|
||||
port: rest-api
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.customLivenessProbe }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.customLivenessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.coordinating.livenessProbe.enabled }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.coordinating.livenessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.customReadinessProbe }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.coordinating.customReadinessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.coordinating.readinessProbe.enabled }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.coordinating.readinessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.resources }}
|
||||
resources: {{- toYaml .Values.coordinating.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- if .Values.config }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/opensearch.yml
|
||||
name: config
|
||||
subPath: opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.extraConfig }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/my_opensearch.yml
|
||||
name: config
|
||||
subPath: my_opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
mountPath: /opt/bitnami/opensearch/config/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-cm
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-secret
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: "data"
|
||||
emptyDir: {}
|
||||
{{- if or .Values.config .Values.extraConfig }}
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
projected:
|
||||
defaultMode: 256
|
||||
sources:
|
||||
- secret:
|
||||
name: {{ include "opensearch.master.tlsSecretName" . }}
|
||||
- secret:
|
||||
name: {{ include "opensearch.admin.tlsSecretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScripts" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScriptsCM" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
secret:
|
||||
secretName: {{ template "opensearch.initScriptsSecret" . }}
|
||||
defaultMode: 0755
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.coordinating.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
33
bitnami/opensearch/templates/coordinating/svc-headless.yaml
Normal file
33
bitnami/opensearch/templates/coordinating/svc-headless.yaml
Normal file
@@ -0,0 +1,33 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.coordinating.enabled" .) }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.servicename" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
clusterIP: None
|
||||
publishNotReadyAddresses: true
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ .Values.containerPorts.restAPI }}
|
||||
targetPort: rest-api
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.containerPorts.transport }}
|
||||
targetPort: transport
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- end }}
|
||||
51
bitnami/opensearch/templates/coordinating/vpa.yaml
Normal file
51
bitnami/opensearch/templates/coordinating/vpa.yaml
Normal file
@@ -0,0 +1,51 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.coordinating.autoscaling.vpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.vpa.apiVersion" . }}
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coordinating.autoscaling.vpa.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.coordinating.autoscaling.vpa.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: opensearch
|
||||
{{- with .Values.coordinating.autoscaling.vpa.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.coordinating.autoscaling.vpa.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.coordinating.autoscaling.vpa.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: {{ (include "common.capabilities.statefulset.apiVersion" .) }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.coordinating.fullname" . }}
|
||||
{{- if .Values.coordinating.autoscaling.vpa.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- with .Values.coordinating.autoscaling.vpa.updatePolicy.updateMode }}
|
||||
updateMode: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
195
bitnami/opensearch/templates/dashboards/deployment.yaml
Normal file
195
bitnami/opensearch/templates/dashboards/deployment.yaml
Normal file
@@ -0,0 +1,195 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "opensearch.dashboards.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.dashboards.autoscaling.hpa.enabled }}
|
||||
replicas: {{ .Values.dashboards.replicaCount }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.updateStrategy }}
|
||||
strategy: {{- toYaml .Values.dashboards.updateStrategy | nindent 4 }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
template:
|
||||
metadata:
|
||||
{{- if .Values.dashboards.podAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.podAnnotations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.dashboards.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.podLabels "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "opensearch.dashboards.serviceAccountName" . }}
|
||||
{{- include "opensearch.imagePullSecrets" . | nindent 6 }}
|
||||
{{- if .Values.dashboards.hostAliases }}
|
||||
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.hostAliases "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.affinity }}
|
||||
affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.affinity "context" $) | nindent 8 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.dashboards.podAffinityPreset "component" "dashboards" "context" $) | nindent 10 }}
|
||||
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.dashboards.podAntiAffinityPreset "component" "dashboards" "context" $) | nindent 10 }}
|
||||
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.dashboards.nodeAffinityPreset.type "key" .Values.dashboards.nodeAffinityPreset.key "values" .Values.dashboards.nodeAffinityPreset.values) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.nodeSelector }}
|
||||
nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.nodeSelector "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.tolerations }}
|
||||
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.tolerations "context" .) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.priorityClassName }}
|
||||
priorityClassName: {{ .Values.dashboards.priorityClassName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.schedulerName }}
|
||||
schedulerName: {{ .Values.dashboards.schedulerName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.topologySpreadConstraints }}
|
||||
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.topologySpreadConstraints "context" .) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.dashboards.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ .Values.dashboards.terminationGracePeriodSeconds }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
image: {{ template "opensearch.dashboards.image" . }}
|
||||
imagePullPolicy: {{ .Values.dashboards.image.pullPolicy }}
|
||||
{{- if .Values.dashboards.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.dashboards.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.dashboards.command }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.command "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
||||
{{- else if .Values.dashboards.args }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.args "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.dashboards.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: OPENSEARCH_DASHBOARDS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "opensearch.secretName" . }}
|
||||
key: opensearch-dashboards-password
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.tls.enabled }}
|
||||
- name: OPENSEARCH_DASHBOARDS_SERVER_ENABLE_TLS
|
||||
value: "true"
|
||||
- name: OPENSEARCH_DASHBOARDS_SERVER_TLS_USE_PEM
|
||||
value: "true"
|
||||
{{- end }}
|
||||
- name: OPENSEARCH_DASHBOARDS_OPENSEARCH_URL
|
||||
value: {{ (include "opensearch.url" .) }}
|
||||
{{- if .Values.dashboards.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.extraEnvVars "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
envFrom:
|
||||
{{- if .Values.dashboards.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" (dict "value" .Values.dashboards.extraEnvVarsCM "context" $) }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" (dict "value" .Values.dashboards.extraEnvVarsSecret "context" $) }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.resources }}
|
||||
resources: {{- toYaml .Values.dashboards.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.dashboards.containerPorts.http }}
|
||||
{{- if not .Values.diagnosticMode.enabled }}
|
||||
{{- if .Values.dashboards.customLivenessProbe }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.customLivenessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.dashboards.livenessProbe.enabled }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dashboards.livenessProbe "enabled") "context" $) | nindent 12 }}
|
||||
httpGet:
|
||||
path: "/"
|
||||
port: {{ .Values.dashboards.containerPorts.http }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.customReadinessProbe }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.customReadinessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.dashboards.readinessProbe.enabled }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dashboards.readinessProbe "enabled") "context" $) | nindent 12 }}
|
||||
httpGet:
|
||||
path: "/"
|
||||
port: {{ .Values.dashboards.containerPorts.http }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.customStartupProbe }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.customStartupProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.dashboards.startupProbe.enabled }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dashboards.startupProbe "enabled") "context" $) | nindent 12 }}
|
||||
httpGet:
|
||||
path: "/"
|
||||
port: {{ .Values.dashboards.containerPorts.http }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.lifecycleHooks }}
|
||||
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.lifecycleHooks "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
mountPath: /opt/bitnami/opensearch-dashboards/config/certs/opensearch
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.tls.enabled }}
|
||||
- name: opensearch-dashboard-certificates
|
||||
mountPath: /opt/bitnami/opensearch-dashboards/config/certs/server
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
secret:
|
||||
secretName: {{ include "opensearch.master.tlsSecretName" . }}
|
||||
items:
|
||||
- key: ca.crt
|
||||
path: ca.crt
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.tls.enabled }}
|
||||
- name: opensearch-dashboard-certificates
|
||||
projected:
|
||||
defaultMode: 256
|
||||
sources:
|
||||
- secret:
|
||||
name: {{ include "opensearch.dashboards.tlsSecretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
52
bitnami/opensearch/templates/dashboards/hpa.yaml
Normal file
52
bitnami/opensearch/templates/dashboards/hpa.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Values.dashboards.enabled) .Values.dashboards.autoscaling.hpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
minReplicas: {{ .Values.dashboards.autoscaling.hpa.minReplicas }}
|
||||
maxReplicas: {{ .Values.dashboards.autoscaling.hpa.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.dashboards.autoscaling.hpa.targetCPU }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.dashboards.autoscaling.hpa.targetCPU }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.dashboards.autoscaling.hpa.targetCPU }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.autoscaling.hpa.targetMemory }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.dashboards.autoscaling.hpa.targetMemory }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.dashboards.autoscaling.hpa.targetMemory }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
78
bitnami/opensearch/templates/dashboards/networkpolicy.yaml
Normal file
78
bitnami/opensearch/templates/dashboards/networkpolicy.yaml
Normal file
@@ -0,0 +1,78 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.dashboards.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "opensearch.dashboards.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: dashboards
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
# Allow dns resolution
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
# Allow outbound connections to other cluster pods
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
- port: {{ .Values.dashboards.service.ports.http }}
|
||||
to:
|
||||
- podSelector:
|
||||
matchLabels: {{- include "common.labels.standard" . | nindent 14 }}
|
||||
{{- if .Values.dashboards.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.podLabels "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.networkPolicy.extraEgress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
{{- if not .Values.dashboards.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "common.names.fullname" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.networkPolicy.ingressNSMatchLabels }}
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.dashboards.networkPolicy.ingressNSMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.networkPolicy.ingressNSPodMatchLabels }}
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.dashboards.networkPolicy.ingressNSPodMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.dashboards.networkPolicy.extraIngress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.networkPolicy.extraIngress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
30
bitnami/opensearch/templates/dashboards/pdb.yaml
Normal file
30
bitnami/opensearch/templates/dashboards/pdb.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and ( .Values.dashboards.enabled ) .Values.dashboards.pdb.create }}
|
||||
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.dashboards.pdb.minAvailable }}
|
||||
minAvailable: {{ .Values.dashboards.pdb.minAvailable }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ .Values.dashboards.pdb.maxUnavailable }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- end }}
|
||||
59
bitnami/opensearch/templates/dashboards/service.yaml
Normal file
59
bitnami/opensearch/templates/dashboards/service.yaml
Normal file
@@ -0,0 +1,59 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.dashboards.servicename" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.dashboards.service.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.dashboards.service.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.service.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.dashboards.service.type }}
|
||||
{{- if and .Values.dashboards.service.clusterIP (eq .Values.dashboards.service.type "ClusterIP") }}
|
||||
clusterIP: {{ .Values.dashboards.service.clusterIP }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.service.sessionAffinity }}
|
||||
sessionAffinity: {{ .Values.dashboards.service.sessionAffinity }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.service.sessionAffinityConfig }}
|
||||
sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.dashboards.service.sessionAffinityConfig "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.dashboards.service.type "LoadBalancer") (eq .Values.dashboards.service.type "NodePort") }}
|
||||
externalTrafficPolicy: {{ .Values.dashboards.service.externalTrafficPolicy | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.dashboards.service.type "LoadBalancer") (not (empty .Values.dashboards.service.loadBalancerSourceRanges)) }}
|
||||
loadBalancerSourceRanges: {{ .Values.dashboards.service.loadBalancerSourceRanges }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.dashboards.service.type "LoadBalancer") (not (empty .Values.dashboards.service.loadBalancerIP)) }}
|
||||
loadBalancerIP: {{ .Values.dashboards.service.loadBalancerIP }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http
|
||||
port: {{ .Values.dashboards.service.ports.http }}
|
||||
protocol: TCP
|
||||
targetPort: http
|
||||
{{- if and (or (eq .Values.dashboards.service.type "NodePort") (eq .Values.dashboards.service.type "LoadBalancer")) (not (empty .Values.dashboards.service.nodePorts.http)) }}
|
||||
nodePort: {{ .Values.dashboards.service.nodePorts.http }}
|
||||
{{- else if eq .Values.dashboards.service.type "ClusterIP" }}
|
||||
nodePort: null
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.service.extraPorts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.service.extraPorts "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
27
bitnami/opensearch/templates/dashboards/serviceaccount.yaml
Normal file
27
bitnami/opensearch/templates/dashboards/serviceaccount.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Values.dashboards.enabled) .Values.dashboards.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "opensearch.dashboards.serviceAccountName" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.dashboards.serviceAccount.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.serviceAccount.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.dashboards.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.dashboards.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end -}}
|
||||
31
bitnami/opensearch/templates/dashboards/tls-secret.yaml
Normal file
31
bitnami/opensearch/templates/dashboards/tls-secret.yaml
Normal file
@@ -0,0 +1,31 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.dashboards.tls.enabled (include "opensearch.dashboards.createTlsSecret" .) }}
|
||||
{{- $ca := genCA "opensearch-ca" 365 }}
|
||||
{{- $releaseNamespace := include "common.names.namespace" . }}
|
||||
{{- $clusterDomain := .Values.clusterDomain }}
|
||||
{{- $dashboardsFullname := include "opensearch.dashboards.fullname" . }}
|
||||
{{- $cert := genSignedCert $dashboardsFullname nil nil 365 $ca }}
|
||||
{{- $secretDashboardsName := printf "%s-crt" (include "opensearch.dashboards.fullname" .) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretDashboardsName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretDashboardsName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretDashboardsName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretDashboardsName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
{{- end }}
|
||||
51
bitnami/opensearch/templates/dashboards/vpa.yaml
Normal file
51
bitnami/opensearch/templates/dashboards/vpa.yaml
Normal file
@@ -0,0 +1,51 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.dashboards.autoscaling.vpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.vpa.apiVersion" . }}
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: dashboards
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.dashboards.autoscaling.vpa.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.dashboards.autoscaling.vpa.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: opensearch
|
||||
{{- with .Values.dashboards.autoscaling.vpa.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dashboards.autoscaling.vpa.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dashboards.autoscaling.vpa.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: {{ (include "common.capabilities.statefulset.apiVersion" .) }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.dashboards.fullname" . }}
|
||||
{{- if .Values.dashboards.autoscaling.vpa.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- with .Values.dashboards.autoscaling.vpa.updatePolicy.updateMode }}
|
||||
updateMode: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
52
bitnami/opensearch/templates/data/hpa.yaml
Normal file
52
bitnami/opensearch/templates/data/hpa.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.data.enabled" .) .Values.data.autoscaling.hpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
minReplicas: {{ .Values.data.autoscaling.hpa.minReplicas }}
|
||||
maxReplicas: {{ .Values.data.autoscaling.hpa.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.data.autoscaling.hpa.targetCPU }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.data.autoscaling.hpa.targetCPU }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.data.autoscaling.hpa.targetCPU }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.autoscaling.hpa.targetMemory }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.data.autoscaling.hpa.targetMemory }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.data.autoscaling.hpa.targetMemory }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
77
bitnami/opensearch/templates/data/networkpolicy.yaml
Normal file
77
bitnami/opensearch/templates/data/networkpolicy.yaml
Normal file
@@ -0,0 +1,77 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.data.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "opensearch.data.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: data
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
# Allow dns resolution
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
# Allow outbound connections to other cluster pods
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
- port: {{ .Values.dashboards.service.ports.http }}
|
||||
to:
|
||||
- podSelector:
|
||||
matchLabels: {{- include "common.labels.standard" . | nindent 14 }}
|
||||
{{- if .Values.data.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.podLabels "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.networkPolicy.extraEgress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
{{- if not .Values.data.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "common.names.fullname" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.data.networkPolicy.ingressNSMatchLabels }}
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.data.networkPolicy.ingressNSMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.networkPolicy.ingressNSPodMatchLabels }}
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.data.networkPolicy.ingressNSPodMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.networkPolicy.extraIngress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.networkPolicy.extraIngress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
30
bitnami/opensearch/templates/data/pdb.yaml
Normal file
30
bitnami/opensearch/templates/data/pdb.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and ( include "opensearch.data.enabled" . ) .Values.data.pdb.create }}
|
||||
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.data.pdb.minAvailable }}
|
||||
minAvailable: {{ .Values.data.pdb.minAvailable }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ .Values.data.pdb.maxUnavailable }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- end }}
|
||||
27
bitnami/opensearch/templates/data/serviceaccount.yaml
Normal file
27
bitnami/opensearch/templates/data/serviceaccount.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.data.enabled" .) .Values.data.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.serviceAccountName" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.data.serviceAccount.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.serviceAccount.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.data.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end -}}
|
||||
368
bitnami/opensearch/templates/data/statefulset.yaml
Normal file
368
bitnami/opensearch/templates/data/statefulset.yaml
Normal file
@@ -0,0 +1,368 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.data.enabled" .) }}
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: data
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.data.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.data.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.data.autoscaling.hpa.enabled }}
|
||||
replicas: {{ .Values.data.replicaCount }}
|
||||
{{- end }}
|
||||
podManagementPolicy: {{ .Values.data.podManagementPolicy }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: data
|
||||
serviceName: {{ include "opensearch.data.servicename" . }}
|
||||
{{- if .Values.data.updateStrategy }}
|
||||
updateStrategy: {{- toYaml .Values.data.updateStrategy | nindent 4 }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: data
|
||||
{{- end }}
|
||||
{{- if .Values.data.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.podLabels "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if and (include "opensearch.createTlsSecret" .) (not .Values.security.tls.data.existingSecret) }}
|
||||
checksum/tls: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.podAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.podAnnotations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "opensearch.data.serviceAccountName" . }}
|
||||
{{- include "opensearch.imagePullSecrets" . | nindent 6 }}
|
||||
{{- if .Values.data.hostAliases }}
|
||||
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.data.hostAliases "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.affinity }}
|
||||
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.data.affinity "context" $) | nindent 8 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.data.podAffinityPreset "component" "data" "context" $) | nindent 10 }}
|
||||
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.data.podAntiAffinityPreset "component" "data" "context" $) | nindent 10 }}
|
||||
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.data.nodeAffinityPreset.type "key" .Values.data.nodeAffinityPreset.key "values" .Values.data.nodeAffinityPreset.values) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.nodeSelector }}
|
||||
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.data.nodeSelector "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.tolerations }}
|
||||
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.data.tolerations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.schedulerName }}
|
||||
schedulerName: {{ .Values.data.schedulerName }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.topologySpreadConstraints }}
|
||||
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.data.topologySpreadConstraints "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.priorityClassName }}
|
||||
priorityClassName: {{ .Values.data.priorityClassName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.data.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ .Values.data.terminationGracePeriodSeconds }}
|
||||
{{- end }}
|
||||
{{- if or .Values.data.initContainers .Values.sysctlImage.enabled (and .Values.volumePermissions.enabled .Values.data.persistence.enabled) }}
|
||||
initContainers:
|
||||
{{- if .Values.sysctlImage.enabled }}
|
||||
{{- include "opensearch.sysctl.initContainer" . | nindent 8}}
|
||||
{{- end }}
|
||||
{{- if and .Values.volumePermissions.enabled .Values.data.persistence.enabled }}
|
||||
- name: volume-permissions
|
||||
image: {{ include "opensearch.volumePermissions.image" . }}
|
||||
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
|
||||
command:
|
||||
- /bin/bash
|
||||
- -ec
|
||||
- |
|
||||
mkdir -p /bitnami/opensearch/data
|
||||
chown {{ .Values.data.containerSecurityContext.runAsUser }}:{{ .Values.data.podSecurityContext.fsGroup }} /bitnami/opensearch/data
|
||||
find /bitnami/opensearch/data -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.data.containerSecurityContext.runAsUser }}:{{ .Values.data.podSecurityContext.fsGroup }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
{{- if .Values.volumePermissions.resources }}
|
||||
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- end }}
|
||||
{{- if .Values.data.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: opensearch
|
||||
image: {{ include "opensearch.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
{{- if .Values.data.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.data.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.data.command }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.data.command "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
||||
{{- else if .Values.data.args }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.data.args "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.lifecycleHooks }}
|
||||
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.data.lifecycleHooks "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
- name: MY_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: OPENSEARCH_IS_DEDICATED_NODE
|
||||
value: "yes"
|
||||
{{- $roles := ternary "data" (list "data" .Values.data.extraRoles) (empty .Values.data.extraRoles) }}
|
||||
- name: OPENSEARCH_NODE_ROLES
|
||||
value: {{ join "," $roles | quote }}
|
||||
- name: OPENSEARCH_TRANSPORT_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.transport | quote }}
|
||||
- name: OPENSEARCH_HTTP_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.restAPI | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_NAME
|
||||
value: {{ .Values.clusterName | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_HOSTS
|
||||
value: {{ include "opensearch.hosts" . | quote }}
|
||||
- name: OPENSEARCH_TOTAL_NODES
|
||||
value: {{ add (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) (ternary .Values.data.autoscaling.hpa.minReplicas .Values.data.replicaCount .Values.data.autoscaling.hpa.enabled) | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_MASTER_HOSTS
|
||||
{{- $opensearchMasterFullname := include "opensearch.master.fullname" . }}
|
||||
{{- $replicas := int (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) }}
|
||||
value: {{ range $i, $e := until $replicas }}{{ printf "%s-%d" $opensearchMasterFullname $e }} {{ end }}
|
||||
- name: OPENSEARCH_MINIMUM_MASTER_NODES
|
||||
value: {{ add (div (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) 2) 1 | quote }}
|
||||
- name: OPENSEARCH_ADVERTISED_HOSTNAME
|
||||
value: "$(MY_POD_NAME).{{ (include "opensearch.data.servicename" .)}}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}"
|
||||
{{- if .Values.plugins }}
|
||||
- name: OPENSEARCH_PLUGINS
|
||||
value: {{ .Values.plugins | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.snapshotRepoPath }}
|
||||
- name: OPENSEARCH_FS_SNAPSHOT_REPO_PATH
|
||||
value: {{ .Values.snapshotRepoPath | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.heapSize }}
|
||||
- name: OPENSEARCH_HEAP_SIZE
|
||||
value: {{ .Values.data.heapSize | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
{{- include "opensearch.configure.security" . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret .Values.data.extraEnvVarsCM .Values.data.extraEnvVarsSecret }}
|
||||
envFrom:
|
||||
{{- if .Values.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.data.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.data.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: rest-api
|
||||
containerPort: {{ .Values.containerPorts.restAPI }}
|
||||
- name: transport
|
||||
containerPort: {{ .Values.containerPorts.transport }}
|
||||
{{- if not .Values.diagnosticMode.enabled }}
|
||||
{{- if .Values.data.customStartupProbe }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.data.customStartupProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.data.startupProbe.enabled }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.data.startupProbe "enabled") "context" $) | nindent 12 }}
|
||||
tcpSocket:
|
||||
port: rest-api
|
||||
{{- end }}
|
||||
{{- if .Values.data.customLivenessProbe }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.data.customLivenessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.data.livenessProbe.enabled }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.data.livenessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- if .Values.data.customReadinessProbe }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.data.customReadinessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.data.readinessProbe.enabled }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.data.readinessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.resources }}
|
||||
resources: {{- toYaml .Values.data.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- if .Values.config }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/opensearch.yml
|
||||
name: config
|
||||
subPath: opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.extraConfig }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/my_opensearch.yml
|
||||
name: config
|
||||
subPath: my_opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
mountPath: /opt/bitnami/opensearch/config/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-cm
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-secret
|
||||
{{- end }}
|
||||
{{- if .Values.data.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if or .Values.config .Values.extraConfig }}
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ template "common.names.fullname" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
projected:
|
||||
defaultMode: 256
|
||||
sources:
|
||||
- secret:
|
||||
name: {{ include "opensearch.master.tlsSecretName" . }}
|
||||
- secret:
|
||||
name: {{ include "opensearch.admin.tlsSecretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScripts" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScriptsCM" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
secret:
|
||||
secretName: {{ template "opensearch.initScriptsSecret" . }}
|
||||
defaultMode: 0755
|
||||
{{- end }}
|
||||
{{- if .Values.data.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if not .Values.data.persistence.enabled }}
|
||||
- name: "data"
|
||||
emptyDir: {}
|
||||
{{- else if .Values.data.persistence.existingClaim }}
|
||||
- name: "data"
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.data.persistence.existingClaim }}
|
||||
{{- else }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: "data"
|
||||
annotations:
|
||||
{{- if .Values.data.persistence.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.data.persistence.annotations "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
labels: {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.data.persistence.accessModes }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.data.persistence.size | quote }}
|
||||
{{- if .Values.data.persistence.selector }}
|
||||
selector: {{- include "common.tplvalues.render" (dict "value" .Values.data.persistence.selector "context" $) | nindent 10 }}
|
||||
{{- else if .Values.data.persistence.existingVolume }}
|
||||
selector:
|
||||
matchLabels:
|
||||
volume: {{ .Values.data.persistence.existingVolume }}
|
||||
{{- end }}
|
||||
{{- include "common.storage.class" (dict "persistence" .Values.data.persistence "global" .Values.global) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
33
bitnami/opensearch/templates/data/svc-headless.yaml
Normal file
33
bitnami/opensearch/templates/data/svc-headless.yaml
Normal file
@@ -0,0 +1,33 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.data.enabled" .) }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.servicename" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
clusterIP: None
|
||||
publishNotReadyAddresses: true
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ .Values.containerPorts.restAPI }}
|
||||
targetPort: rest-api
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.containerPorts.transport }}
|
||||
targetPort: transport
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- end }}
|
||||
51
bitnami/opensearch/templates/data/vpa.yaml
Normal file
51
bitnami/opensearch/templates/data/vpa.yaml
Normal file
@@ -0,0 +1,51 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.data.autoscaling.vpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.vpa.apiVersion" . }}
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.data.autoscaling.vpa.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.data.autoscaling.vpa.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: opensearch
|
||||
{{- with .Values.data.autoscaling.vpa.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.data.autoscaling.vpa.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.data.autoscaling.vpa.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: {{ (include "common.capabilities.statefulset.apiVersion" .) }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.data.fullname" . }}
|
||||
{{- if .Values.data.autoscaling.vpa.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- with .Values.data.autoscaling.vpa.updatePolicy.updateMode }}
|
||||
updateMode: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
9
bitnami/opensearch/templates/extra-list.yaml
Normal file
9
bitnami/opensearch/templates/extra-list.yaml
Normal file
@@ -0,0 +1,9 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- range .Values.extraDeploy }}
|
||||
---
|
||||
{{ include "common.tplvalues.render" (dict "value" . "context" $) }}
|
||||
{{- end }}
|
||||
52
bitnami/opensearch/templates/ingest/hpa.yaml
Normal file
52
bitnami/opensearch/templates/ingest/hpa.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.ingest.enabled" .) .Values.ingest.autoscaling.hpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
minReplicas: {{ .Values.ingest.autoscaling.hpa.minReplicas }}
|
||||
maxReplicas: {{ .Values.ingest.autoscaling.hpa.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.ingest.autoscaling.hpa.targetCPU }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.ingest.autoscaling.hpa.targetCPU }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.ingest.autoscaling.hpa.targetCPU }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.autoscaling.hpa.targetMemory }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.ingest.autoscaling.hpa.targetMemory }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.ingest.autoscaling.hpa.targetMemory }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
70
bitnami/opensearch/templates/ingest/ingress.yaml
Normal file
70
bitnami/opensearch/templates/ingest/ingress.yaml
Normal file
@@ -0,0 +1,70 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.ingest.enabled" .) .Values.ingest.service.enabled .Values.ingest.ingress.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.ingest.ingress.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.ingest.ingress.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.ingress.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and .Values.ingest.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
|
||||
ingressClassName: {{ .Values.ingest.ingress.ingressClassName | quote }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- if .Values.ingest.ingress.hostname }}
|
||||
- http:
|
||||
paths:
|
||||
{{- if .Values.ingest.ingress.extraPaths }}
|
||||
{{- toYaml .Values.ingest.ingress.extraPaths | nindent 10 }}
|
||||
{{- end }}
|
||||
- path: {{ .Values.ingest.ingress.path }}
|
||||
{{- if eq "true" (include "common.ingress.supportsPathType" .) }}
|
||||
pathType: {{ .Values.ingest.ingress.pathType }}
|
||||
{{- end }}
|
||||
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "opensearch.ingest.fullname" .) "servicePort" "tcp-rest-api" "context" $) | nindent 14 }}
|
||||
{{- if ne .Values.ingest.ingress.hostname "*" }}
|
||||
host: {{ .Values.ingest.ingress.hostname }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range .Values.ingest.ingress.extraHosts }}
|
||||
- host: {{ .name }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ default "/" .path }}
|
||||
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
|
||||
pathType: {{ default "ImplementationSpecific" .pathType }}
|
||||
{{- end }}
|
||||
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "opensearch.ingest.fullname" $) "servicePort" "tcp-rest-api" "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.ingress.extraRules }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.ingress.extraRules "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or (and .Values.ingest.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingest.ingress.annotations )) .Values.ingest.ingress.selfSigned)) .Values.ingest.ingress.extraTls }}
|
||||
tls:
|
||||
{{- if and .Values.ingest.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingest.ingress.annotations )) .Values.ingest.ingress.selfSigned) }}
|
||||
- hosts:
|
||||
- {{ .Values.ingest.ingress.hostname | quote }}
|
||||
secretName: {{ printf "%s-tls" .Values.ingest.ingress.hostname }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.ingress.extraTls }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.ingress.extraTls "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
77
bitnami/opensearch/templates/ingest/networkpolicy.yaml
Normal file
77
bitnami/opensearch/templates/ingest/networkpolicy.yaml
Normal file
@@ -0,0 +1,77 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.ingest.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: ingest
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
# Allow dns resolution
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
# Allow outbound connections to other cluster pods
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
- port: {{ .Values.dashboards.service.ports.http }}
|
||||
to:
|
||||
- podSelector:
|
||||
matchLabels: {{- include "common.labels.standard" . | nindent 14 }}
|
||||
{{- if .Values.ingest.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.podLabels "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.networkPolicy.extraEgress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
{{- if not .Values.ingest.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "common.names.fullname" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.networkPolicy.ingressNSMatchLabels }}
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.ingest.networkPolicy.ingressNSMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.networkPolicy.ingressNSPodMatchLabels }}
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.ingest.networkPolicy.ingressNSPodMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.networkPolicy.extraIngress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.networkPolicy.extraIngress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
30
bitnami/opensearch/templates/ingest/pdb.yaml
Normal file
30
bitnami/opensearch/templates/ingest/pdb.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and ( include "opensearch.ingest.enabled" . ) .Values.ingest.pdb.create }}
|
||||
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.ingest.pdb.minAvailable }}
|
||||
minAvailable: {{ .Values.ingest.pdb.minAvailable }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ .Values.ingest.pdb.maxUnavailable }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- end }}
|
||||
65
bitnami/opensearch/templates/ingest/service.yaml
Normal file
65
bitnami/opensearch/templates/ingest/service.yaml
Normal file
@@ -0,0 +1,65 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.ingest.enabled" .) .Values.ingest.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.service.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.service.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.ingest.service.type }}
|
||||
{{- if and .Values.ingest.service.clusterIP (eq .Values.ingest.service.type "ClusterIP") }}
|
||||
clusterIP: {{ .Values.ingest.service.clusterIP }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.ingest.service.type "LoadBalancer") (eq .Values.ingest.service.type "NodePort") }}
|
||||
externalTrafficPolicy: {{ .Values.ingest.service.externalTrafficPolicy | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.ingest.service.type "LoadBalancer") .Values.ingest.service.loadBalancerSourceRanges }}
|
||||
loadBalancerSourceRanges: {{- toYaml .Values.ingest.service.loadBalancerSourceRanges | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if (and (eq .Values.ingest.service.type "LoadBalancer") (not (empty .Values.ingest.service.loadBalancerIP))) }}
|
||||
loadBalancerIP: {{ .Values.ingest.service.loadBalancerIP }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.service.sessionAffinity }}
|
||||
sessionAffinity: {{ .Values.ingest.service.sessionAffinity }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.service.sessionAffinityConfig }}
|
||||
sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.service.sessionAffinityConfig "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ .Values.ingest.service.ports.restAPI }}
|
||||
targetPort: rest-api
|
||||
{{- if and (or (eq .Values.ingest.service.type "NodePort") (eq .Values.ingest.service.type "LoadBalancer")) (not (empty .Values.ingest.service.nodePorts.restAPI)) }}
|
||||
nodePort: {{ .Values.ingest.service.nodePorts.restAPI }}
|
||||
{{- else if eq .Values.ingest.service.type "ClusterIP" }}
|
||||
nodePort: null
|
||||
{{- end }}
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.ingest.service.ports.transport }}
|
||||
{{- if and (or (eq .Values.ingest.service.type "NodePort") (eq .Values.ingest.service.type "LoadBalancer")) (not (empty .Values.ingest.service.nodePorts.transport)) }}
|
||||
nodePort: {{ .Values.ingest.service.nodePorts.transport }}
|
||||
{{- else if eq .Values.ingest.service.type "ClusterIP" }}
|
||||
nodePort: null
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.service.extraPorts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.service.extraPorts "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- end }}
|
||||
27
bitnami/opensearch/templates/ingest/serviceaccount.yaml
Normal file
27
bitnami/opensearch/templates/ingest/serviceaccount.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.ingest.enabled" .) .Values.ingest.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.serviceAccountName" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.ingest.serviceAccount.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.serviceAccount.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.ingest.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end -}}
|
||||
308
bitnami/opensearch/templates/ingest/statefulset.yaml
Normal file
308
bitnami/opensearch/templates/ingest/statefulset.yaml
Normal file
@@ -0,0 +1,308 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.ingest.enabled" . ) }}
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: ingest
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.ingest.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.ingest.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.ingest.autoscaling.hpa.enabled }}
|
||||
replicas: {{ .Values.ingest.replicaCount }}
|
||||
{{- end }}
|
||||
podManagementPolicy: {{ .Values.ingest.podManagementPolicy }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
serviceName: {{ include "opensearch.ingest.servicename" . }}
|
||||
{{- if .Values.ingest.updateStrategy }}
|
||||
updateStrategy: {{- toYaml .Values.ingest.updateStrategy | nindent 4 }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: ingest
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.podLabels "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if and (include "opensearch.createTlsSecret" .) (not .Values.security.tls.ingest.existingSecret) }}
|
||||
checksum/tls: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.podAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.podAnnotations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "opensearch.ingest.serviceAccountName" . }}
|
||||
{{- include "opensearch.imagePullSecrets" . | nindent 6 }}
|
||||
{{- if .Values.ingest.hostAliases }}
|
||||
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.hostAliases "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.affinity }}
|
||||
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.affinity "context" $) | nindent 8 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.ingest.podAffinityPreset "component" "ingest" "context" $) | nindent 10 }}
|
||||
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.ingest.podAntiAffinityPreset "component" "ingest" "context" $) | nindent 10 }}
|
||||
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.ingest.nodeAffinityPreset.type "key" .Values.ingest.nodeAffinityPreset.key "values" .Values.ingest.nodeAffinityPreset.values) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.nodeSelector }}
|
||||
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.nodeSelector "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.tolerations }}
|
||||
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.tolerations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.schedulerName }}
|
||||
schedulerName: {{ .Values.ingest.schedulerName }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.topologySpreadConstraints }}
|
||||
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.topologySpreadConstraints "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.priorityClassName }}
|
||||
priorityClassName: {{ .Values.ingest.priorityClassName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.ingest.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ .Values.ingest.terminationGracePeriodSeconds }}
|
||||
{{- end }}
|
||||
{{- if or .Values.ingest.initContainers .Values.sysctlImage.enabled }}
|
||||
initContainers:
|
||||
{{- if .Values.sysctlImage.enabled }}
|
||||
{{- include "opensearch.sysctl.initContainer" . | nindent 8}}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: opensearch
|
||||
image: {{ include "opensearch.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
{{- if .Values.ingest.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.ingest.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.ingest.command }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.command "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
||||
{{- else if .Values.ingest.args }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.args "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.lifecycleHooks }}
|
||||
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.lifecycleHooks "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
- name: MY_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: OPENSEARCH_IS_DEDICATED_NODE
|
||||
value: "yes"
|
||||
{{- $roles := ternary "ingest" (list "ingest" .Values.ingest.extraRoles) (empty .Values.ingest.extraRoles) }}
|
||||
- name: OPENSEARCH_NODE_ROLES
|
||||
value: {{ join "," $roles | quote }}
|
||||
- name: OPENSEARCH_TRANSPORT_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.transport | quote }}
|
||||
- name: OPENSEARCH_HTTP_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.restAPI | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_NAME
|
||||
value: {{ .Values.clusterName | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_HOSTS
|
||||
value: {{ include "opensearch.hosts" . | quote }}
|
||||
- name: OPENSEARCH_TOTAL_NODES
|
||||
value: {{ add (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) (ternary .Values.data.autoscaling.hpa.minReplicas .Values.data.replicaCount .Values.data.autoscaling.hpa.enabled) | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_MASTER_HOSTS
|
||||
{{- $opensearchMasterFullname := include "opensearch.master.fullname" . }}
|
||||
{{- $replicas := int (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) }}
|
||||
value: {{ range $i, $e := until $replicas }}{{ printf "%s-%d" $opensearchMasterFullname $e }} {{ end }}
|
||||
- name: OPENSEARCH_MINIMUM_MASTER_NODES
|
||||
value: {{ add (div (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) 2) 1 | quote }}
|
||||
- name: OPENSEARCH_ADVERTISED_HOSTNAME
|
||||
value: "$(MY_POD_NAME).{{ (include "opensearch.ingest.servicename" .)}}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}"
|
||||
{{- if .Values.plugins }}
|
||||
- name: OPENSEARCH_PLUGINS
|
||||
value: {{ .Values.plugins | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.heapSize }}
|
||||
- name: OPENSEARCH_HEAP_SIZE
|
||||
value: {{ .Values.ingest.heapSize | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
{{- include "opensearch.configure.security" . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret .Values.ingest.extraEnvVarsCM .Values.ingest.extraEnvVarsSecret }}
|
||||
envFrom:
|
||||
{{- if .Values.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.ingest.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.ingest.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: rest-api
|
||||
containerPort: {{ .Values.containerPorts.restAPI }}
|
||||
- name: transport
|
||||
containerPort: {{ .Values.containerPorts.transport }}
|
||||
{{- if not .Values.diagnosticMode.enabled }}
|
||||
{{- if .Values.ingest.customStartupProbe }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.customStartupProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.ingest.startupProbe.enabled }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.ingest.startupProbe "enabled") "context" $) | nindent 12 }}
|
||||
tcpSocket:
|
||||
port: rest-api
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.customLivenessProbe }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.customLivenessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.ingest.livenessProbe.enabled }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.ingest.livenessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.customReadinessProbe }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.ingest.customReadinessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.ingest.readinessProbe.enabled }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.ingest.readinessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.resources }}
|
||||
resources: {{- toYaml .Values.ingest.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- if .Values.config }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/opensearch.yml
|
||||
name: config
|
||||
subPath: opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.extraConfig }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/my_opensearch.yml
|
||||
name: config
|
||||
subPath: my_opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
mountPath: /opt/bitnami/opensearch/config/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-cm
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-secret
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: "data"
|
||||
emptyDir: {}
|
||||
{{- if or .Values.config .Values.extraConfig }}
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ template "common.names.fullname" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
projected:
|
||||
defaultMode: 256
|
||||
sources:
|
||||
- secret:
|
||||
name: {{ include "opensearch.master.tlsSecretName" . }}
|
||||
- secret:
|
||||
name: {{ include "opensearch.admin.tlsSecretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScripts" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScriptsCM" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
secret:
|
||||
secretName: {{ template "opensearch.initScriptsSecret" . }}
|
||||
defaultMode: 0755
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingest.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
33
bitnami/opensearch/templates/ingest/svc-headless.yaml
Normal file
33
bitnami/opensearch/templates/ingest/svc-headless.yaml
Normal file
@@ -0,0 +1,33 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.ingest.enabled" .) }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.servicename" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
clusterIP: None
|
||||
publishNotReadyAddresses: true
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ .Values.containerPorts.restAPI }}
|
||||
targetPort: rest-api
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.containerPorts.transport }}
|
||||
targetPort: transport
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- end }}
|
||||
51
bitnami/opensearch/templates/ingest/vpa.yaml
Normal file
51
bitnami/opensearch/templates/ingest/vpa.yaml
Normal file
@@ -0,0 +1,51 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.ingest.autoscaling.vpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.vpa.apiVersion" . }}
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.autoscaling.vpa.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingest.autoscaling.vpa.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: opensearch
|
||||
{{- with .Values.ingest.autoscaling.vpa.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.ingest.autoscaling.vpa.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.ingest.autoscaling.vpa.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: {{ (include "common.capabilities.statefulset.apiVersion" .) }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.ingest.fullname" . }}
|
||||
{{- if .Values.ingest.autoscaling.vpa.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- with .Values.ingest.autoscaling.vpa.updatePolicy.updateMode }}
|
||||
updateMode: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
99
bitnami/opensearch/templates/ingress-tls-secrets.yaml
Normal file
99
bitnami/opensearch/templates/ingress-tls-secrets.yaml
Normal file
@@ -0,0 +1,99 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.ingress.enabled }}
|
||||
{{- if .Values.ingress.secrets }}
|
||||
{{- range .Values.ingress.secrets }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
namespace: {{ template "common.names.namespace" $ }}
|
||||
labels: {{- include "common.labels.standard" $ | nindent 4 }}
|
||||
{{- if $.Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if $.Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ .certificate | b64enc }}
|
||||
tls.key: {{ .key | b64enc }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
|
||||
{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
|
||||
{{- $ca := genCA "opensearch-ca" 365 }}
|
||||
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ template "common.names.namespace" . }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingest.ingress.enabled }}
|
||||
{{- if .Values.ingest.ingress.secrets }}
|
||||
{{- range .Values.ingest.ingress.secrets }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .name }}
|
||||
namespace: {{ printf "%s-ingest-ingress" (include "common.names.namespace" $ ) }}
|
||||
labels: {{- include "common.labels.standard" $ | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if $.Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if $.Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ .certificate | b64enc }}
|
||||
tls.key: {{ .key | b64enc }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and .Values.ingest.ingress.tls .Values.ingest.ingress.selfSigned }}
|
||||
{{- $secretName := printf "%s-tls" .Values.ingest.ingress.hostname }}
|
||||
{{- $ca := genCA "opensearch-ingest-ca" 365 }}
|
||||
{{- $cert := genSignedCert .Values.ingest.ingress.hostname nil (list .Values.ingest.ingress.hostname) 365 $ca }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ template "common.names.namespace" $ }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
70
bitnami/opensearch/templates/ingress.yaml
Normal file
70
bitnami/opensearch/templates/ingress.yaml
Normal file
@@ -0,0 +1,70 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.ingress.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: opensearch
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.ingress.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.ingress.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
|
||||
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- if .Values.ingress.hostname }}
|
||||
- http:
|
||||
paths:
|
||||
{{- if .Values.ingress.extraPaths }}
|
||||
{{- toYaml .Values.ingress.extraPaths | nindent 10 }}
|
||||
{{- end }}
|
||||
- path: {{ .Values.ingress.path }}
|
||||
{{- if eq "true" (include "common.ingress.supportsPathType" .) }}
|
||||
pathType: {{ .Values.ingress.pathType }}
|
||||
{{- end }}
|
||||
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "tcp-rest-api" "context" $) | nindent 14 }}
|
||||
{{- if ne .Values.ingress.hostname "*" }}
|
||||
host: {{ .Values.ingress.hostname }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range .Values.ingress.extraHosts }}
|
||||
- host: {{ .name }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ default "/" .path }}
|
||||
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
|
||||
pathType: {{ default "ImplementationSpecific" .pathType }}
|
||||
{{- end }}
|
||||
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "tcp-rest-api" "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.extraRules }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraRules "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }}
|
||||
tls:
|
||||
{{- if and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned) }}
|
||||
- hosts:
|
||||
- {{ .Values.ingress.hostname | quote }}
|
||||
secretName: {{ printf "%s-tls" .Values.ingress.hostname }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.extraTls }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
21
bitnami/opensearch/templates/initialization-configmap.yaml
Normal file
21
bitnami/opensearch/templates/initialization-configmap.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.initScripts }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ printf "%s-init-scripts" (include "common.names.fullname" .) }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
data:
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.initScripts "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
52
bitnami/opensearch/templates/master/hpa.yaml
Normal file
52
bitnami/opensearch/templates/master/hpa.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.master.enabled" .) .Values.master.autoscaling.hpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }}
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
minReplicas: {{ .Values.master.autoscaling.hpa.minReplicas }}
|
||||
maxReplicas: {{ .Values.master.autoscaling.hpa.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.master.autoscaling.hpa.targetCPU }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.master.autoscaling.hpa.targetCPU }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.master.autoscaling.hpa.targetCPU }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.autoscaling.hpa.targetMemory }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }}
|
||||
targetAverageUtilization: {{ .Values.master.autoscaling.hpa.targetMemory }}
|
||||
{{- else }}
|
||||
target:
|
||||
type: Utilization
|
||||
averageUtilization: {{ .Values.master.autoscaling.hpa.targetMemory }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
77
bitnami/opensearch/templates/master/networkpolicy.yaml
Normal file
77
bitnami/opensearch/templates/master/networkpolicy.yaml
Normal file
@@ -0,0 +1,77 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.master.networkPolicy.enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
|
||||
metadata:
|
||||
name: {{ template "opensearch.master.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: master
|
||||
policyTypes:
|
||||
- Ingress
|
||||
- Egress
|
||||
egress:
|
||||
# Allow dns resolution
|
||||
- ports:
|
||||
- port: 53
|
||||
protocol: UDP
|
||||
- port: 53
|
||||
protocol: TCP
|
||||
# Allow outbound connections to other cluster pods
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
- port: {{ .Values.dashboards.service.ports.http }}
|
||||
to:
|
||||
- podSelector:
|
||||
matchLabels: {{- include "common.labels.standard" . | nindent 14 }}
|
||||
{{- if .Values.master.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.podLabels "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.networkPolicy.extraEgress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.networkPolicy.extraEgress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
ingress:
|
||||
- ports:
|
||||
- port: {{ .Values.service.ports.restAPI }}
|
||||
- port: {{ .Values.service.ports.transport }}
|
||||
{{- if not .Values.master.networkPolicy.allowExternal }}
|
||||
from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{ template "common.names.fullname" . }}-client: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.master.networkPolicy.ingressNSMatchLabels }}
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.master.networkPolicy.ingressNSMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.networkPolicy.ingressNSPodMatchLabels }}
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- range $key, $value := .Values.master.networkPolicy.ingressNSPodMatchLabels }}
|
||||
{{ $key | quote }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.networkPolicy.extraIngress }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.networkPolicy.extraIngress "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
30
bitnami/opensearch/templates/master/pdb.yaml
Normal file
30
bitnami/opensearch/templates/master/pdb.yaml
Normal file
@@ -0,0 +1,30 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and ( include "opensearch.master.enabled" . ) .Values.master.pdb.create }}
|
||||
apiVersion: {{ include "common.capabilities.policy.apiVersion" . }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.master.pdb.minAvailable }}
|
||||
minAvailable: {{ .Values.master.pdb.minAvailable }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.pdb.maxUnavailable }}
|
||||
maxUnavailable: {{ .Values.master.pdb.maxUnavailable }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- end }}
|
||||
27
bitnami/opensearch/templates/master/serviceaccount.yaml
Normal file
27
bitnami/opensearch/templates/master/serviceaccount.yaml
Normal file
@@ -0,0 +1,27 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (include "opensearch.master.enabled" .) .Values.master.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.serviceAccountName" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.master.serviceAccount.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.serviceAccount.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
automountServiceAccountToken: {{ .Values.master.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end -}}
|
||||
380
bitnami/opensearch/templates/master/statefulset.yaml
Normal file
380
bitnami/opensearch/templates/master/statefulset.yaml
Normal file
@@ -0,0 +1,380 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.master.enabled" .) }}
|
||||
apiVersion: {{ template "common.capabilities.statefulset.apiVersion" . }}
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: master
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.master.annotations .Values.commonAnnotations }}
|
||||
annotations:
|
||||
{{- if .Values.master.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if not .Values.master.autoscaling.hpa.enabled }}
|
||||
replicas: {{ .Values.master.replicaCount }}
|
||||
{{- end }}
|
||||
podManagementPolicy: {{ .Values.master.podManagementPolicy }}
|
||||
selector:
|
||||
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: master
|
||||
serviceName: {{ include "opensearch.master.servicename" . }}
|
||||
{{- if .Values.master.updateStrategy }}
|
||||
updateStrategy: {{- toYaml .Values.master.updateStrategy | nindent 4 }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
labels: {{- include "common.labels.standard" . | nindent 8 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.useIstioLabels }}
|
||||
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
||||
app: master
|
||||
{{- end }}
|
||||
{{- if .Values.master.podLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.podLabels "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if and (include "opensearch.createTlsSecret" .) (not .Values.security.tls.master.existingSecret) }}
|
||||
checksum/tls: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.podAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.podAnnotations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "opensearch.master.serviceAccountName" . }}
|
||||
{{- include "opensearch.imagePullSecrets" . | nindent 6 }}
|
||||
{{- if .Values.master.hostAliases }}
|
||||
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.master.hostAliases "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.affinity }}
|
||||
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.master.affinity "context" $) | nindent 8 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.master.podAffinityPreset "component" "master" "context" $) | nindent 10 }}
|
||||
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.master.podAntiAffinityPreset "component" "master" "context" $) | nindent 10 }}
|
||||
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.master.nodeAffinityPreset.type "key" .Values.master.nodeAffinityPreset.key "values" .Values.master.nodeAffinityPreset.values) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.nodeSelector }}
|
||||
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.master.nodeSelector "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.tolerations }}
|
||||
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.master.tolerations "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.schedulerName }}
|
||||
schedulerName: {{ .Values.master.schedulerName }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.topologySpreadConstraints }}
|
||||
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.master.topologySpreadConstraints "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.priorityClassName }}
|
||||
priorityClassName: {{ .Values.master.priorityClassName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.master.podSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.terminationGracePeriodSeconds }}
|
||||
terminationGracePeriodSeconds: {{ .Values.master.terminationGracePeriodSeconds }}
|
||||
{{- end }}
|
||||
{{- if or .Values.master.initContainers .Values.sysctlImage.enabled (and .Values.volumePermissions.enabled .Values.master.persistence.enabled) }}
|
||||
initContainers:
|
||||
{{- if .Values.sysctlImage.enabled }}
|
||||
{{- include "opensearch.sysctl.initContainer" . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if and .Values.volumePermissions.enabled .Values.master.persistence.enabled }}
|
||||
- name: volume-permissions
|
||||
image: {{ include "opensearch.volumePermissions.image" . }}
|
||||
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
|
||||
command:
|
||||
- /bin/bash
|
||||
- -ec
|
||||
- |
|
||||
mkdir -p /bitnami/opensearch/data
|
||||
chown {{ .Values.master.containerSecurityContext.runAsUser }}:{{ .Values.master.podSecurityContext.fsGroup }} /bitnami/opensearch/data
|
||||
find /bitnami/opensearch/data -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.master.containerSecurityContext.runAsUser }}:{{ .Values.master.podSecurityContext.fsGroup }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
{{- if .Values.volumePermissions.resources }}
|
||||
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- end }}
|
||||
{{- if .Values.master.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.initContainers }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: opensearch
|
||||
image: {{ include "opensearch.image" . }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
|
||||
{{- if .Values.master.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.master.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.master.command }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.master.command "context" $) | nindent 12 }}
|
||||
{{- else if .Values.security.enabled }}
|
||||
command:
|
||||
- bash
|
||||
- -ec
|
||||
- |
|
||||
if [[ "$MY_POD_NAME" =~ -0$ ]]; then
|
||||
export OPENSEARCH_SECURITY_BOOTSTRAP=true
|
||||
# Opensearch securityadmin.sh requires the admin.key to be in PKCS8 format
|
||||
openssl pkcs8 -topk8 -nocrypt -in "/opt/bitnami/opensearch/config/certs/admin.key" > "/opt/bitnami/opensearch/config/admin.key"
|
||||
export OPENSEARCH_SECURITY_ADMIN_KEY_LOCATION="/opt/bitnami/opensearch/config/admin.key"
|
||||
fi
|
||||
/opt/bitnami/scripts/opensearch/entrypoint.sh /opt/bitnami/scripts/opensearch/run.sh
|
||||
{{- end }}
|
||||
{{- if .Values.diagnosticMode.enabled }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
|
||||
{{- else if .Values.master.args }}
|
||||
args: {{- include "common.tplvalues.render" (dict "value" .Values.master.args "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.lifecycleHooks }}
|
||||
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.master.lifecycleHooks "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: BITNAMI_DEBUG
|
||||
value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
|
||||
- name: MY_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: OPENSEARCH_IS_DEDICATED_NODE
|
||||
value: {{ ternary "yes" "no" .Values.master.masterOnly | quote }}
|
||||
{{- $roles := ternary "master" (list "master" .Values.master.extraRoles) (empty .Values.master.extraRoles) }}
|
||||
- name: OPENSEARCH_NODE_ROLES
|
||||
value: {{ join "," $roles | quote }}
|
||||
- name: OPENSEARCH_TRANSPORT_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.transport | quote }}
|
||||
- name: OPENSEARCH_HTTP_PORT_NUMBER
|
||||
value: {{ .Values.containerPorts.restAPI | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_NAME
|
||||
value: {{ .Values.clusterName | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_HOSTS
|
||||
value: {{ include "opensearch.hosts" . | quote }}
|
||||
- name: OPENSEARCH_TOTAL_NODES
|
||||
value: {{ add (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) (ternary .Values.data.autoscaling.hpa.minReplicas .Values.data.replicaCount .Values.data.autoscaling.hpa.enabled) | quote }}
|
||||
- name: OPENSEARCH_CLUSTER_MASTER_HOSTS
|
||||
{{- $opensearchMasterFullname := include "opensearch.master.fullname" . }}
|
||||
{{- $replicas := int (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) }}
|
||||
value: {{ range $i, $e := until $replicas }}{{ printf "%s-%d" $opensearchMasterFullname $e }} {{ end }}
|
||||
- name: OPENSEARCH_MINIMUM_MASTER_NODES
|
||||
value: {{ add (div (ternary .Values.master.autoscaling.hpa.minReplicas .Values.master.replicaCount .Values.master.autoscaling.hpa.enabled) 2) 1 | quote }}
|
||||
- name: OPENSEARCH_ADVERTISED_HOSTNAME
|
||||
value: "$(MY_POD_NAME).{{ (include "opensearch.master.servicename" .) | trunc 63 | trimSuffix "-" }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}"
|
||||
{{- if .Values.plugins }}
|
||||
- name: OPENSEARCH_PLUGINS
|
||||
value: {{ .Values.plugins | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.snapshotRepoPath }}
|
||||
- name: OPENSEARCH_FS_SNAPSHOT_REPO_PATH
|
||||
value: {{ .Values.snapshotRepoPath | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.heapSize }}
|
||||
- name: OPENSEARCH_HEAP_SIZE
|
||||
value: {{ .Values.master.heapSize | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
{{- include "opensearch.configure.security" . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret .Values.master.extraEnvVarsCM .Values.master.extraEnvVarsSecret }}
|
||||
envFrom:
|
||||
{{- if .Values.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.master.extraEnvVarsCM "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ include "common.tplvalues.render" ( dict "value" .Values.master.extraEnvVarsSecret "context" $ ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: rest-api
|
||||
containerPort: {{ .Values.containerPorts.restAPI }}
|
||||
- name: transport
|
||||
containerPort: {{ .Values.containerPorts.transport }}
|
||||
{{- if not .Values.diagnosticMode.enabled }}
|
||||
{{- if .Values.master.customStartupProbe }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customStartupProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.master.startupProbe.enabled }}
|
||||
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.master.startupProbe "enabled") "context" $) | nindent 12 }}
|
||||
tcpSocket:
|
||||
port: rest-api
|
||||
{{- end }}
|
||||
{{- if .Values.master.customLivenessProbe }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customLivenessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.master.livenessProbe.enabled }}
|
||||
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.master.livenessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- if .Values.master.customReadinessProbe }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customReadinessProbe "context" $) | nindent 12 }}
|
||||
{{- else if .Values.master.readinessProbe.enabled }}
|
||||
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.master.readinessProbe "enabled") "context" $) | nindent 12 }}
|
||||
exec:
|
||||
command:
|
||||
- /opt/bitnami/scripts/opensearch/healthcheck.sh
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.resources }}
|
||||
resources: {{- toYaml .Values.master.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: /bitnami/opensearch/data
|
||||
{{- if .Values.config }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/opensearch.yml
|
||||
name: config
|
||||
subPath: opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.extraConfig }}
|
||||
- mountPath: /opt/bitnami/opensearch/config/my_opensearch.yml
|
||||
name: config
|
||||
subPath: my_opensearch.yml
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
mountPath: /opt/bitnami/opensearch/config/certs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-cm
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
mountPath: /docker-entrypoint-initdb.d/init-scripts-secret
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.sidecars }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if or .Values.config .Values.extraConfig }}
|
||||
- name: config
|
||||
configMap:
|
||||
name: {{ template "common.names.fullname" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.enabled }}
|
||||
- name: opensearch-certificates
|
||||
projected:
|
||||
defaultMode: 256
|
||||
sources:
|
||||
- secret:
|
||||
name: {{ include "opensearch.master.tlsSecretName" . }}
|
||||
- secret:
|
||||
name: {{ include "opensearch.admin.tlsSecretName" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScripts }}
|
||||
- name: custom-init-scripts
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScripts" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsCM }}
|
||||
- name: custom-init-scripts-cm
|
||||
configMap:
|
||||
name: {{ template "opensearch.initScriptsCM" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.initScriptsSecret }}
|
||||
- name: custom-init-scripts-secret
|
||||
secret:
|
||||
secretName: {{ template "opensearch.initScriptsSecret" . }}
|
||||
defaultMode: 0755
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if not .Values.master.persistence.enabled }}
|
||||
- name: "data"
|
||||
emptyDir: {}
|
||||
{{- else if .Values.master.persistence.existingClaim }}
|
||||
- name: "data"
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.master.persistence.existingClaim }}
|
||||
{{- else }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: "data"
|
||||
annotations:
|
||||
{{- if .Values.master.persistence.annotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.annotations "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonLabels }}
|
||||
labels: {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 10 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.master.persistence.accessModes }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.master.persistence.size | quote }}
|
||||
{{- if .Values.master.persistence.selector }}
|
||||
selector: {{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.selector "context" $) | nindent 10 }}
|
||||
{{- else if .Values.master.persistence.existingVolume }}
|
||||
selector:
|
||||
matchLabels:
|
||||
volume: {{ .Values.master.persistence.existingVolume }}
|
||||
{{- end }}
|
||||
{{- include "common.storage.class" (dict "persistence" .Values.master.persistence "global" .Values.global) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
33
bitnami/opensearch/templates/master/svc-headless.yaml
Normal file
33
bitnami/opensearch/templates/master/svc-headless.yaml
Normal file
@@ -0,0 +1,33 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.master.enabled" .) }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.servicename" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{ include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
clusterIP: None
|
||||
publishNotReadyAddresses: true
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ .Values.containerPorts.restAPI }}
|
||||
targetPort: rest-api
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.containerPorts.transport }}
|
||||
targetPort: transport
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- end }}
|
||||
51
bitnami/opensearch/templates/master/vpa.yaml
Normal file
51
bitnami/opensearch/templates/master/vpa.yaml
Normal file
@@ -0,0 +1,51 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1/VerticalPodAutoscaler") .Values.master.autoscaling.vpa.enabled }}
|
||||
apiVersion: {{ include "common.capabilities.vpa.apiVersion" . }}
|
||||
kind: VerticalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
app.kubernetes.io/part-of: opensearch
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.master.autoscaling.vpa.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.master.autoscaling.vpa.annotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
resourcePolicy:
|
||||
containerPolicies:
|
||||
- containerName: opensearch
|
||||
{{- with .Values.master.autoscaling.vpa.controlledResources }}
|
||||
controlledResources:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.master.autoscaling.vpa.maxAllowed }}
|
||||
maxAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.master.autoscaling.vpa.minAllowed }}
|
||||
minAllowed:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
targetRef:
|
||||
apiVersion: {{ (include "common.capabilities.statefulset.apiVersion" .) }}
|
||||
kind: StatefulSet
|
||||
name: {{ include "opensearch.master.fullname" . }}
|
||||
{{- if .Values.master.autoscaling.vpa.updatePolicy }}
|
||||
updatePolicy:
|
||||
{{- with .Values.master.autoscaling.vpa.updatePolicy.updateMode }}
|
||||
updateMode: {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
50
bitnami/opensearch/templates/secrets.yaml
Normal file
50
bitnami/opensearch/templates/secrets.yaml
Normal file
@@ -0,0 +1,50 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.createSecret" . ) }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ template "common.names.fullname" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
data:
|
||||
opensearch-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "opensearch-password" "length" 16 "providedValues" (list "security.adminPassword") "context" $) }}
|
||||
opensearch-dashboards-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "opensearch-dashboards-password" "length" 16 "providedValues" (list "dashboards.password") "context" $) }}
|
||||
logstash-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "logstash-password" "length" 16 "providedValues" (list "security.logstashPassword") "context" $) }}
|
||||
{{- end }}
|
||||
{{- if (include "opensearch.createTlsPasswordsSecret" . ) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ printf "%s-tls-pass" (include "common.names.fullname" .) }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
data:
|
||||
{{- if .Values.security.tls.keystorePassword }}
|
||||
keystore-password: {{ default "" .Values.security.tls.keystorePassword | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.tls.truststorePassword }}
|
||||
truststore-password: {{ default "" .Values.security.tls.truststorePassword | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.security.tls.keyPassword }}
|
||||
key-password: {{ default "" .Values.security.tls.keyPassword | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
71
bitnami/opensearch/templates/service.yaml
Normal file
71
bitnami/opensearch/templates/service.yaml
Normal file
@@ -0,0 +1,71 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "opensearch.service.name" . }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if (include "opensearch.coordinating.enabled" .) }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- else }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- if .Values.commonAnnotations }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.annotations }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
{{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }}
|
||||
clusterIP: {{ .Values.service.clusterIP }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }}
|
||||
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }}
|
||||
loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }}
|
||||
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.sessionAffinity }}
|
||||
sessionAffinity: {{ .Values.service.sessionAffinity }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.sessionAffinityConfig }}
|
||||
sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: tcp-rest-api
|
||||
port: {{ include "opensearch.service.ports.restAPI" . }}
|
||||
targetPort: rest-api
|
||||
{{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.restAPI)) }}
|
||||
nodePort: {{ .Values.service.nodePorts.restAPI }}
|
||||
{{- else if eq .Values.service.type "ClusterIP" }}
|
||||
nodePort: null
|
||||
{{- end }}
|
||||
- name: tcp-transport
|
||||
port: {{ .Values.service.ports.transport }}
|
||||
{{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.transport)) }}
|
||||
nodePort: {{ .Values.service.nodePorts.transport }}
|
||||
{{- else if eq .Values.service.type "ClusterIP" }}
|
||||
nodePort: null
|
||||
{{- end }}
|
||||
{{- if .Values.service.extraPorts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
|
||||
{{- if (include "opensearch.coordinating.enabled" .) }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- else }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- end }}
|
||||
141
bitnami/opensearch/templates/tls-secret.yaml
Normal file
141
bitnami/opensearch/templates/tls-secret.yaml
Normal file
@@ -0,0 +1,141 @@
|
||||
{{- /*
|
||||
Copyright VMware, Inc.
|
||||
SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if (include "opensearch.createTlsSecret" .) }}
|
||||
{{- $ca := genCA "opensearch-ca" 365 }}
|
||||
{{- $releaseNamespace := include "common.names.namespace" . }}
|
||||
{{- $clusterDomain := .Values.clusterDomain }}
|
||||
{{- $cert := genSignedCert "admin" nil nil 365 $ca }}
|
||||
{{- $secretAdminName := printf "%s-admin-crt" (include "common.names.fullname" .) }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretAdminName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
data:
|
||||
admin.crt: {{ include "common.secrets.lookup" (dict "secret" $secretAdminName "key" "admin.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
admin.key: {{ include "common.secrets.lookup" (dict "secret" $secretAdminName "key" "admin.key" "defaultValue" $cert.Key "context" $) }}
|
||||
{{- if and (include "opensearch.master.enabled" .) (not .Values.security.tls.master.existingSecret) }}
|
||||
{{- $fullname := include "opensearch.master.fullname" . }}
|
||||
{{- $serviceName := include "opensearch.master.servicename" . }}
|
||||
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
||||
{{- if not (include "opensearch.coordinating.enabled" .) }}
|
||||
{{- $altNames = append $altNames (include "opensearch.service.name" .) }}
|
||||
{{- $altNames = append $altNames (printf "%s.%s.svc.%s" (include "opensearch.service.name" .) $releaseNamespace $clusterDomain) }}
|
||||
{{- end }}
|
||||
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
|
||||
{{- $secretName := printf "%s-crt" (include "opensearch.master.fullname" .) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/component: master
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.data.enabled" .) (not .Values.security.tls.data.existingSecret) }}
|
||||
{{- $fullname := include "opensearch.data.fullname" . }}
|
||||
{{- $serviceName := include "opensearch.data.servicename" . }}
|
||||
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
||||
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
|
||||
{{- $secretName := printf "%s-crt" (include "opensearch.data.fullname" .) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/component: data
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.coordinating.enabled" .) (not .Values.security.tls.coordinating.existingSecret) }}
|
||||
{{- $fullname := include "opensearch.coordinating.fullname" . }}
|
||||
{{- $serviceName := include "opensearch.coordinating.servicename" . }}
|
||||
{{- $altNames := list (include "opensearch.service.name" .) (printf "%s.%s.svc.%s" (include "opensearch.service.name" .) $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
||||
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
|
||||
{{- $secretName := printf "%s-crt" (include "opensearch.coordinating.fullname" .) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/component: coordinating-only
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
{{- end }}
|
||||
{{- if and (include "opensearch.ingest.enabled" .) (not .Values.security.tls.ingest.existingSecret) }}
|
||||
{{- $fullname := include "opensearch.ingest.fullname" . }}
|
||||
{{- $serviceName := include "opensearch.ingest.servicename" . }}
|
||||
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname "127.0.0.1" "localhost" }}
|
||||
{{- if .Values.ingest.service.enabled }}
|
||||
{{- $altNames = append $altNames (include "opensearch.ingest.fullname" .) }}
|
||||
{{- $altNames = append $altNames (printf "%s.%s.svc.%s" (include "opensearch.ingest.fullname" .) $releaseNamespace $clusterDomain) }}
|
||||
{{- end }}
|
||||
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
|
||||
{{- $secretName := printf "%s-crt" (include "opensearch.ingest.fullname" .) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
namespace: {{ include "common.names.namespace" . | quote }}
|
||||
labels: {{- include "common.labels.standard" . | nindent 4 }}
|
||||
{{- if .Values.commonLabels }}
|
||||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/component: ingest
|
||||
{{- if .Values.commonAnnotations }}
|
||||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
|
||||
{{- end }}
|
||||
type: kubernetes.io/tls
|
||||
data:
|
||||
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
|
||||
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
|
||||
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
2700
bitnami/opensearch/values.yaml
Normal file
2700
bitnami/opensearch/values.yaml
Normal file
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user