From d63c64504c9f018e99c326bd20fc909a933247d4 Mon Sep 17 00:00:00 2001 From: Miguel Ruiz Date: Mon, 16 May 2022 10:04:49 +0200 Subject: [PATCH] [bitnami/geode] Add missing values and features (#10179) * [bitnami/geode] Add missing values and features Signed-off-by: Miguel Ruiz * Apply suggestions Signed-off-by: Miguel Ruiz --- bitnami/geode/Chart.yaml | 2 +- bitnami/geode/README.md | 49 +++++++++++-------- bitnami/geode/templates/locator/service.yaml | 3 ++ .../geode/templates/locator/statefulset.yaml | 3 ++ .../geode/templates/server/statefulset.yaml | 3 ++ bitnami/geode/templates/service-account.yaml | 10 +++- bitnami/geode/templates/servicemonitor.yaml | 5 +- bitnami/geode/values.yaml | 39 ++++++++++++--- 8 files changed, 81 insertions(+), 33 deletions(-) diff --git a/bitnami/geode/Chart.yaml b/bitnami/geode/Chart.yaml index 36f6c3c2df..e70d6508d3 100644 --- a/bitnami/geode/Chart.yaml +++ b/bitnami/geode/Chart.yaml @@ -22,4 +22,4 @@ name: geode sources: - https://github.com/bitnami/bitnami-docker-geode - https://github.com/apache/geode -version: 0.4.21 +version: 0.5.0 diff --git a/bitnami/geode/README.md b/bitnami/geode/README.md index 4fcae7818a..3c07809e8c 100644 --- a/bitnami/geode/README.md +++ b/bitnami/geode/README.md @@ -160,6 +160,7 @@ The command removes all the Kubernetes components associated with the chart and | `locator.affinity` | Affinity for Locator pods assignment | `{}` | | `locator.nodeSelector` | Node labels for Locator pods assignment | `{}` | | `locator.tolerations` | Tolerations for Locator pods assignment | `[]` | +| `locator.terminationGracePeriodSeconds` | In seconds, time the given to the Locator pod needs to terminate gracefully | `""` | | `locator.topologySpreadConstraints` | Topology Spread Constraints for Locator pods assignment spread across your cluster among failure-domains | `[]` | | `locator.updateStrategy.type` | Locator statefulset strategy type | `RollingUpdate` | | `locator.priorityClassName` | Locator pods' priorityClassName | `""` | @@ -180,6 +181,7 @@ The command removes all the Kubernetes components associated with the chart and | `locator.service.nodePorts.locator` | Node port for multicast | `""` | | `locator.service.nodePorts.http` | Node port for HTTP | `""` | | `locator.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `locator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | | `locator.service.clusterIP` | Locator service Cluster IP | `""` | | `locator.service.loadBalancerIP` | Locator service Load Balancer IP | `""` | | `locator.service.loadBalancerSourceRanges` | Locator service Load Balancer sources | `[]` | @@ -253,6 +255,7 @@ The command removes all the Kubernetes components associated with the chart and | `server.affinity` | Affinity for Cache server pods assignment | `{}` | | `server.nodeSelector` | Node labels for Cache server pods assignment | `{}` | | `server.tolerations` | Tolerations for Cache server pods assignment | `[]` | +| `server.terminationGracePeriodSeconds` | In seconds, time the given to the Cache server pod needs to terminate gracefully | `""` | | `server.topologySpreadConstraints` | Topology Spread Constraints for Cache server pods assignment spread across your cluster among failure-domains | `[]` | | `server.updateStrategy.type` | Cache server statefulset strategy type | `RollingUpdate` | | `server.priorityClassName` | Cache server pods' priorityClassName | `""` | @@ -279,20 +282,21 @@ The command removes all the Kubernetes components associated with the chart and ### Traffic Exposure Parameters -| Name | Description | Value | -| --------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `ingress.enabled` | Enable ingress record generation for Apache Geode | `false` | -| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | -| `ingress.hostname` | Default host for the ingress record | `geode.local` | -| `ingress.path` | Default path for the ingress record | `/pulse` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | -| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | -| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | -| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| Name | Description | Value | +| -------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `ingress.enabled` | Enable ingress record generation for Apache Geode | `false` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `ingress.hostname` | Default host for the ingress record | `geode.local` | +| `ingress.path` | Default path for the ingress record | `/pulse` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | ### Init Container Parameters @@ -307,6 +311,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | | `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | | `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` | | `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | @@ -349,17 +354,19 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | | `metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | | `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | ### Other Parameters -| Name | Description | Value | -| --------------------------------------------- | ---------------------------------------------------------------------- | ------- | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | -| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------- | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | The above parameters map to the env variables defined in [bitnami/geode](https://github.com/bitnami/bitnami-docker-geode). For more information please refer to the [bitnami/geode](https://github.com/bitnami/bitnami-docker-geode) image documentation. diff --git a/bitnami/geode/templates/locator/service.yaml b/bitnami/geode/templates/locator/service.yaml index dae0372fe5..e72a8e88ab 100644 --- a/bitnami/geode/templates/locator/service.yaml +++ b/bitnami/geode/templates/locator/service.yaml @@ -20,6 +20,9 @@ metadata: spec: type: {{ .Values.locator.service.type }} sessionAffinity: {{ .Values.locator.service.sessionAffinity }} + {{- if .Values.locator.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.locator.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} {{- if and (eq .Values.locator.service.type "ClusterIP") .Values.locator.service.clusterIP }} clusterIP: {{ .Values.locator.service.clusterIP }} {{- end }} diff --git a/bitnami/geode/templates/locator/statefulset.yaml b/bitnami/geode/templates/locator/statefulset.yaml index 47f1736359..0a7bea3d60 100644 --- a/bitnami/geode/templates/locator/statefulset.yaml +++ b/bitnami/geode/templates/locator/statefulset.yaml @@ -82,6 +82,9 @@ spec: {{- if .Values.locator.podSecurityContext.enabled }} securityContext: {{- omit .Values.locator.podSecurityContext "enabled" | toYaml | nindent 8 }} {{- end }} + {{- if .Values.locator.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.locator.terminationGracePeriodSeconds }} + {{- end }} {{- if or .Values.volumePermissions.enabled .Values.locator.initContainers }} initContainers: {{- if .Values.volumePermissions.enabled }} diff --git a/bitnami/geode/templates/server/statefulset.yaml b/bitnami/geode/templates/server/statefulset.yaml index b98bb9d296..118b70fbe1 100644 --- a/bitnami/geode/templates/server/statefulset.yaml +++ b/bitnami/geode/templates/server/statefulset.yaml @@ -81,6 +81,9 @@ spec: {{- if .Values.server.schedulerName }} schedulerName: {{ .Values.server.schedulerName }} {{- end }} + {{- if .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} + {{- end }} {{- if .Values.server.podSecurityContext.enabled }} securityContext: {{- omit .Values.server.podSecurityContext "enabled" | toYaml | nindent 8 }} {{- end }} diff --git a/bitnami/geode/templates/service-account.yaml b/bitnami/geode/templates/service-account.yaml index d7f750917c..748493453e 100644 --- a/bitnami/geode/templates/service-account.yaml +++ b/bitnami/geode/templates/service-account.yaml @@ -7,7 +7,13 @@ metadata: {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.serviceAccount.annotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.serviceAccount.annotations "context" $) | nindent 4 }} + {{- end }} {{- end }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} diff --git a/bitnami/geode/templates/servicemonitor.yaml b/bitnami/geode/templates/servicemonitor.yaml index 239001c4aa..f3967539b4 100644 --- a/bitnami/geode/templates/servicemonitor.yaml +++ b/bitnami/geode/templates/servicemonitor.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: {{- if .Values.metrics.serviceMonitor.jobLabel }} - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel | quote }} {{- end }} namespaceSelector: matchNames: @@ -34,6 +34,9 @@ spec: {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} {{- if .Values.metrics.serviceMonitor.metricRelabelings }} metricRelabelings: {{ toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 8 }} {{- end }} diff --git a/bitnami/geode/values.yaml b/bitnami/geode/values.yaml index 5d92798464..a90bd0d8fb 100644 --- a/bitnami/geode/values.yaml +++ b/bitnami/geode/values.yaml @@ -337,6 +337,10 @@ locator: ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] + ## @param locator.terminationGracePeriodSeconds In seconds, time the given to the Locator pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" ## @param locator.topologySpreadConstraints Topology Spread Constraints for Locator pods assignment spread across your cluster among failure-domains ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods ## @@ -432,6 +436,12 @@ locator: ## ref: https://kubernetes.io/docs/user-guide/services/ ## sessionAffinity: None + ## @param locator.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} ## @param locator.service.clusterIP Locator service Cluster IP ## e.g.: ## clusterIP: None @@ -679,6 +689,10 @@ server: ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] + ## @param server.terminationGracePeriodSeconds In seconds, time the given to the Cache server pod needs to terminate gracefully + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods + ## + terminationGracePeriodSeconds: "" ## @param server.topologySpreadConstraints Topology Spread Constraints for Cache server pods assignment spread across your cluster among failure-domains ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods ## @@ -797,6 +811,11 @@ ingress: ## @param ingress.enabled Enable ingress record generation for Apache Geode ## enabled: false + ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . + ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ + ## + ingressClassName: "" ## @param ingress.pathType Ingress path type ## pathType: ImplementationSpecific @@ -919,12 +938,14 @@ volumePermissions: requests: {} ## Init container Container Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param volumePermissions.containerSecurityContext.enabled Enabled init container Security Context ## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser ## NOTE: when runAsUser is set to special value "auto", init container will try to chown the ## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2` ## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed) ## containerSecurityContext: + enabled: true runAsUser: 0 ## @section Metrics parameters @@ -1051,22 +1072,24 @@ metrics: ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration ## selector: {} + ## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels + ## + honorLabels: false ## @section Other Parameters -## ServiceAccount configuration +## Pods Service Account +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## @param serviceAccount.create Specifies whether a ServiceAccount should be created +## @param serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template. +## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account +## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`. ## serviceAccount: - ## @param serviceAccount.create Specifies whether a ServiceAccount should be created - ## create: true - ## @param serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## name: "" - ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created - ## automountServiceAccountToken: false + annotations: {} ## Network policies ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/