Skip to content
Snippets Groups Projects
Commit 387fe1e6 authored by garciadeblas's avatar garciadeblas
Browse files

Update fb_magma_knf to fix issues in orc8r helm chart 


Signed-off-by: default avatargarciadeblas <gerardo.garciadeblas@telefonica.com>
parent f293be5e
No related tags found
No related merge requests found
Pipeline #14590 failed with stage
Stage:
    Expand all Hide whitespace changes
    Inline Side-by-side
    Showing
    with 1815 additions and 1 deletion
    magma/fb_magma_knf/fb_magma_vnfd.yaml
    + 1
    1
    View file @ 387fe1e6
    ......@@ -11,7 +11,7 @@ vnfd:
    - id: mgmtnet
    kdu:
    - name: orc8r
    helm-chart: magma/orc8r
    helm-chart: orc8r
    mgmt-cp: mgmt-ext
    product-name: fb_magma_knf
    provider: ATOS
    ......
    magma/fb_magma_knf/helm-chart-v3s/orc8r/.helmignore 0 → 100644
    + 22
    0
    View file @ 387fe1e6
    # Patterns to ignore when building packages.
    # This supports shell glob matching, relative path matching, and
    # negation (prefixed with !). Only one pattern per line.
    .DS_Store
    # Common VCS dirs
    .git/
    .gitignore
    .bzr/
    .bzrignore
    .hg/
    .hgignore
    .svn/
    # Common backup files
    *.swp
    *.bak
    *.tmp
    *~
    # Various IDEs
    .project
    .idea/
    *.tmproj
    .vscode/
    magma/fb_magma_knf/helm-chart-v3s/orc8r/Chart.yaml 0 → 100644
    + 10
    0
    View file @ 387fe1e6
    apiVersion: v1
    appVersion: "1.0"
    description: A Helm chart for magma orchestrator
    keywords:
    - magma
    - or8cr
    name: orc8r
    sources:
    - https://github.com/facebookincubator/magma
    version: 0.1.3
    magma/fb_magma_knf/helm-chart-v3s/orc8r/README.md 0 → 100644
    + 122
    0
    View file @ 387fe1e6
    # Orchestrator Helm Deployment
    [![IcePanel](http://designer.icepanel.io/img/badges/view.svg)](http://staging.designer.icepanel.io?ref=https://raw.githubusercontent.com/felipevicens/fb-magma-helm-chart/master/orc8r/output/icepanel.yml)
    The contents of this README have been moved to the "Deploying Orchestrator"
    section of the docs: https://facebookincubator.github.io/magma.
    If you're running locally in Minikube, see the section below.
    ## Configuration
    The following table list the configurable parameters of the orchestrator chart and their default values.
    | Parameter | Description | Default |
    | --- | --- | --- |
    | `imagePullSecrets` | Reference to one or more secrets to be used when pulling images. | `[]` |
    | `secrets.create` | Create orchestrator secrets. See charts/secrets subchart. | `false` |
    | `secret.certs` | Secret name containing orchestrator certs. | `orc8r-secrets-certs` |
    | `secret.configs` | Secret name containing orchestrator configs. | `orc8r-secrets-configs` |
    | `secret.envdir` | Secret name containing orchestrator envdir. | `orc8r-secrets-envdir` |
    | `proxy.service.annotations` | Annotations to be added to the proxy service. | `{}` |
    | `proxy.service.labels` | Proxy service labels. | `{}` |
    | `proxy.service.type` | Proxy service type. | `ClusterIP` |
    | `proxy.service.port.clientcert.port` | Proxy client certificate service external port. | `9443` |
    | `proxy.service.port.clientcert.targetPort` | Proxy client certificate service internal port. | `9443` |
    | `proxy.service.port.clientcert.nodePort` | Proxy client certificate service node port. | `nil` |
    | `proxy.service.port.open.port` | Proxy open service external port. | `9444` |
    | `proxy.service.port.open.targetPort` | Proxy open service internal port. | `9444` |
    | `proxy.service.port.open.nodePort` | Proxy open service node port. | `nil` |
    | `proxy.image.repository` | Repository for orchestrator proxy image. | `nil` |
    | `proxy.image.tag` | Tag for orchestrator proxy image. | `latest` |
    | `proxy.image.pullPolicy` | Pull policy for orchestrator proxy image. | `IfNotPresent` |
    | `proxy.spec.hostname` | Magma controller domain name. | `""` |
    | `proxy.replicas` | Number of instances to deploy for orchestrator proxy. | `1` |
    | `proxy.resources` | Define resources requests and limits for Pods. | `{}` |
    | `proxy.nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` |
    | `proxy.tolerations` | If specified, the pod's tolerations. | `[]` |
    | `proxy.affinity` | Assign the orchestrator proxy to run on specific nodes. | `{}` |
    | `controller.service.annotations` | Annotations to be added to the controller service. | `{}` |
    | `controller.service.labels` | Controller service labels. | `{}` |
    | `controller.service.type` | Controller service type. | `ClusterIP` |
    | `controller.service.port` | Controller web service external port. | `8080` |
    | `controller.service.targetPort` | Controller web service internal port. | `8080` |
    | `controller.service.portStart` | Controller service port range start. | `9079` |
    | `controller.service.portEnd` | Controller service inclusive port range end. | `9108` |
    | `controller.image.repository` | Repository for orchestrator controller image. | `nil` |
    | `controller.image.tag` | Tag for orchestrator controller image. | `latest` |
    | `controller.image.pullPolicy` | Pull policy for orchestrator controller image. | `IfNotPresent` |
    | `controller.spec.database.driver` | orc8r database name. | `mysql/postgres` |
    | `controller.spec.database.sql_dialect` | database dialect name. | `maria/psql` |
    | `controller.spec.database.db` | orc8r database name. | `magma` |
    | `controller.spec.database.host` | database host. | `postgresql` |
    | `controller.spec.database.port` | database port. | `5432` |
    | `controller.spec.database.user` | Database username. | `postgres` |
    | `controller.spec.database.pass` | Database password. | `postgres` |
    | `controller.replicas` | Number of instances to deploy for orchestrator controller. | `1` |
    | `controller.resources` | Define resources requests and limits for Pods. | `{}` |
    | `controller.nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` |
    | `controller.tolerations` | If specified, the pod's tolerations. | `[]` |
    | `controller.affinity` | Assign the orchestrator proxy to run on specific nodes. | `{}` |
    | `nms.magmalte.manifests.configmap` | Enable nms magmalte configmap. | `false` |
    | `nms.magmalte.manifests.secrets` | Enable nms magmalte secrets. | `false` |
    | `nms.magmalte.manifests.deployment` | Enable nms magmalte deployment. | `false` |
    | `nms.magmalte.manifests.service` | Enable nms magmalte service. | `false` |
    | `nms.magmalte.manifests.rbac` | Enable nms magmalte rbac. | `false` |
    | `nms.nginx.manifests.configmap` | Enable nms nginx configmap. | `false` |
    | `nms.nginx.manifests.secrets` | Enable nms nginx secrets. | `false` |
    | `nms.nginx.manifests.deployment` | Enable nms nginx deployment. | `false` |
    | `nms.nginx.manifests.service` | Enable nms nginx service. | `false` |
    | `nms.nginx.manifests.rbac` | Enable nms nginx rbac. | `false` |
    ## Running in Minikube
    For the most part, you'll still follow the docs. Here's what you should do
    before doing that.
    - Start Minikube with 8192 MB of memory and 4 CPUs. This example uses Kuberenetes version 1.14.1 and uses [Minikube Hypervisor Driver](https://kubernetes.io/docs/tasks/tools/install-minikube/#install-a-hypervisor):
    ```bash
    $ minikube start --memory=8192 --cpus=4 --kubernetes-version=v1.14.1 --mount --mount-string "<path-to-metrics-configs>:/configs"
    ```
    - Install Postgres Helm chart:
    ```bash
    $ helm install \
    --name postgresql \
    --namespace magma \
    --set postgresqlPassword=postgres,postgresqlDatabase=magma,fullnameOverride=postgresql \
    stable/postgresql
    ```
    - Copy orchestrator secrets (this replaces the secret management steps for
    the deployment guide):
    ```bash
    cd magma/orc8r/cloud/helm/orc8r
    mkdir -p charts/secrets/.secrets/certs
    # You need to add the following files to the certs directory:
    # bootstrapper.key certifier.key certifier.pem vpn_ca.crt vpn_ca.key
    # admin_operator.pem admin_operator.key.pem nms_nginx.pem nms_nginx.key.pem
    # controller.crt controller.key rootCA.pem
    # The controller.crt, controller.key and rootCA.pem are the certificate info
    # for your public domain name.
    # For local testing, you can do the following after running Orc8r using docker:
    cp -r ../../../../.cache/test_certs/* charts/secrets/.secrets/certs/.
    ```
    - Add the admin in the datastore:
    ```bash
    kubectl exec -it -n magma \
    $(kubectl get pod -n magma -l app.kubernetes.io/component=controller -o jsonpath="{.items[0].metadata.name}") -- \
    /var/opt/magma/bin/accessc add-existing -admin -cert /var/opt/magma/certs/admin_operator.pem admin_operator
    ```
    - Port forward traffic to orchestrator proxy:
    ```bash
    kubectl port-forward -n magma svc/orc8r-proxy 9443:9443
    # If using minikube, run:
    minikube service orc8r-proxy -n magma --https
    ```
    - Orchestrator proxy should be reachable via https://localhost:9443 and
    requires magma client certificate to be installed on browser.
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/logging/Chart.yaml 0 → 100644
    + 11
    0
    View file @ 387fe1e6
    apiVersion: v1
    appVersion: "1.0"
    description: A Helm chart for log aggregation infrastructure
    keywords:
    - magma
    - or8cr
    - logging
    name: logging
    sources:
    - https://github.com/facebookincubator/magma
    version: 0.1.5
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/logging/templates/_helpers.tpl 0 → 100644
    + 45
    0
    View file @ 387fe1e6
    {{/*
    Expand the name of the chart.
    */}}
    {{- define "logging.name" -}}
    {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{/*
    Create a default fully qualified app name.
    We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
    If release name contains chart name it will be used as a full name.
    */}}
    {{- define "logging.fullname" -}}
    {{- if .Values.fullnameOverride -}}
    {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
    {{- $name := default .Chart.Name .Values.nameOverride -}}
    {{- if contains $name .Release.Name -}}
    {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
    {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Create chart name and version as used by the chart label.
    */}}
    {{- define "logging.chart" -}}
    {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{/*
    Common labels
    */}}
    {{- define "logging.labels" -}}
    app.kubernetes.io/name: {{ include "logging.name" . }}
    helm.sh/chart: {{ include "logging.chart" . }}
    app.kubernetes.io/instance: orc8r
    {{- if .Chart.AppVersion }}
    app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
    {{- end }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
    {{- end -}}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/logging/templates/fluentd-daemon.configmap.yaml 0 → 100644
    + 302
    0
    View file @ 387fe1e6
    kind: ConfigMap
    apiVersion: v1
    metadata:
    name: orc8r-fluentd-es-configs
    namespace: {{ .Release.Namespace }}
    labels:
    addonmanager.kubernetes.io/mode: Reconcile
    data:
    kubernetes.conf: |-
    <match fluent.**>
    @type null
    </match>
    <source>
    @type tail
    @id in_tail_container_logs
    path /var/log/containers/*.log
    pos_file /var/log/fluentd-containers.log.pos
    tag kubernetes.*
    read_from_head true
    <parse>
    @type "#{ENV['FLUENT_CONTAINER_TAIL_PARSER_TYPE'] || 'json'}"
    time_format %Y-%m-%dT%H:%M:%S.%NZ
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_minion
    path /var/log/salt/minion
    pos_file /var/log/fluentd-salt.pos
    tag salt
    <parse>
    @type regexp
    expression /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
    time_format %Y-%m-%d %H:%M:%S
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_startupscript
    path /var/log/startupscript.log
    pos_file /var/log/fluentd-startupscript.log.pos
    tag startupscript
    <parse>
    @type syslog
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_docker
    path /var/log/docker.log
    pos_file /var/log/fluentd-docker.log.pos
    tag docker
    <parse>
    @type regexp
    expression /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_etcd
    path /var/log/etcd.log
    pos_file /var/log/fluentd-etcd.log.pos
    tag etcd
    <parse>
    @type none
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_kubelet
    multiline_flush_interval 5s
    path /var/log/kubelet.log
    pos_file /var/log/fluentd-kubelet.log.pos
    tag kubelet
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_kube_proxy
    multiline_flush_interval 5s
    path /var/log/kube-proxy.log
    pos_file /var/log/fluentd-kube-proxy.log.pos
    tag kube-proxy
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_kube_apiserver
    multiline_flush_interval 5s
    path /var/log/kube-apiserver.log
    pos_file /var/log/fluentd-kube-apiserver.log.pos
    tag kube-apiserver
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_kube_controller_manager
    multiline_flush_interval 5s
    path /var/log/kube-controller-manager.log
    pos_file /var/log/fluentd-kube-controller-manager.log.pos
    tag kube-controller-manager
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_kube_scheduler
    multiline_flush_interval 5s
    path /var/log/kube-scheduler.log
    pos_file /var/log/fluentd-kube-scheduler.log.pos
    tag kube-scheduler
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_rescheduler
    multiline_flush_interval 5s
    path /var/log/rescheduler.log
    pos_file /var/log/fluentd-rescheduler.log.pos
    tag rescheduler
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_glbc
    multiline_flush_interval 5s
    path /var/log/glbc.log
    pos_file /var/log/fluentd-glbc.log.pos
    tag glbc
    <parse>
    @type kubernetes
    </parse>
    </source>
    <source>
    @type tail
    @id in_tail_cluster_autoscaler
    multiline_flush_interval 5s
    path /var/log/cluster-autoscaler.log
    pos_file /var/log/fluentd-cluster-autoscaler.log.pos
    tag cluster-autoscaler
    <parse>
    @type kubernetes
    </parse>
    </source>
    # Example:
    # 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="<self>" asgroups="<lookup>" namespace="default" uri="/api/v1/namespaces/default/pods"
    # 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
    <source>
    @type tail
    @id in_tail_kube_apiserver_audit
    multiline_flush_interval 5s
    path /var/log/kubernetes/kube-apiserver-audit.log
    pos_file /var/log/kube-apiserver-audit.log.pos
    tag kube-apiserver-audit
    <parse>
    @type multiline
    format_firstline /^\S+\s+AUDIT:/
    # Fields must be explicitly captured by name to be parsed into the record.
    # Fields may not always be present, and order may change, so this just looks
    # for a list of key="\"quoted\" value" pairs separated by spaces.
    # Unknown fields are ignored.
    # Note: We can't separate query/response lines as format1/format2 because
    # they don't always come one after the other for a given query.
    format1 /^(?<time>\S+) AUDIT:(?: (?:id="(?<id>(?:[^"\\]|\\.)*)"|ip="(?<ip>(?:[^"\\]|\\.)*)"|method="(?<method>(?:[^"\\]|\\.)*)"|user="(?<user>(?:[^"\\]|\\.)*)"|groups="(?<groups>(?:[^"\\]|\\.)*)"|as="(?<as>(?:[^"\\]|\\.)*)"|asgroups="(?<asgroups>(?:[^"\\]|\\.)*)"|namespace="(?<namespace>(?:[^"\\]|\\.)*)"|uri="(?<uri>(?:[^"\\]|\\.)*)"|response="(?<response>(?:[^"\\]|\\.)*)"|\w+="(?:[^"\\]|\\.)*"))*/
    time_format %Y-%m-%dT%T.%L%Z
    </parse>
    </source>
    <filter kubernetes.**orc8r-proxy**>
    @type parser
    key_name log
    <parse>
    @type multi_format
    <pattern>
    format regexp
    expression /^(?<time>.*)@\|@(?<remote_addr>.*)@\|@(?<http_host>.*)@\|@(?<server_port>.*)@\|@(?<request>.*)@\|@(?<status>.*)@\|@(?<body_bytes_sent>.*)@\|@(?<request_time>.*)@\|@(?<alpn>.*)@\|@(?<tls_client_serial>.*)@\|@(?<tls_client_subject_name>.*)@\|@(?<tls_session_reused>.*)@\|@(?<tls_sni>.*)@\|@(?<tls_protocol>.*)@\|@(?<tls_cipher>.*)@\|@(?<backend_host>.*)@\|@(?<backend_port>.*)$/
    time_format %iso8601
    </pattern>
    <pattern>
    format none
    </pattern>
    </parse>
    </filter>
    <filter kubernetes.**>
    @type kubernetes_metadata
    @id filter_kube_metadata
    </filter>
    systemd.conf: |-
    # Logs from systemd-journal for interesting services.
    <source>
    @type systemd
    @id in_systemd_kubelet
    matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
    <storage>
    @type local
    persistent true
    path /var/log/fluentd-journald-kubelet-cursor.json
    </storage>
    <entry>
    fields_strip_underscores true
    </entry>
    read_from_head true
    tag kubelet
    </source>
    # Logs from docker-systemd
    <source>
    @type systemd
    @id in_systemd_docker
    matches [{ "_SYSTEMD_UNIT": "docker.service" }]
    <storage>
    @type local
    persistent true
    path /var/log/fluentd-journald-docker-cursor.json
    </storage>
    <entry>
    fields_strip_underscores true
    </entry>
    read_from_head true
    tag docker.systemd
    </source>
    # Logs from systemd-journal for interesting services.
    <source>
    @type systemd
    @id in_systemd_bootkube
    matches [{ "_SYSTEMD_UNIT": "bootkube.service" }]
    <storage>
    @type local
    persistent true
    path /var/log/fluentd-journald-bootkube-cursor.json
    </storage>
    <entry>
    fields_strip_underscores true
    </entry>
    read_from_head true
    tag bootkube
    </source>
    output.conf: |-
    <match **>
    @type elasticsearch
    @id out_es
    @log_level info
    include_tag_key true
    host "#{ENV['FLUENT_ELASTICSEARCH_HOST']}"
    port "#{ENV['FLUENT_ELASTICSEARCH_PORT']}"
    scheme "#{ENV['FLUENT_ELASTICSEARCH_SCHEME'] || 'https'}"
    ssl_verify "#{ENV['FLUENT_ELASTICSEARCH_SSL_VERIFY'] || 'false'}"
    ssl_version "#{ENV['FLUENT_ELASTICSEARCH_SSL_VERSION'] || 'TLSv1'}"
    reload_connections "#{ENV['FLUENT_ELASTICSEARCH_RELOAD_CONNECTIONS'] || 'false'}"
    reconnect_on_error "#{ENV['FLUENT_ELASTICSEARCH_RECONNECT_ON_ERROR'] || 'true'}"
    reload_on_failure "#{ENV['FLUENT_ELASTICSEARCH_RELOAD_ON_FAILURE'] || 'true'}"
    log_es_400_reason "#{ENV['FLUENT_ELASTICSEARCH_LOG_ES_400_REASON'] || 'false'}"
    logstash_prefix "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_PREFIX'] || 'logstash'}"
    logstash_format "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_FORMAT'] || 'true'}"
    index_name "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_INDEX_NAME'] || 'logstash'}"
    type_name "#{ENV['FLUENT_ELASTICSEARCH_LOGSTASH_TYPE_NAME'] || 'fluentd'}"
    <buffer>
    flush_thread_count "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_FLUSH_THREAD_COUNT'] || '8'}"
    flush_interval "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_FLUSH_INTERVAL'] || '5s'}"
    chunk_limit_size "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_CHUNK_LIMIT_SIZE'] || '2M'}"
    queue_limit_length "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_QUEUE_LIMIT_LENGTH'] || '32'}"
    retry_max_interval "#{ENV['FLUENT_ELASTICSEARCH_BUFFER_RETRY_MAX_INTERVAL'] || '30'}"
    retry_forever true
    </buffer>
    </match>
    fluent.conf: |-
    @include /fluentd/etc/kubernetes.conf
    @include /fluentd/etc/systemd.conf
    @include /fluentd/etc/output.conf
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/logging/templates/fluentd.daemonset.yaml 0 → 100644
    + 125
    0
    View file @ 387fe1e6
    {{/*
    Copyright (c) 2018-present, Facebook, Inc.
    All rights reserved.
    This source code is licensed under the BSD-style license found in the
    LICENSE file in the root directory of this source tree. An additional grant
    of patent rights can be found in the PATENTS file in the same directory.
    */}}
    {{/*
    Fluentd daemonset goes in {{ .Release.Namespace }} namespace to have multiple fluentd in the same cluster
    due to the system-node-critical priority class
    */}}
    {{- if .Values.fluentd_daemon.create }}
    {{- $serviceName := "orc8r-fluentd-daemon" -}}
    apiVersion: v1
    kind: ServiceAccount
    metadata:
    name: fluentd-daemon
    namespace: {{ .Release.Namespace }}
    labels:
    k8s-app: fluentd-daemon
    addonmanager.kubernetes.io/mode: Reconcile
    ---
    kind: ClusterRole
    apiVersion: rbac.authorization.k8s.io/v1
    metadata:
    name: fluentd-daemon
    labels:
    k8s-app: fluentd-daemon
    addonmanager.kubernetes.io/mode: Reconcile
    rules:
    - apiGroups:
    - ""
    resources:
    - "namespaces"
    - "pods"
    verbs:
    - "get"
    - "watch"
    - "list"
    ---
    kind: ClusterRoleBinding
    apiVersion: rbac.authorization.k8s.io/v1
    metadata:
    name: fluentd-daemon
    labels:
    k8s-app: fluentd-daemon
    addonmanager.kubernetes.io/mode: Reconcile
    subjects:
    - kind: ServiceAccount
    name: fluentd-daemon
    namespace: {{ .Release.Namespace }}
    apiGroup: ""
    roleRef:
    kind: ClusterRole
    name: fluentd-daemon
    apiGroup: ""
    ---
    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
    name: {{ $serviceName }}
    namespace: {{ .Release.Namespace }}
    labels:
    app.kubernetes.io/component: fluentd-daemon
    spec:
    selector:
    matchLabels:
    app.kubernetes.io/component: fluentd-daemon
    template:
    metadata:
    labels:
    k8s-app: fluentd-daemon
    app.kubernetes.io/component: fluentd-daemon
    spec:
    priorityClassName: system-node-critical
    serviceAccountName: fluentd-daemon
    {{- with .Values.imagePullSecrets }}
    imagePullSecrets:
    {{ toYaml . | trimSuffix "\n" | indent 8}}
    {{- end }}
    tolerations:
    - key: node-role.kubernetes.io/master
    effect: NoSchedule
    containers:
    - name: fluentd-daemon
    image: {{ required "fluentd_daemon.image.repository must be provided" .Values.fluentd_daemon.image.repository }}:{{ .Values.fluentd_daemon.image.tag }}
    env:
    - name: FLUENT_ELASTICSEARCH_HOST
    value: {{ .Values.fluentd_daemon.env.elastic_host | quote }}
    - name: FLUENT_ELASTICSEARCH_PORT
    value: {{ .Values.fluentd_daemon.env.elastic_port | quote }}
    - name: FLUENT_ELASTICSEARCH_SCHEME
    value: {{ .Values.fluentd_daemon.env.elastic_scheme | quote }}
    resources:
    {{ toYaml .Values.fluentd_daemon.resources | indent 12 }}
    volumeMounts:
    - name: varlog
    mountPath: /var/log
    - name: varlibdockercontainers
    mountPath: /var/lib/docker/containers
    readOnly: true
    - name: config-volume
    mountPath: /fluentd/etc
    terminationGracePeriodSeconds: 30
    volumes:
    - name: varlog
    hostPath:
    path: /var/log
    - name: varlibdockercontainers
    hostPath:
    path: /var/lib/docker/containers
    - name: config-volume
    configMap:
    name: orc8r-fluentd-es-configs
    {{- end}}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/logging/values.yaml 0 → 100644
    + 22
    0
    View file @ 387fe1e6
    imagePullSecrets: []
    fluentd_daemon:
    create: false
    image:
    repository: fjvicens/orc8r_fluentd
    tag: latest
    pullPolicy: IfNotPresent
    env:
    elastic_host: "elasticsearch-logging"
    elastic_port: "9200"
    elastic_scheme: "http"
    resources: {}
    # limits:
    # cpu: 100m
    # memory: 128Mi
    # requests:
    # cpu: 100m
    # memory: 128Mi
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/Chart.yaml 0 → 100644
    + 21
    0
    View file @ 387fe1e6
    apiVersion: v1
    appVersion: 10.3.22
    description: Fast, reliable, scalable, and easy to use open-source relational database
    system. MariaDB Server is intended for mission-critical, heavy-load production systems
    as well as for embedding into mass-deployed software. Highly available MariaDB cluster.
    home: https://mariadb.org
    icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png
    keywords:
    - mariadb
    - mysql
    - database
    - sql
    - prometheus
    maintainers:
    - email: containers@bitnami.com
    name: Bitnami
    name: mariadb
    sources:
    - https://github.com/bitnami/bitnami-docker-mariadb
    - https://github.com/prometheus/mysqld_exporter
    version: 7.3.12
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/OWNERS 0 → 100644
    + 16
    0
    View file @ 387fe1e6
    approvers:
    - prydonius
    - tompizmor
    - sameersbn
    - carrodher
    - javsalgar
    - juan131
    - miguelaeh
    reviewers:
    - prydonius
    - tompizmor
    - sameersbn
    - carrodher
    - javsalgar
    - juan131
    - miguelaeh
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/README.md 0 → 100644
    + 332
    0
    View file @ 387fe1e6
    This diff is collapsed.
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/files/docker-entrypoint-initdb.d/README.md 0 → 100644
    + 3
    0
    View file @ 387fe1e6
    You can copy here your custom .sh, .sql or .sql.gz file so they are executed during the first boot of the image.
    More info in the [bitnami-docker-mariadb](https://github.com/bitnami/bitnami-docker-mariadb#initializing-a-new-instance) repository.
    \ No newline at end of file
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/NOTES.txt 0 → 100644
    + 49
    0
    View file @ 387fe1e6
    Please be patient while the chart is being deployed
    Tip:
    Watch the deployment status using the command: kubectl get pods -w --namespace {{ .Release.Namespace }} -l release={{ .Release.Name }}
    Services:
    echo Master: {{ template "mariadb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}
    {{- if .Values.replication.enabled }}
    echo Slave: {{ template "slave.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}
    {{- end }}
    Administrator credentials:
    Username: root
    Password : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.secretName" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
    To connect to your database:
    1. Run a pod that you can use as a client:
    kubectl run {{ template "mariadb.fullname" . }}-client --rm --tty -i --restart='Never' --image {{ template "mariadb.image" . }} --namespace {{ .Release.Namespace }} --command -- bash
    2. To connect to master service (read/write):
    mysql -h {{ template "mariadb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local -uroot -p {{ .Values.db.name }}
    {{- if .Values.replication.enabled }}
    3. To connect to slave service (read-only):
    mysql -h {{ template "slave.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local -uroot -p {{ .Values.db.name }}
    {{- end }}
    To upgrade this helm chart:
    1. Obtain the password as described on the 'Administrator credentials' section and set the 'rootUser.password' parameter as shown below:
    ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.secretName" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
    helm upgrade {{ .Release.Name }} stable/mariadb --set rootUser.password=$ROOT_PASSWORD
    {{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
    WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
    +info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
    {{- end }}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/_helpers.tpl 0 → 100644
    + 289
    0
    View file @ 387fe1e6
    {{/*
    Return the appropriate apiVersion for statefulset.
    */}}
    {{- define "mariadb.statefulset.apiVersion" -}}
    {{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
    {{- print "apps/v1beta1" -}}
    {{- else -}}
    {{- print "apps/v1" -}}
    {{- end -}}
    {{- end -}}
    {{/* vim: set filetype=mustache: */}}
    {{/*
    Expand the name of the chart.
    */}}
    {{- define "mariadb.name" -}}
    {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{/*
    Create a default fully qualified app name.
    We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
    If release name contains chart name it will be used as a full name.
    */}}
    {{- define "mariadb.fullname" -}}
    {{- if .Values.fullnameOverride -}}
    {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
    {{- $name := default .Chart.Name .Values.nameOverride -}}
    {{- if contains $name .Release.Name -}}
    {{- printf .Release.Name | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
    {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{- define "master.fullname" -}}
    {{- if .Values.replication.enabled -}}
    {{- printf "%s-%s" (include "mariadb.fullname" .) "master" | trunc 63 | trimSuffix "-" -}}
    {{- else -}}
    {{- include "mariadb.fullname" . -}}
    {{- end -}}
    {{- end -}}
    {{- define "slave.fullname" -}}
    {{- printf "%s-%s" (include "mariadb.fullname" .) "slave" | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{- define "mariadb.chart" -}}
    {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
    {{- end -}}
    {{/*
    Return the proper MariaDB image name
    */}}
    {{- define "mariadb.image" -}}
    {{- $registryName := .Values.image.registry -}}
    {{- $repositoryName := .Values.image.repository -}}
    {{- $tag := .Values.image.tag | toString -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
    Also, we can't use a single if because lazy evaluation is not an option
    */}}
    {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
    {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper metrics image name
    */}}
    {{- define "mariadb.metrics.image" -}}
    {{- $registryName := .Values.metrics.image.registry -}}
    {{- $repositoryName := .Values.metrics.image.repository -}}
    {{- $tag := .Values.metrics.image.tag | toString -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
    Also, we can't use a single if because lazy evaluation is not an option
    */}}
    {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
    {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- end -}}
    {{ template "mariadb.initdbScriptsCM" . }}
    {{/*
    Get the initialization scripts ConfigMap name.
    */}}
    {{- define "mariadb.initdbScriptsCM" -}}
    {{- if .Values.initdbScriptsConfigMap -}}
    {{- printf "%s" .Values.initdbScriptsConfigMap -}}
    {{- else -}}
    {{- printf "%s-init-scripts" (include "master.fullname" .) -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Create the name of the service account to use
    */}}
    {{- define "mariadb.serviceAccountName" -}}
    {{- if .Values.serviceAccount.create -}}
    {{ default (include "mariadb.fullname" .) .Values.serviceAccount.name }}
    {{- else -}}
    {{ default "default" .Values.serviceAccount.name }}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper Docker Image Registry Secret Names
    */}}
    {{- define "mariadb.imagePullSecrets" -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
    Also, we can not use a single if because lazy evaluation is not an option
    */}}
    {{- if .Values.global }}
    {{- if .Values.global.imagePullSecrets }}
    imagePullSecrets:
    {{- range .Values.global.imagePullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
    imagePullSecrets:
    {{- range .Values.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- range .Values.metrics.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- range .Values.volumePermissions.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- end -}}
    {{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }}
    imagePullSecrets:
    {{- range .Values.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- range .Values.metrics.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- range .Values.volumePermissions.image.pullSecrets }}
    - name: {{ . }}
    {{- end }}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper test image name
    */}}
    {{- define "mariadb.tests.testFramework.image" -}}
    {{- $registryName := .Values.tests.testFramework.image.registry -}}
    {{- $repositoryName := .Values.tests.testFramework.image.repository -}}
    {{- $tag := .Values.tests.testFramework.image.tag | toString -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
    Also, we can't use a single if because lazy evaluation is not an option
    */}}
    {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
    {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper image name (for the init container volume-permissions image)
    */}}
    {{- define "mariadb.volumePermissions.image" -}}
    {{- $registryName := .Values.volumePermissions.image.registry -}}
    {{- $repositoryName := .Values.volumePermissions.image.repository -}}
    {{- $tag := .Values.volumePermissions.image.tag | toString -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
    Also, we can't use a single if because lazy evaluation is not an option
    */}}
    {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
    {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper Storage Class for the master
    */}}
    {{- define "mariadb.master.storageClass" -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
    */}}
    {{- if .Values.global -}}
    {{- if .Values.global.storageClass -}}
    {{- if (eq "-" .Values.global.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.global.storageClass -}}
    {{- end -}}
    {{- else -}}
    {{- if .Values.master.persistence.storageClass -}}
    {{- if (eq "-" .Values.master.persistence.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.master.persistence.storageClass -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{- else -}}
    {{- if .Values.master.persistence.storageClass -}}
    {{- if (eq "-" .Values.master.persistence.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.master.persistence.storageClass -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the proper Storage Class for the slave
    */}}
    {{- define "mariadb.slave.storageClass" -}}
    {{/*
    Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
    but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic.
    */}}
    {{- if .Values.global -}}
    {{- if .Values.global.storageClass -}}
    {{- if (eq "-" .Values.global.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.global.storageClass -}}
    {{- end -}}
    {{- else -}}
    {{- if .Values.slave.persistence.storageClass -}}
    {{- if (eq "-" .Values.slave.persistence.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.slave.persistence.storageClass -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{- else -}}
    {{- if .Values.slave.persistence.storageClass -}}
    {{- if (eq "-" .Values.slave.persistence.storageClass) -}}
    {{- printf "storageClassName: \"\"" -}}
    {{- else }}
    {{- printf "storageClassName: %s" .Values.slave.persistence.storageClass -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{- end -}}
    {{/*
    Return the name of the Secret used to store the passwords
    */}}
    {{- define "mariadb.secretName" -}}
    {{- if .Values.existingSecret -}}
    {{ .Values.existingSecret }}
    {{- else -}}
    {{ template "mariadb.fullname" . -}}
    {{- end -}}
    {{- end -}}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/initialization-configmap.yaml 0 → 100644
    + 26
    0
    View file @ 387fe1e6
    {{- if and (or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScripts) (not .Values.initdbScriptsConfigMap) }}
    apiVersion: v1
    kind: ConfigMap
    metadata:
    name: {{ template "master.fullname" . }}-init-scripts
    labels:
    app: "{{ template "mariadb.name" . }}"
    chart: "{{ template "mariadb.chart" . }}"
    release: {{ .Release.Name | quote }}
    heritage: {{ .Release.Service | quote }}
    component: "master"
    {{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz") (not .Values.initdbScriptsConfigMap) }}
    binaryData:
    {{- $root := . }}
    {{- range $path, $bytes := .Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz" }}
    {{ base $path }}: {{ $root.Files.Get $path | b64enc | quote }}
    {{- end }}
    {{- end }}
    data:
    {{- if and (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}") (not .Values.initdbScriptsConfigMap) }}
    {{ (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql}").AsConfig | indent 2 }}
    {{- end }}
    {{- with .Values.initdbScripts }}
    {{ toYaml . | indent 2 }}
    {{- end }}
    {{ end }}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/master-configmap.yaml 0 → 100644
    + 15
    0
    View file @ 387fe1e6
    {{- if .Values.master.config }}
    apiVersion: v1
    kind: ConfigMap
    metadata:
    name: {{ template "master.fullname" . }}
    labels:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    chart: "{{ template "mariadb.chart" . }}"
    release: {{ .Release.Name | quote }}
    heritage: {{ .Release.Service | quote }}
    data:
    my.cnf: |-
    {{ .Values.master.config | indent 4 }}
    {{- end -}}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/master-pdb.yaml 0 → 100644
    + 24
    0
    View file @ 387fe1e6
    {{- if .Values.master.podDisruptionBudget.enabled }}
    apiVersion: policy/v1beta1
    kind: PodDisruptionBudget
    metadata:
    name: {{ template "mariadb.fullname" . }}
    labels:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    chart: {{ template "mariadb.chart" . }}
    release: {{ .Release.Name | quote }}
    heritage: {{ .Release.Service | quote }}
    spec:
    {{- if .Values.master.podDisruptionBudget.minAvailable }}
    minAvailable: {{ .Values.master.podDisruptionBudget.minAvailable }}
    {{- end }}
    {{- if .Values.master.podDisruptionBudget.maxUnavailable }}
    maxUnavailable: {{ .Values.master.podDisruptionBudget.maxUnavailable }}
    {{- end }}
    selector:
    matchLabels:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    release: {{ .Release.Name | quote }}
    {{- end }}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/master-statefulset.yaml 0 → 100644
    + 333
    0
    View file @ 387fe1e6
    apiVersion: {{ template "mariadb.statefulset.apiVersion" . }}
    kind: StatefulSet
    metadata:
    name: {{ template "master.fullname" . }}
    labels:
    app: {{ template "mariadb.name" . }}
    chart: {{ template "mariadb.chart" . }}
    release: orc8r
    heritage: {{ .Release.Service }}
    component: master
    spec:
    selector:
    matchLabels:
    app: {{ template "mariadb.name" . }}
    release: orc8r
    component: master
    serviceName: {{ template "master.fullname" . }}
    replicas: 1
    updateStrategy:
    type: {{ .Values.master.updateStrategy.type }}
    {{- if (eq "Recreate" .Values.master.updateStrategy.type) }}
    rollingUpdate: null
    {{- end }}
    template:
    metadata:
    {{- with .Values.master.annotations }}
    annotations:
    {{- toYaml . | nindent 8 }}
    {{- end }}
    labels:
    app: {{ template "mariadb.name" . }}
    chart: {{ template "mariadb.chart" . }}
    release: orc8r
    component: master
    spec:
    {{- if .Values.schedulerName }}
    schedulerName: {{ .Values.schedulerName | quote }}
    {{- end }}
    serviceAccountName: {{ template "mariadb.serviceAccountName" . }}
    {{- if .Values.securityContext.enabled }}
    securityContext:
    fsGroup: {{ .Values.securityContext.fsGroup }}
    runAsUser: {{ .Values.securityContext.runAsUser }}
    {{- end }}
    {{- if eq .Values.master.antiAffinity "hard" }}
    affinity:
    {{- with .Values.master.affinity }}
    {{ toYaml . | indent 8 }}
    {{- end }}
    podAntiAffinity:
    requiredDuringSchedulingIgnoredDuringExecution:
    - topologyKey: "kubernetes.io/hostname"
    labelSelector:
    matchLabels:
    app: {{ template "mariadb.name" . }}
    release: orc8r
    {{- else if eq .Values.master.antiAffinity "soft" }}
    affinity:
    {{- with .Values.master.affinity }}
    {{ toYaml . | indent 8 }}
    {{- end }}
    podAntiAffinity:
    preferredDuringSchedulingIgnoredDuringExecution:
    - weight: 1
    podAffinityTerm:
    topologyKey: kubernetes.io/hostname
    labelSelector:
    matchLabels:
    app: {{ template "mariadb.name" . }}
    release: orc8r
    {{- else}}
    {{- with .Values.master.affinity }}
    affinity: {{ toYaml . | nindent 8 }}
    {{- end }}
    {{- end }}
    {{- if .Values.master.nodeSelector }}
    nodeSelector: {{ toYaml .Values.master.nodeSelector | nindent 8 }}
    {{- end -}}
    {{- with .Values.master.tolerations }}
    tolerations: {{ toYaml . | nindent 8 }}
    {{- end }}
    {{- include "mariadb.imagePullSecrets" . | indent 6 }}
    initContainers:
    {{- if .Values.master.extraInitContainers }}
    {{ tpl .Values.master.extraInitContainers . | indent 8 }}
    {{- end }}
    {{- if and .Values.volumePermissions.enabled .Values.master.persistence.enabled }}
    - name: volume-permissions
    image: {{ template "mariadb.volumePermissions.image" . }}
    imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
    command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.master.persistence.mountPath }}"]
    securityContext:
    runAsUser: 0
    resources: {{ toYaml .Values.volumePermissions.resources | nindent 12 }}
    volumeMounts:
    - name: data
    mountPath: {{ .Values.master.persistence.mountPath }}
    {{- end }}
    containers:
    - name: "mariadb"
    image: {{ template "mariadb.image" . }}
    imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
    env:
    {{- if .Values.image.debug}}
    - name: BITNAMI_DEBUG
    value: "true"
    {{- end }}
    {{- if .Values.master.extraFlags }}
    - name: MARIADB_EXTRA_FLAGS
    value: "{{ .Values.master.extraFlags }}"
    {{- end }}
    {{- if .Values.rootUser.injectSecretsAsVolume }}
    - name: MARIADB_ROOT_PASSWORD_FILE
    value: "/opt/bitnami/mariadb/secrets/mariadb-root-password"
    {{- else }}
    - name: MARIADB_ROOT_PASSWORD
    valueFrom:
    secretKeyRef:
    name: {{ template "mariadb.secretName" . }}
    key: mariadb-root-password
    {{- end }}
    {{- if not (empty .Values.db.user) }}
    - name: MARIADB_USER
    value: "{{ .Values.db.user }}"
    {{- if .Values.db.injectSecretsAsVolume }}
    - name: MARIADB_PASSWORD_FILE
    value: "/opt/bitnami/mariadb/secrets/mariadb-password"
    {{- else }}
    - name: MARIADB_PASSWORD
    valueFrom:
    secretKeyRef:
    name: {{ template "mariadb.secretName" . }}
    key: mariadb-password
    {{- end }}
    {{- end }}
    - name: MARIADB_DATABASE
    value: "{{ .Values.db.name }}"
    {{- if .Values.replication.enabled }}
    - name: MARIADB_REPLICATION_MODE
    value: "master"
    - name: MARIADB_REPLICATION_USER
    value: "{{ .Values.replication.user }}"
    {{- if .Values.replication.injectSecretsAsVolume }}
    - name: MARIADB_REPLICATION_PASSWORD_FILE
    value: "/opt/bitnami/mariadb/secrets/mariadb-replication-password"
    {{- else }}
    - name: MARIADB_REPLICATION_PASSWORD
    valueFrom:
    secretKeyRef:
    name: {{ template "mariadb.secretName" . }}
    key: mariadb-replication-password
    {{- end }}
    {{- end }}
    {{- if .Values.master.extraEnvVars }}
    {{- tpl (toYaml .Values.master.extraEnvVars) $ | nindent 12 }}
    {{- end }}
    ports:
    - name: mysql
    containerPort: 3306
    {{- if .Values.master.livenessProbe.enabled }}
    livenessProbe:
    exec:
    command:
    - sh
    - -c
    - |
    password_aux="${MARIADB_ROOT_PASSWORD:-}"
    if [ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]; then
    password_aux=$(cat $MARIADB_ROOT_PASSWORD_FILE)
    fi
    mysqladmin status -uroot -p$password_aux
    initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }}
    periodSeconds: {{ .Values.master.livenessProbe.periodSeconds }}
    timeoutSeconds: {{ .Values.master.livenessProbe.timeoutSeconds }}
    successThreshold: {{ .Values.master.livenessProbe.successThreshold }}
    failureThreshold: {{ .Values.master.livenessProbe.failureThreshold }}
    {{- end }}
    {{- if .Values.master.readinessProbe.enabled }}
    readinessProbe:
    exec:
    command:
    - sh
    - -c
    - |
    password_aux="${MARIADB_ROOT_PASSWORD:-}"
    if [ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]; then
    password_aux=$(cat $MARIADB_ROOT_PASSWORD_FILE)
    fi
    mysqladmin status -uroot -p$password_aux
    initialDelaySeconds: {{ .Values.master.readinessProbe.initialDelaySeconds }}
    periodSeconds: {{ .Values.master.readinessProbe.periodSeconds }}
    timeoutSeconds: {{ .Values.master.readinessProbe.timeoutSeconds }}
    successThreshold: {{ .Values.master.readinessProbe.successThreshold }}
    failureThreshold: {{ .Values.master.readinessProbe.failureThreshold }}
    {{- end }}
    {{- if .Values.master.resources }}
    resources: {{ toYaml .Values.master.resources | nindent 12 }}
    {{- end }}
    volumeMounts:
    - name: data
    mountPath: {{ .Values.master.persistence.mountPath }}
    {{- if .Values.master.persistence.subPath }}
    subPath: {{ .Values.master.persistence.subPath }}
    {{- end }}
    {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
    - name: custom-init-scripts
    mountPath: /docker-entrypoint-initdb.d
    {{- end }}
    {{- if .Values.master.config }}
    - name: config
    mountPath: /opt/bitnami/mariadb/conf/my.cnf
    subPath: my.cnf
    {{- end }}
    {{- if or .Values.rootUser.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
    - name: mariadb-credentials
    mountPath: /opt/bitnami/mariadb/secrets/
    {{- end }}
    {{- if .Values.metrics.enabled }}
    - name: metrics
    image: {{ template "mariadb.metrics.image" . }}
    imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
    env:
    {{- if .Values.rootUser.injectSecretsAsVolume }}
    - name: MARIADB_ROOT_PASSWORD_FILE
    value: "/opt/bitnami/mysqld-exporter/secrets/mariadb-root-password"
    {{- else }}
    - name: MARIADB_ROOT_PASSWORD
    valueFrom:
    secretKeyRef:
    name: {{ template "mariadb.secretName" . }}
    key: mariadb-root-password
    {{- end }}
    command:
    - sh
    - -c
    - |
    password_aux="${MARIADB_ROOT_PASSWORD:-}"
    if [ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]; then
    password_aux=$(cat $MARIADB_ROOT_PASSWORD_FILE)
    fi
    DATA_SOURCE_NAME="root:${password_aux}@(localhost:3306)/" /bin/mysqld_exporter
    {{- range .Values.metrics.extraArgs.master }}
    {{ . }}
    {{- end }}
    ports:
    - name: metrics
    containerPort: 9104
    {{- if .Values.metrics.livenessProbe.enabled }}
    livenessProbe:
    httpGet:
    path: /metrics
    port: metrics
    initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
    periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
    timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
    successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}
    failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
    {{- end }}
    {{- if .Values.metrics.readinessProbe.enabled }}
    readinessProbe:
    httpGet:
    path: /metrics
    port: metrics
    initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }}
    periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
    timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }}
    successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }}
    failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }}
    {{- end }}
    {{- if .Values.metrics.resources }}
    resources: {{ toYaml .Values.metrics.resources | nindent 12 }}
    {{- end }}
    {{- if .Values.rootUser.injectSecretsAsVolume }}
    volumeMounts:
    - name: mariadb-credentials
    mountPath: /opt/bitnami/mysqld-exporter/secrets/
    {{- end }}
    {{- end }}
    volumes:
    {{- if .Values.master.config }}
    - name: config
    configMap:
    name: {{ template "master.fullname" . }}
    {{- end }}
    {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,sql,sql.gz}") .Values.initdbScriptsConfigMap .Values.initdbScripts }}
    - name: custom-init-scripts
    configMap:
    name: {{ template "mariadb.initdbScriptsCM" . }}
    {{- end }}
    {{- if or .Values.rootUser.injectSecretsAsVolume .Values.db.injectSecretsAsVolume .Values.replication.injectSecretsAsVolume }}
    - name: mariadb-credentials
    secret:
    secretName: {{ template "mariadb.fullname" . }}
    items:
    {{- if .Values.rootUser.injectSecretsAsVolume }}
    - key: mariadb-root-password
    path: mariadb-root-password
    {{- end }}
    {{- if .Values.db.injectSecretsAsVolume }}
    - key: mariadb-password
    path: mariadb-password
    {{- end }}
    {{- if and .Values.replication.enabled .Values.replication.injectSecretsAsVolume }}
    - key: mariadb-replication-password
    path: mariadb-replication-password
    {{- end }}
    {{- end }}
    {{- if and .Values.master.persistence.enabled .Values.master.persistence.existingClaim }}
    - name: data
    persistentVolumeClaim:
    claimName: {{ .Values.master.persistence.existingClaim }}
    {{- else if not .Values.master.persistence.enabled }}
    - name: data
    emptyDir: {}
    {{- else if and .Values.master.persistence.enabled (not .Values.master.persistence.existingClaim) }}
    volumeClaimTemplates:
    - metadata:
    name: data
    labels:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    release: {{ .Release.Name | quote }}
    heritage: {{ .Release.Service | quote }}
    spec:
    accessModes:
    {{- range .Values.master.persistence.accessModes }}
    - {{ . | quote }}
    {{- end }}
    resources:
    requests:
    storage: {{ .Values.master.persistence.size | quote }}
    {{ include "mariadb.master.storageClass" . }}
    {{- end }}
    magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/mariadb/templates/master-svc.yaml 0 → 100644
    + 47
    0
    View file @ 387fe1e6
    apiVersion: v1
    kind: Service
    metadata:
    # name: {{ template "mariadb.fullname" . }}
    name: mariadb
    labels:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    chart: "{{ template "mariadb.chart" . }}"
    release: {{ .Release.Name | quote }}
    heritage: {{ .Release.Service | quote }}
    {{- if or .Values.metrics.enabled .Values.master.service.annotations }}
    annotations:
    {{- if .Values.metrics.enabled }}
    {{ toYaml .Values.metrics.annotations | indent 4 }}
    {{- end }}
    {{- if .Values.master.service.annotations }}
    {{ toYaml .Values.master.service.annotations | indent 4 }}
    {{- end }}
    {{- end }}
    spec:
    type: {{ .Values.service.type }}
    {{- if eq .Values.service.type "ClusterIP" }}
    {{- if .Values.service.clusterIp }}
    clusterIP: {{ .Values.service.clusterIp.master }}
    {{- end }}
    {{- end }}
    ports:
    - name: mysql
    port: {{ .Values.service.port }}
    targetPort: mysql
    {{- if eq .Values.service.type "NodePort" }}
    {{- if .Values.service.nodePort }}
    {{- if .Values.service.nodePort.master }}
    nodePort: {{ .Values.service.nodePort.master }}
    {{- end }}
    {{- end }}
    {{- end }}
    {{- if .Values.metrics.enabled }}
    - name: metrics
    port: 9104
    targetPort: metrics
    {{- end }}
    selector:
    app: "{{ template "mariadb.name" . }}"
    component: "master"
    release: "orc8r"
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment