diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 071e9b824..0f6d45585 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -23,6 +23,91 @@ If release name contains chart name it will be used as a full name. {{- end }} {{- end }} +{{/* +Create a fully qualified datatracker name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "datatracker.datatracker.fullname" -}} +{{- if .Values.datatracker.fullnameOverride -}} +{{- .Values.datatracker.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.datatracker.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.datatracker.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified celery name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "datatracker.celery.fullname" -}} +{{- if .Values.celery.fullnameOverride -}} +{{- .Values.celery.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.celery.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.celery.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified celery name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "datatracker.beat.fullname" -}} +{{- if .Values.beat.fullnameOverride -}} +{{- .Values.beat.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.beat.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.beat.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified rabbitmq name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "datatracker.rabbitmq.fullname" -}} +{{- if .Values.rabbitmq.fullnameOverride -}} +{{- .Values.rabbitmq.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.rabbitmq.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.rabbitmq.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a fully qualified memcached name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "datatracker.memcached.fullname" -}} +{{- if .Values.memcached.fullnameOverride -}} +{{- .Values.memcached.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-%s" .Release.Name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + {{/* Create chart name and version as used by the chart label. */}} @@ -53,10 +138,42 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{/* Create the name of the service account to use */}} -{{- define "datatracker.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "datatracker.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} +{{- define "datatracker.serviceAccountName.datatracker" -}} +{{- if .Values.serviceAccounts.datatracker.create -}} + {{ default (include "datatracker.datatracker.fullname" .) .Values.serviceAccounts.datatracker.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.datatracker.name }} +{{- end -}} {{- end }} + +{{- define "datatracker.serviceAccountName.celery" -}} +{{- if .Values.serviceAccounts.celery.create -}} + {{ default (include "datatracker.celery.fullname" .) .Values.serviceAccounts.celery.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.celery.name }} +{{- end -}} +{{- end }} + +{{- define "datatracker.serviceAccountName.beat" -}} +{{- if .Values.serviceAccounts.beat.create -}} + {{ default (include "datatracker.beat.fullname" .) .Values.serviceAccounts.beat.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.beat.name }} +{{- end -}} +{{- end }} + +{{- define "datatracker.serviceAccountName.rabbitmq" -}} +{{- if .Values.serviceAccounts.rabbitmq.create -}} + {{ default (include "datatracker.rabbitmq.fullname" .) .Values.serviceAccounts.rabbitmq.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.rabbitmq.name }} +{{- end -}} +{{- end }} + +{{- define "datatracker.serviceAccountName.memcached" -}} +{{- if .Values.serviceAccounts.memcached.create -}} + {{ default (include "datatracker.memcached.fullname" .) .Values.serviceAccounts.memcached.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.memcached.name }} +{{- end -}} {{- end }} \ No newline at end of file diff --git a/helm/templates/deployment.yaml b/helm/templates/deployments/beat.yaml similarity index 95% rename from helm/templates/deployment.yaml rename to helm/templates/deployments/beat.yaml index b47c41a97..41f76b7f4 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployments/beat.yaml @@ -29,6 +29,7 @@ spec: image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}" imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} env: + CONTAINER_ROLE: beat {{- if .Values.env }} {{- toYaml .Values.env | nindent 12 }} {{- end }} diff --git a/helm/templates/deployments/celery.yaml b/helm/templates/deployments/celery.yaml new file mode 100644 index 000000000..f34678307 --- /dev/null +++ b/helm/templates/deployments/celery.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datatracker.fullname" . }} + labels: + {{- include "datatracker.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "datatracker.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datatracker.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datatracker.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + CONTAINER_ROLE: celery + {{- if .Values.env }} + {{- toYaml .Values.env | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/templates/deployments/datatracker.yaml b/helm/templates/deployments/datatracker.yaml new file mode 100644 index 000000000..1f403787e --- /dev/null +++ b/helm/templates/deployments/datatracker.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datatracker.fullname" . }} + labels: + {{- include "datatracker.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "datatracker.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datatracker.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datatracker.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + CONTAINER_ROLE: datatracker + {{- if .Values.env }} + {{- toYaml .Values.env | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/templates/deployments/memcached.yaml b/helm/templates/deployments/memcached.yaml new file mode 100644 index 000000000..41f76b7f4 --- /dev/null +++ b/helm/templates/deployments/memcached.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datatracker.fullname" . }} + labels: + {{- include "datatracker.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "datatracker.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datatracker.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datatracker.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + CONTAINER_ROLE: beat + {{- if .Values.env }} + {{- toYaml .Values.env | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/templates/deployments/rabbitmq.yaml b/helm/templates/deployments/rabbitmq.yaml new file mode 100644 index 000000000..41f76b7f4 --- /dev/null +++ b/helm/templates/deployments/rabbitmq.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "datatracker.fullname" . }} + labels: + {{- include "datatracker.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "datatracker.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "datatracker.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "datatracker.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}" + imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }} + env: + CONTAINER_ROLE: beat + {{- if .Values.env }} + {{- toYaml .Values.env | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml index 8d9258cd8..68034601a 100644 --- a/helm/templates/ingress.yaml +++ b/helm/templates/ingress.yaml @@ -1,9 +1,9 @@ -{{- if .Values.ingress.enabled -}} +{{- if .Values.datatracker.ingress.enabled -}} {{- $fullName := include "datatracker.fullname" . -}} {{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} +{{- if and .Values.datatracker.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.datatracker.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.datatracker.ingress.annotations "kubernetes.io/ingress.class" .Values.datatracker.ingress.className}} {{- end }} {{- end }} {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} @@ -18,17 +18,17 @@ metadata: name: {{ $fullName }} labels: {{- include "datatracker.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} + {{- with .Values.datatracker.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} + {{- if and .Values.datatracker.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.datatracker.ingress.className }} {{- end }} - {{- if .Values.ingress.tls }} + {{- if .Values.datatracker.ingress.tls }} tls: - {{- range .Values.ingress.tls }} + {{- range .Values.datatracker.ingress.tls }} - hosts: {{- range .hosts }} - {{ . | quote }} @@ -37,7 +37,7 @@ spec: {{- end }} {{- end }} rules: - {{- range .Values.ingress.hosts }} + {{- range .Values.datatracker.ingress.hosts }} - host: {{ .host | quote }} http: paths: diff --git a/helm/templates/rbac/beat-serviceaccount.yaml b/helm/templates/rbac/beat-serviceaccount.yaml new file mode 100644 index 000000000..f9fa5830c --- /dev/null +++ b/helm/templates/rbac/beat-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.beat.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datatracker.serviceAccountName.beat" . }} + labels: + {{- include "datatracker.beat.labels" . | nindent 4 }} + {{- with .Values.serviceAccounts.beat.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/rbac/celery-serviceaccount.yaml b/helm/templates/rbac/celery-serviceaccount.yaml new file mode 100644 index 000000000..267d1dce3 --- /dev/null +++ b/helm/templates/rbac/celery-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.celery.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datatracker.serviceAccountName.celery" . }} + labels: + {{- include "datatracker.celery.labels" . | nindent 4 }} + {{- with .Values.serviceAccounts.celery.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/rbac/datatracker-serviceaccount.yaml b/helm/templates/rbac/datatracker-serviceaccount.yaml new file mode 100644 index 000000000..8f37799ba --- /dev/null +++ b/helm/templates/rbac/datatracker-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.datatracker.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datatracker.serviceAccountName.datatracker" . }} + labels: + {{- include "datatracker.datatracker.labels" . | nindent 4 }} + {{- with .Values.serviceAccounts.datatracker.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/rbac/memcached-serviceaccount.yaml b/helm/templates/rbac/memcached-serviceaccount.yaml new file mode 100644 index 000000000..ba150a406 --- /dev/null +++ b/helm/templates/rbac/memcached-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.memcached.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datatracker.serviceAccountName.memcached" . }} + labels: + {{- include "datatracker.memcached.labels" . | nindent 4 }} + {{- with .Values.serviceAccounts.memcached.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/rbac/rabbitmq-serviceaccount.yaml b/helm/templates/rbac/rabbitmq-serviceaccount.yaml new file mode 100644 index 000000000..c9ce12748 --- /dev/null +++ b/helm/templates/rbac/rabbitmq-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccounts.rabbitmq.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "datatracker.serviceAccountName.rabbitmq" . }} + labels: + {{- include "datatracker.rabbitmq.labels" . | nindent 4 }} + {{- with .Values.serviceAccounts.rabbitmq.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml index f1bdca0ad..e7b310f98 100644 --- a/helm/templates/service.yaml +++ b/helm/templates/service.yaml @@ -3,16 +3,16 @@ kind: Service metadata: name: {{include "datatracker.fullname" .}} labels: {{- include "datatracker.labels" . | nindent 4 }} - {{- with .Values.service.annotations }} + {{- with .Values.datatracker.service.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: - type: {{.Values.service.type}} + type: {{.Values.datatracker.service.type}} ports: - - port: {{ default "80" .Values.service.port}} + - port: {{ default "80" .Values.datatracker.service.port}} targetPort: http protocol: TCP name: http diff --git a/helm/templates/serviceaccount.yaml b/helm/templates/serviceaccount.yaml deleted file mode 100644 index 475fcd51f..000000000 --- a/helm/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName" . }} - labels: - {{- include "datatracker.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} \ No newline at end of file diff --git a/helm/values.yaml b/helm/values.yaml index 92efbce9d..31f5e25cf 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -2,117 +2,488 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -replicaCount: 1 +## Define serviceAccount names for components. Defaults to component's fully qualified name. +## +serviceAccounts: + datatracker: + create: true + name: + annotations: {} + celery: + create: true + name: + annotations: {} + beat: + create: true + name: + annotations: {} + rabbitmq: + create: true + name: + annotations: {} + memcached: + create: true + name: + annotations: {} -image: - repository: "ghcr.io/ietf-tools/datatracker" - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: "v1.1.0" +# ------------------------------------------------------------- +# DATATRACKER +# ------------------------------------------------------------- -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" +datatracker: + image: + repository: "ghcr.io/ietf-tools/datatracker" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + # tag: "v1.1.0" -serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" -livenessProbe: - httpGet: - path: /healthz - port: http + ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: datatracker.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local -readinessProbe: - httpGet: - path: /healthz - port: http + livenessProbe: + httpGet: + path: /health + port: http -startupProbe: - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 60 - httpGet: - path: /healthz - port: http + podAnnotations: {} + podLabels: {} -podAnnotations: {} -podLabels: {} + podSecurityContext: {} + # fsGroup: 2000 -podSecurityContext: {} - # fsGroup: 2000 + readinessProbe: + httpGet: + path: /health + port: http -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + replicaCount: 1 -service: - type: ClusterIP - port: 80 + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: datatracker.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + service: + type: ClusterIP + port: 80 + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + startupProbe: + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 60 + httpGet: + path: /health + port: http + + # Additional volumes on the output Deployment definition. + volumes: [] + # - name: foo + # secret: + # secretName: mysecret + # optional: false + + # Additional volumeMounts on the output Deployment definition. + volumeMounts: [] + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + + tolerations: [] + + nodeSelector: {} + + affinity: {} + +# ------------------------------------------------------------- +# CELERY +# ------------------------------------------------------------- + +celery: + image: + repository: "ghcr.io/ietf-tools/datatracker" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + # tag: "v1.1.0" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + livenessProbe: + exec: + command: celery inspect ping + periodSeconds: 30 + timeoutSeconds: 5 + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + replicaCount: 1 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + type: ClusterIP + port: 80 + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + startupProbe: + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 60 + exec: + command: celery inspect ping + + # Additional volumes on the output Deployment definition. + volumes: [] + # - name: foo + # secret: + # secretName: mysecret + # optional: false + + # Additional volumeMounts on the output Deployment definition. + volumeMounts: [] + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + + tolerations: [] + + nodeSelector: {} + + affinity: {} + +# ------------------------------------------------------------- +# BEAT +# ------------------------------------------------------------- + +beat: + image: + repository: "ghcr.io/ietf-tools/datatracker" + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + # tag: "v1.1.0" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + livenessProbe: + exec: + command: celery inspect ping + periodSeconds: 30 + timeoutSeconds: 5 + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + replicaCount: 1 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + type: ClusterIP + port: 80 + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + startupProbe: + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 60 + exec: + command: celery inspect ping + + # Additional volumes on the output Deployment definition. + volumes: [] + # - name: foo + # secret: + # secretName: mysecret + # optional: false + + # Additional volumeMounts on the output Deployment definition. + volumeMounts: [] + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + + tolerations: [] + + nodeSelector: {} + + affinity: {} + +# ------------------------------------------------------------- +# RABBITMQ +# ------------------------------------------------------------- + +rabbitmq: + image: + repository: "ghcr.io/ietf-tools/datatracker-mq" + pullPolicy: IfNotPresent + tag: "latest" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + livenessProbe: + exec: + command: rabbitmq-diagnostics -q ping + periodSeconds: 30 + timeoutSeconds: 5 + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + replicaCount: 1 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + type: ClusterIP + port: 80 + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + startupProbe: + initialDelaySeconds: 15 + periodSeconds: 5 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 60 + exec: + command: rabbitmq-diagnostics -q ping + + # Additional volumes on the output Deployment definition. + volumes: [] + # - name: foo + # secret: + # secretName: mysecret + # optional: false + + # Additional volumeMounts on the output Deployment definition. + volumeMounts: [] + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + + tolerations: [] + + nodeSelector: {} + + affinity: {} + +# ------------------------------------------------------------- +# MEMCACHED +# ------------------------------------------------------------- + +memcached: + image: + repository: "memcached" + pullPolicy: IfNotPresent + tag: "latest" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + replicaCount: 1 + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + service: + type: ClusterIP + port: 80 + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + tolerations: [] + + nodeSelector: {} + + affinity: {} + +# ------------------------------------------------------------- +# COMMON +# ------------------------------------------------------------- autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -# Additional volumes on the output Deployment definition. -volumes: [] -# - name: foo -# secret: -# secretName: mysecret -# optional: false - -# Additional volumeMounts on the output Deployment definition. -volumeMounts: [] -# - name: foo -# mountPath: "/etc/foo" -# readOnly: true - -nodeSelector: {} - -tolerations: [] - -affinity: {} \ No newline at end of file + # targetMemoryUtilizationPercentage: 80 \ No newline at end of file