Browse Source

Copy Monasca charts from monasca-helm repository

As discussed in the team meeting [1] this commit copies the Monasca
charts from monasca/monasca-helm repository. The goal is to adapt these
charts to OSH standards and patterns, and then move them to
openstack-helm and openstack-helm-infra repositories accordingly.

[1] http://eavesdrop.openstack.org/meetings/openstack_helm/2019/openstack_helm.2019-02-12-15.01.html

Change-Id: I261187de943046b7314ae6ab6b0f997624952d5e
changes/97/636597/4
Witek Bedyk 4 months ago
parent
commit
d632474b4d
100 changed files with 5174 additions and 1 deletions
  1. 3
    1
      Makefile
  2. 21
    0
      influxdb/.helmignore
  3. 14
    0
      influxdb/Chart.yaml
  4. 99
    0
      influxdb/README.md
  5. 15
    0
      influxdb/templates/NOTES.txt
  6. 16
    0
      influxdb/templates/_helpers.tpl
  7. 149
    0
      influxdb/templates/config.yaml
  8. 127
    0
      influxdb/templates/deployment.yaml
  9. 43
    0
      influxdb/templates/post-install-set-auth.yaml
  10. 24
    0
      influxdb/templates/pvc.yaml
  11. 18
    0
      influxdb/templates/secret.yaml
  12. 48
    0
      influxdb/templates/service.yaml
  13. 231
    0
      influxdb/values.yaml
  14. 21
    0
      kafka/.helmignore
  15. 4
    0
      kafka/Chart.yaml
  16. 36
    0
      kafka/README.md
  17. 25
    0
      kafka/templates/_helpers.tpl
  18. 47
    0
      kafka/templates/cleanup-hook.yaml
  19. 25
    0
      kafka/templates/cleanup-role.yaml
  20. 26
    0
      kafka/templates/cleanup-rolebinding.yaml
  21. 12
    0
      kafka/templates/cleanup-serviceaccount.yaml
  22. 124
    0
      kafka/templates/deployment.yaml
  23. 50
    0
      kafka/templates/exporter-configmap.yaml
  24. 49
    0
      kafka/templates/init-job.yaml
  25. 18
    0
      kafka/templates/pvc.yaml
  26. 19
    0
      kafka/templates/static-svc.yaml
  27. 17
    0
      kafka/templates/svc.yaml
  28. 93
    0
      kafka/values.yaml
  29. 21
    0
      keystone-init/.helmignore
  30. 4
    0
      keystone-init/Chart.yaml
  31. 0
    0
      keystone-init/templates/NOTES.txt
  32. 24
    0
      keystone-init/templates/_helpers.tpl
  33. 150
    0
      keystone-init/templates/_keystone_env.tpl
  34. 47
    0
      keystone-init/templates/cleanup-hook.yaml
  35. 25
    0
      keystone-init/templates/cleanup-role.yaml
  36. 26
    0
      keystone-init/templates/cleanup-rolebinding.yaml
  37. 12
    0
      keystone-init/templates/cleanup-serviceaccount.yaml
  38. 51
    0
      keystone-init/templates/keystone-init-job.yaml
  39. 12
    0
      keystone-init/templates/keystone-preload-configmap.yaml
  40. 25
    0
      keystone-init/templates/keystone-role.yaml
  41. 26
    0
      keystone-init/templates/keystone-rolebinding.yaml
  42. 12
    0
      keystone-init/templates/keystone-serviceaccount.yaml
  43. 109
    0
      keystone-init/values.yaml
  44. 21
    0
      monasca-agent/.helmignore
  45. 9
    0
      monasca-agent/Chart.yaml
  46. 16
    0
      monasca-agent/templates/_helpers.tpl
  47. 14
    0
      monasca-agent/templates/configmap.yaml
  48. 124
    0
      monasca-agent/templates/daemonset.yaml
  49. 143
    0
      monasca-agent/templates/deployment.yaml
  50. 32
    0
      monasca-agent/templates/role.yaml
  51. 56
    0
      monasca-agent/values.yaml
  52. 9
    0
      monasca-alarms/Chart.yaml
  53. 112
    0
      monasca-alarms/README.md
  54. 16
    0
      monasca-alarms/templates/_helpers.tpl
  55. 68
    0
      monasca-alarms/templates/alarms.yaml
  56. 9
    0
      monasca-alarms/values.yaml
  57. 21
    0
      monasca/.helmignore
  58. 9
    0
      monasca/Chart.yaml
  59. 574
    0
      monasca/README.md
  60. 21
    0
      monasca/requirements.yaml
  61. 160
    0
      monasca/templates/_helpers.tpl
  62. 155
    0
      monasca/templates/_secret_env.tpl
  63. 30
    0
      monasca/templates/agent-clusterrole.yaml
  64. 20
    0
      monasca/templates/agent-clusterrolebinding.yaml
  65. 14
    0
      monasca/templates/agent-configmap.yaml
  66. 159
    0
      monasca/templates/agent-daemonset.yaml
  67. 157
    0
      monasca/templates/agent-deployment.yaml
  68. 12
    0
      monasca/templates/agent-serviceaccount.yaml
  69. 14
    0
      monasca/templates/aggregator-configmap.yaml
  70. 52
    0
      monasca/templates/aggregator-deployment.yaml
  71. 59
    0
      monasca/templates/alarm-definition-controller-deployment.yaml
  72. 9
    0
      monasca/templates/alarm-definition-resource.yaml
  73. 14
    0
      monasca/templates/alarms-configmap.yaml
  74. 82
    0
      monasca/templates/alarms-init-job.yaml
  75. 167
    0
      monasca/templates/api-deployment.yaml
  76. 21
    0
      monasca/templates/api-svc.yaml
  77. 47
    0
      monasca/templates/cleanup-hook.yaml
  78. 25
    0
      monasca/templates/cleanup-role.yaml
  79. 26
    0
      monasca/templates/cleanup-rolebinding.yaml
  80. 12
    0
      monasca/templates/cleanup-serviceaccount.yaml
  81. 48
    0
      monasca/templates/client-deployment.yaml
  82. 14
    0
      monasca/templates/forwarder-configmap.yaml
  83. 68
    0
      monasca/templates/forwarder-deployment.yaml
  84. 37
    0
      monasca/templates/grafana-configmap.yaml
  85. 76
    0
      monasca/templates/grafana-deployment.yaml
  86. 41
    0
      monasca/templates/grafana-init-job.yaml
  87. 24
    0
      monasca/templates/grafana-svc.yaml
  88. 31
    0
      monasca/templates/influx-init-job.yaml
  89. 63
    0
      monasca/templates/keystone-configmap.yaml
  90. 85
    0
      monasca/templates/keystone-deployment.yaml
  91. 30
    0
      monasca/templates/keystone-svc.yaml
  92. 29
    0
      monasca/templates/memcached-deployment.yaml
  93. 24
    0
      monasca/templates/memcached-svc.yaml
  94. 13
    0
      monasca/templates/mysql-api-secret.yaml
  95. 17
    0
      monasca/templates/mysql-grafana-secret.yaml
  96. 128
    0
      monasca/templates/mysql-init-job.yaml
  97. 13
    0
      monasca/templates/mysql-keystone-secret.yaml
  98. 13
    0
      monasca/templates/mysql-notification-secret.yaml
  99. 13
    0
      monasca/templates/mysql-thresh-secret.yaml
  100. 0
    0
      monasca/templates/notification-deployment.yaml

+ 3
- 1
Makefile View File

@@ -18,7 +18,9 @@ SHELL := /bin/bash
18 18
 HELM := helm
19 19
 TASK := build
20 20
 
21
-EXCLUDES := helm-toolkit doc tests tools logs tmp
21
+EXCLUDES := helm-toolkit doc tests tools logs tmp influxdb kafka \
22
+	keystone-init monasca-agent monasca-alarms monasca mysql-users-init storm \
23
+	zookeeper
22 24
 CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
23 25
 
24 26
 .PHONY: $(EXCLUDES) $(CHARTS)

+ 21
- 0
influxdb/.helmignore View File

@@ -0,0 +1,21 @@
1
+# Patterns to ignore when building packages.
2
+# This supports shell glob matching, relative path matching, and
3
+# negation (prefixed with !). Only one pattern per line.
4
+.DS_Store
5
+# Common VCS dirs
6
+.git/
7
+.gitignore
8
+.bzr/
9
+.bzrignore
10
+.hg/
11
+.hgignore
12
+.svn/
13
+# Common backup files
14
+*.swp
15
+*.bak
16
+*.tmp
17
+*~
18
+# Various IDEs
19
+.project
20
+.idea/
21
+*.tmproj

+ 14
- 0
influxdb/Chart.yaml View File

@@ -0,0 +1,14 @@
1
+name: influxdb
2
+version: 0.6.2-0.0.2
3
+description: Scalable datastore for metrics, events, and real-time analytics.
4
+keywords:
5
+- influxdb
6
+- database
7
+- timeseries
8
+home: https://www.influxdata.com/time-series-platform/influxdb/
9
+sources:
10
+- https://github.com/influxdata/influxdb
11
+maintainers:
12
+- name: Jack Zampolin
13
+  email: jack@influxdb.com
14
+engine: gotpl

+ 99
- 0
influxdb/README.md View File

@@ -0,0 +1,99 @@
1
+# InfluxDB
2
+
3
+##  An Open-Source Time Series Database
4
+
5
+[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series database built by the folks over at [InfluxData](https://influxdata.com) with no external dependencies. It's useful for recording metrics, events, and performing analytics.
6
+
7
+## QuickStart
8
+
9
+```bash
10
+$ helm install stable/influxdb --name foo --namespace bar
11
+```
12
+
13
+## Introduction
14
+
15
+This chart bootstraps an InfluxDB deployment and service on a Kubernetes cluster using the Helm Package manager.
16
+
17
+## Prerequisites
18
+
19
+- Kubernetes 1.4+
20
+- PV provisioner support in the underlying infrastructure (optional)
21
+
22
+## Installing the Chart
23
+
24
+To install the chart with the release name `my-release`:
25
+
26
+```bash
27
+$ helm install --name my-release stable/influxdb
28
+```
29
+
30
+The command deploys InfluxDB on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
31
+
32
+> **Tip**: List all releases using `helm list`
33
+
34
+## Uninstalling the Chart
35
+
36
+To uninstall/delete the `my-release` deployment:
37
+
38
+```bash
39
+$ helm delete my-release --purge
40
+```
41
+
42
+The command removes all the Kubernetes components associated with the chart and deletes the release.
43
+
44
+## Configuration
45
+
46
+The default configuration values for this chart are listed in `values.yaml`.
47
+
48
+The [full image documentation](https://hub.docker.com/_/influxdb/) contains more information about running InfluxDB in docker.
49
+
50
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
51
+
52
+```bash
53
+$ helm install --name my-release \
54
+  --set persistence.enabled=true,persistence.size=200Gi \
55
+    stable/influxdb
56
+```
57
+
58
+The above command enables persistence and changes the size of the requested data volume to 200GB.
59
+
60
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
61
+
62
+```bash
63
+$ helm install --name my-release -f values.yaml stable/influxdb
64
+```
65
+
66
+> **Tip**: You can use the default [values.yaml](values.yaml)
67
+
68
+### InfluxDB Watcher Configuration
69
+
70
+Parameter | Description | Default
71
+--------- | ----------- | -------
72
+`watcher.enabled` | InfluxDB watcher enabled flag | `false`
73
+`watcher.image.repository` | InfluxDB watcher container image repository | `monasca/influxdb-watcher`
74
+`watcher.image.tag` | InfluxDB watcher container image tag | `latest`
75
+`watcher.image.pullPolicy` | InfluxDB watcher container image pull policy | `IfNotPresent`
76
+`watcher.address` | InfluxDB service address | `http://localhost:8086`
77
+`watcher.username` | InfluxDB username with read/write privileges | `influxdb_watcher`
78
+`watcher.password` | InfluxDB password | `password`
79
+`watcher.database` | InfluxDB database | `mon`
80
+`watcher.watcher_period` | InfluxDB watcher period | `600`
81
+`watcher.watcher_timeout` | InfluxDB watcher read/write timeout | `60`
82
+`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
83
+`watcher.port` | InfluxDB watcher port to expose Promethues metrics on | `8080`
84
+
85
+## Persistence
86
+
87
+The [InfluxDB](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb` directory in the container.
88
+
89
+The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning.
90
+
91
+## Starting with authentication
92
+
93
+In `values.yaml` change `.Values.config.http.auth_enabled` to `true`.
94
+
95
+Influxdb requires also a user to be set in order for authentication to be enforced. See more details [here](https://docs.influxdata.com/influxdb/v1.2/query_language/authentication_and_authorization/#set-up-authentication).
96
+
97
+To handle this setup on startup, a job can be enabled in `values.yaml` by setting `.Values.setDefaultUser.enabled` to `true`.
98
+
99
+Make sure to uncomment or configure the job settings after enabling it. If a password is not set, a random password will be generated.

+ 15
- 0
influxdb/templates/NOTES.txt View File

@@ -0,0 +1,15 @@
1
+InfluxDB can be accessed via port {{ .Values.config.http.bind_address }} on the following DNS name from within your cluster:
2
+
3
+- http://{{ template "influxdb.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.config.http.bind_address }}
4
+
5
+You can easily connect to the remote instance with your local influx cli. To forward the API port to localhost:8086 run the following:
6
+
7
+- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }') 8086:{{ .Values.config.http.bind_address }}
8
+
9
+You can also connect to the influx cli from inside the container. To open a shell session in the InfluxDB pod run the following:
10
+
11
+- kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
12
+
13
+To tail the logs for the InfluxDB pod run the following:
14
+
15
+- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "influxdb.fullname" . }} -o jsonpath='{ .items[0].metadata.name }')

+ 16
- 0
influxdb/templates/_helpers.tpl View File

@@ -0,0 +1,16 @@
1
+{{/* vim: set filetype=mustache: */}}
2
+{{/*
3
+Expand the name of the chart.
4
+*/}}
5
+{{- define "influxdb.name" -}}
6
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7
+{{- end -}}
8
+
9
+{{/*
10
+Create a default fully qualified app name.
11
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12
+*/}}
13
+{{- define "influxdb.fullname" -}}
14
+{{- $name := default .Chart.Name .Values.nameOverride -}}
15
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16
+{{- end -}}

+ 149
- 0
influxdb/templates/config.yaml View File

@@ -0,0 +1,149 @@
1
+
2
+apiVersion: v1
3
+kind: ConfigMap
4
+metadata:
5
+  name: {{ template "influxdb.fullname" . }}
6
+  labels:
7
+    app: {{ template "influxdb.fullname" . }}
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    release: "{{ .Release.Name }}"
10
+    heritage: "{{ .Release.Service }}"
11
+data:
12
+  influxdb.conf: |+
13
+    reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
14
+    bind-address = ":{{ .Values.config.bind_address }}"
15
+
16
+    [meta]
17
+      dir = "{{ .Values.config.storage_directory }}/meta"
18
+      retention-autocreate = {{ .Values.config.meta.retention_autocreate }}
19
+      logging-enabled = {{ .Values.config.meta.logging_enabled }}
20
+
21
+    [data]
22
+      dir = "{{ .Values.config.storage_directory }}/data"
23
+      wal-dir = "{{ .Values.config.storage_directory }}/wal"
24
+      index-version = "{{ .Values.config.data.index_version }}"
25
+      query-log-enabled = {{ .Values.config.data.query_log_enabled }}
26
+      cache-max-memory-size = {{ .Values.config.data.cache_max_memory_size | int64 }}
27
+      cache-snapshot-memory-size = {{ .Values.config.data.cache_snapshot_memory_size | int64 }}
28
+      cache-snapshot-write-cold-duration = "{{ .Values.config.data.cache_snapshot_write_cold_duration }}"
29
+      compact-full-write-cold-duration = "{{ .Values.config.data.compact_full_write_cold_duration }}"
30
+      max-series-per-database = {{ .Values.config.data.max_series_per_database | int64 }}
31
+      max-values-per-tag = {{ .Values.config.data.max_values_per_tag | int64 }}
32
+      trace-logging-enabled = {{ .Values.config.data.trace_logging_enabled }}
33
+
34
+    [coordinator]
35
+      write-timeout = "{{ .Values.config.coordinator.write_timeout }}"
36
+      max-concurrent-queries = {{ .Values.config.coordinator.max_concurrent_queries | int64 }}
37
+      query-timeout = "{{ .Values.config.coordinator.query_timeout }}"
38
+      log-queries-after = "{{ .Values.config.coordinator.log_queries_after }}"
39
+      max-select-point = {{ .Values.config.coordinator.max_select_point | int64 }}
40
+      max-select-series = {{ .Values.config.coordinator.max_select_series | int64 }}
41
+      max-select-buckets = {{ .Values.config.coordinator.max_select_buckets | int64 }}
42
+
43
+    [retention]
44
+      enabled = {{ .Values.config.retention.enabled }}
45
+      check-interval = "{{ .Values.config.retention.check_interval }}"
46
+
47
+    [shard-precreation]
48
+      enabled = {{ .Values.config.shard_precreation.enabled }}
49
+      check-interval = "{{ .Values.config.shard_precreation.check_interval }}"
50
+      advance-period = "{{ .Values.config.shard_precreation.advance_period }}"
51
+
52
+    [admin]
53
+      enabled = {{ .Values.config.admin.enabled }}
54
+      bind-address = ":{{ .Values.config.admin.bind_address }}"
55
+      https-enabled = {{ .Values.config.admin.https_enabled }}
56
+      https-certificate = "{{ .Values.config.admin.https_certificate }}"
57
+
58
+    [monitor]
59
+      store-enabled = {{ .Values.config.monitor.store_enabled }}
60
+      store-database = "{{ .Values.config.monitor.store_database }}"
61
+      store-interval = "{{ .Values.config.monitor.store_interval }}"
62
+
63
+    [subscriber]
64
+      enabled = {{ .Values.config.subscriber.enabled }}
65
+      http-timeout = "{{ .Values.config.subscriber.http_timeout }}"
66
+      insecure-skip-verify = {{ .Values.config.subscriber.insecure_skip_verify }}
67
+      ca-certs = "{{ .Values.config.subscriber.ca_certs }}"
68
+      write-concurrency = {{ .Values.config.subscriber.write_concurrency | int64 }}
69
+      write-buffer-size = {{ .Values.config.subscriber.write_buffer_size | int64 }}
70
+
71
+    [http]
72
+      enabled = {{ .Values.config.http.enabled }}
73
+      bind-address = ":{{ .Values.config.http.bind_address }}"
74
+      auth-enabled = {{ .Values.config.http.auth_enabled }}
75
+      log-enabled = {{ .Values.config.http.log_enabled }}
76
+      write-tracing = {{ .Values.config.http.write_tracing }}
77
+      pprof-enabled = {{ .Values.config.http.pprof_enabled }}
78
+      https-enabled = {{ .Values.config.http.https_enabled }}
79
+      https-certificate = "{{ .Values.config.http.https_certificate }}"
80
+      https-private-key = "{{ .Values.config.http.https_private_key }}"
81
+      max-row-limit = {{ .Values.config.http.max_row_limit | int64 }}
82
+      max-connection-limit = {{ .Values.config.http.max_connection_limit | int64 }}
83
+      shared-secret = "{{ .Values.config.http.shared_secret }}"
84
+      realm = "{{ .Values.config.http.realm }}"
85
+      unix-socket-enabled = {{ .Values.config.http.unix_socket_enabled }}
86
+      bind-socket = "{{ .Values.config.http.bind_socket }}"
87
+
88
+    # TODO: allow multiple graphite listeners with templates
89
+
90
+    [[graphite]]
91
+      enabled = {{ .Values.config.graphite.enabled }}
92
+      bind-address = ":{{ .Values.config.graphite.bind_address }}"
93
+      database = "{{ .Values.config.graphite.database }}"
94
+      retention-policy = "{{ .Values.config.graphite.retention_policy }}"
95
+      protocol = "{{ .Values.config.graphite.protocol }}"
96
+      batch-size = {{ .Values.config.graphite.batch_size | int64 }}
97
+      batch-pending = {{ .Values.config.graphite.batch_pending | int64 }}
98
+      batch-timeout = "{{ .Values.config.graphite.batch_timeout }}"
99
+      consistency-level = "{{ .Values.config.graphite.consistency_level }}"
100
+      separator = "{{ .Values.config.graphite.separator }}"
101
+      udp-read-buffer = {{ .Values.config.graphite.udp_read_buffer | int64 }}
102
+
103
+    # TODO: allow multiple collectd listeners with templates
104
+
105
+    [[collectd]]
106
+      enabled = {{ .Values.config.collectd.enabled }}
107
+      bind-address = ":{{ .Values.config.collectd.bind_address }}"
108
+      database = "{{ .Values.config.collectd.database }}"
109
+      retention-policy = "{{ .Values.config.collectd.retention_policy }}"
110
+      batch-size = {{ .Values.config.collectd.batch_size | int64 }}
111
+      batch-pending = {{ .Values.config.collectd.batch_pending | int64 }}
112
+      batch-timeout = "{{ .Values.config.collectd.batch_timeout }}"
113
+      read-buffer = {{ .Values.config.collectd.read_buffer | int64 }}
114
+      typesdb = "{{ .Values.config.collectd.typesdb }}"
115
+      security-level = "{{ .Values.config.collectd.security_level }}"
116
+      auth-file = "{{ .Values.config.collectd.auth_file }}"
117
+
118
+    # TODO: allow multiple opentsdb listeners with templates
119
+
120
+    [[opentsdb]]
121
+      enabled = {{ .Values.config.opentsdb.enabled }}
122
+      bind-address = ":{{ .Values.config.opentsdb.bind_address }}"
123
+      database = "{{ .Values.config.opentsdb.database }}"
124
+      retention-policy = "{{ .Values.config.opentsdb.retention_policy }}"
125
+      consistency-level = "{{ .Values.config.opentsdb.consistency_level }}"
126
+      tls-enabled = {{ .Values.config.opentsdb.tls_enabled }}
127
+      certificate = "{{ .Values.config.opentsdb.certificate }}"
128
+      batch-size = {{ .Values.config.opentsdb.batch_size | int64 }}
129
+      batch-pending = {{ .Values.config.opentsdb.batch_pending | int64 }}
130
+      batch-timeout = "{{ .Values.config.opentsdb.batch_timeout }}"
131
+      log-point-errors = {{ .Values.config.opentsdb.log_point_errors }}
132
+
133
+    # TODO: allow multiple udp listeners with templates
134
+
135
+    [[udp]]
136
+      enabled = {{ .Values.config.udp.enabled }}
137
+      bind-address = ":{{ .Values.config.udp.bind_address }}"
138
+      database = "{{ .Values.config.udp.database }}"
139
+      retention-policy = "{{ .Values.config.udp.retention_policy }}"
140
+      batch-size = {{ .Values.config.udp.batch_size | int64 }}
141
+      batch-pending = {{ .Values.config.udp.batch_pending | int64 }}
142
+      read-buffer = {{ .Values.config.udp.read_buffer | int64 }}
143
+      batch-timeout = "{{ .Values.config.udp.batch_timeout }}"
144
+      precision = "{{ .Values.config.udp.precision }}"
145
+
146
+    [continuous_queries]
147
+      log-enabled = {{ .Values.config.continuous_queries.log_enabled }}
148
+      enabled = {{ .Values.config.continuous_queries.enabled }}
149
+      run-interval = "{{ .Values.config.continuous_queries.run_interval }}"

+ 127
- 0
influxdb/templates/deployment.yaml View File

@@ -0,0 +1,127 @@
1
+apiVersion: extensions/v1beta1
2
+kind: Deployment
3
+metadata:
4
+  name: {{ template "influxdb.fullname" . }}
5
+  labels:
6
+    app: {{ template "influxdb.fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+spec:
11
+  replicas: 1
12
+  template:
13
+    metadata:
14
+      labels:
15
+        app: {{ template "influxdb.fullname" . }}
16
+      {{- if .Values.watcher.enabled }}
17
+      annotations:
18
+        prometheus.io/scrape: "true"
19
+        prometheus.io/port: "{{ .Values.watcher.port }}"
20
+        monasca.io/usek8slabels: "false"
21
+        monasca.io/whitelist: |
22
+          - influxdb_average_round_trip_time
23
+          - influxdb_dropped_message_count
24
+          - influxdb_max_round_trip_time
25
+          - influxdb_min_round_trip_time
26
+          - influxdb_read_failure_count
27
+          - influxdb_running_average_round_trip_time
28
+          - influxdb_watcher_status
29
+          - influxdb_write_failure_count
30
+          - go_memstats_heap_objects
31
+          - go_memstats_heap_inuse_bytes
32
+      {{- end }}
33
+    spec:
34
+      containers:
35
+      - name: {{ template "influxdb.fullname" . }}
36
+        image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
37
+        imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
38
+        resources:
39
+{{ toYaml .Values.resources | indent 10 }}
40
+        ports:
41
+        - name: api
42
+          containerPort: {{ .Values.config.http.bind_address }}
43
+        {{ if .Values.config.admin.enabled -}}
44
+        - name: admin
45
+          containerPort: {{ .Values.config.admin.bind_address }}
46
+        {{- end }}
47
+        {{ if .Values.config.graphite.enabled -}}
48
+        - name: graphite
49
+          containerPort: {{ .Values.config.graphite.bind_address }}
50
+        {{- end }}
51
+        {{ if .Values.config.collectd.enabled -}}
52
+        - name: collectd
53
+          containerPort: {{ .Values.config.collectd.bind_address }}
54
+        {{- end }}
55
+        {{ if .Values.config.udp.enabled -}}
56
+        - name: udp
57
+          containerPort: {{ .Values.config.udp.bind_address }}
58
+        {{- end }}
59
+        {{ if .Values.config.opentsdb.enabled -}}
60
+        - name: opentsdb
61
+          containerPort: {{ .Values.config.opentsdb.bind_address }}
62
+        {{- end }}
63
+        {{- if .Values.watcher.enabled }}
64
+        - name: metrics
65
+          containerPort: {{ .Values.watcher.port }}
66
+        {{- end }}
67
+        livenessProbe:
68
+          httpGet:
69
+            path: /ping
70
+            port: api
71
+          initialDelaySeconds: {{ .Values.liveness.initial_delay_seconds }}
72
+          timeoutSeconds: {{ .Values.liveness.timeout_seconds }}
73
+        readinessProbe:
74
+          httpGet:
75
+            path: /ping
76
+            port: api
77
+          initialDelaySeconds: {{ .Values.readiness.initial_delay_seconds }}
78
+          timeoutSeconds: {{ .Values.readiness.timeout_seconds }}
79
+        volumeMounts:
80
+        - name: data
81
+          mountPath: {{ .Values.config.storage_directory }}
82
+        - name: config
83
+          mountPath: /etc/influxdb
84
+      {{- if .Values.watcher.enabled }}
85
+      - name: watcher
86
+        image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
87
+        imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
88
+        resources:
89
+{{ toYaml .Values.watcher.resources | indent 12 }}
90
+        env:
91
+          - name: INFLUXDB_ADDRESS
92
+            value: {{ .Values.watcher.address | quote }}
93
+          - name: INFLUXDB_USERNAME
94
+            value: {{ .Values.watcher.username | quote }}
95
+          - name: INFLUXDB_PASSWORD
96
+            value: {{ .Values.watcher.password | quote }}
97
+          - name: INFLUXDB_DATABASE
98
+            value: {{ .Values.watcher.database | quote }}
99
+          - name: PROMETHEUS_ENDPOINT
100
+            value: "0.0.0.0:{{ .Values.watcher.port }}"
101
+          - name: WATCHER_PERIOD
102
+            value: {{ .Values.watcher.watcher_period | quote }}
103
+          - name: WATCHER_TIMEOUT
104
+            value: {{ .Values.watcher.watcher_timeout | quote }}
105
+          - name: STAY_ALIVE_ON_FAILURE
106
+            value: {{ .Values.watcher.stay_alive_on_failure | quote }}
107
+      {{- end }}
108
+      volumes:
109
+      - name: data
110
+      {{- if .Values.persistence.enabled }}
111
+        {{- if not (empty .Values.persistence.name) }}
112
+        persistentVolumeClaim:
113
+          claimName: {{ .Values.persistence.name }}
114
+        {{- else }}
115
+        persistentVolumeClaim:
116
+          claimName: {{ template "influxdb.fullname" . }}
117
+        {{- end }}
118
+      {{- else }}
119
+        emptyDir: {}
120
+      {{- end }}
121
+      - name: config
122
+        configMap:
123
+          name: {{ template "influxdb.fullname" . }}
124
+    {{- if .Values.nodeSelector }}
125
+      nodeSelector:
126
+{{ toYaml .Values.nodeSelector | indent 8 }}
127
+      {{- end -}}

+ 43
- 0
influxdb/templates/post-install-set-auth.yaml View File

@@ -0,0 +1,43 @@
1
+{{- if .Values.setDefaultUser.enabled -}}
2
+apiVersion: batch/v1
3
+kind: Job
4
+metadata:
5
+  labels:
6
+    app: {{ template "influxdb.fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+  name: {{ template "influxdb.fullname" . }}-set-auth
11
+  annotations:
12
+    "helm.sh/hook": post-install
13
+spec:
14
+  activeDeadlineSeconds: {{ .Values.setDefaultUser.activeDeadlineSeconds }}
15
+  template:
16
+    metadata:
17
+      labels:
18
+        app: {{ template "influxdb.fullname" . }}
19
+        release: "{{ .Release.Name }}"
20
+    spec:
21
+      containers:
22
+      - name: {{ template "influxdb.fullname" . }}-set-auth
23
+        image: "{{ .Values.setDefaultUser.image }}"
24
+        env:
25
+          - name: INFLUXDB_USER
26
+            valueFrom:
27
+              secretKeyRef:
28
+                name: {{ template "influxdb.fullname" . }}-auth
29
+                key: influxdb-user
30
+          - name: INFLUXDB_PASSWORD
31
+            valueFrom:
32
+              secretKeyRef:
33
+                name: {{ template "influxdb.fullname" . }}-auth
34
+                key: influxdb-password
35
+        args:
36
+          - "/bin/sh"
37
+          - "-c"
38
+          - |
39
+             curl -X POST http://{{ template "influxdb.fullname" . }}:{{ .Values.config.http.bind_address }}/query \
40
+             --data-urlencode \
41
+             "q=CREATE USER \"${INFLUXDB_USER}\" WITH PASSWORD '${INFLUXDB_PASSWORD}' {{ .Values.setDefaultUser.user.privileges }}"
42
+      restartPolicy: {{ .Values.setDefaultUser.restartPolicy }}
43
+{{- end -}}

+ 24
- 0
influxdb/templates/pvc.yaml View File

@@ -0,0 +1,24 @@
1
+{{- if and (.Values.persistence.enabled) (not .Values.persistence.useExisting) }}
2
+kind: PersistentVolumeClaim
3
+apiVersion: v1
4
+metadata:
5
+  name: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
6
+  labels:
7
+    app: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    release: "{{ .Release.Name }}"
10
+    heritage: "{{ .Release.Service }}"
11
+spec:
12
+  accessModes:
13
+    - {{ .Values.persistence.accessMode | quote }}
14
+  resources:
15
+    requests:
16
+      storage: {{ .Values.persistence.size | quote }}
17
+{{- if .Values.persistence.storageClass }}
18
+{{- if (eq "-" .Values.persistence.storageClass) }}
19
+  storageClassName: ""
20
+{{- else }}
21
+  storageClassName: "{{ .Values.persistence.storageClass }}"
22
+{{- end }}
23
+{{- end }}
24
+{{- end }}

+ 18
- 0
influxdb/templates/secret.yaml View File

@@ -0,0 +1,18 @@
1
+{{- if .Values.setDefaultUser.enabled -}}
2
+apiVersion: v1
3
+kind: Secret
4
+metadata:
5
+  labels:
6
+    app: {{ template "influxdb.fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    heritage: "{{ .Release.Service }}"
9
+    release: "{{ .Release.Name }}"
10
+  name: {{ template "influxdb.fullname" . }}-auth
11
+data:
12
+  {{- if .Values.setDefaultUser.user.password }}
13
+  influxdb-password:  {{ .Values.setDefaultUser.user.password | b64enc | quote }}
14
+  {{- else }}
15
+  influxdb-password: {{ randAscii 10 | b64enc | quote }}
16
+  {{- end }}
17
+  influxdb-user: {{ .Values.setDefaultUser.user.username | b64enc | quote }}
18
+{{- end -}}

+ 48
- 0
influxdb/templates/service.yaml View File

@@ -0,0 +1,48 @@
1
+apiVersion: v1
2
+kind: Service
3
+metadata:
4
+{{- if .Values.service.annotations }}
5
+  annotations:
6
+{{ toYaml .Values.service.annotations | indent 4 }}
7
+{{- end }}
8
+  name: {{ template "influxdb.fullname" . }}
9
+  labels:
10
+    app: {{ template "influxdb.fullname" . }}
11
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
12
+    release: "{{ .Release.Name }}"
13
+    heritage: "{{ .Release.Service }}"
14
+spec:
15
+  type: {{ .Values.service.type }}
16
+  ports:
17
+  {{- if .Values.config.http.enabled }}
18
+  - name: api
19
+    port: {{ .Values.config.http.bind_address }}
20
+    targetPort: {{ .Values.config.http.bind_address }}
21
+  {{- end }}
22
+  {{- if .Values.config.admin.enabled }}
23
+  - name: admin
24
+    port: {{ .Values.config.admin.bind_address }}
25
+    targetPort: {{ .Values.config.admin.bind_address }}
26
+  {{- end }}
27
+  {{- if .Values.config.graphite.enabled }}
28
+  - name: graphite
29
+    port: {{ .Values.config.graphite.bind_address }}
30
+    targetPort: {{ .Values.config.graphite.bind_address }}
31
+  {{- end }}
32
+  {{- if .Values.config.collectd.enabled }}
33
+  - name: collectd
34
+    port: {{ .Values.config.collectd.bind_address }}
35
+    targetPort: {{ .Values.config.collectd.bind_address }}
36
+  {{- end }}
37
+  {{- if .Values.config.udp.enabled }}
38
+  - name: udp
39
+    port: {{ .Values.config.udp.bind_address }}
40
+    targetPort: {{ .Values.config.udp.bind_address }}
41
+  {{- end }}
42
+  {{- if .Values.config.opentsdb.enabled }}
43
+  - name: opentsdb
44
+    port: {{ .Values.config.opentsdb.bind_address }}
45
+    targetPort: {{ .Values.config.opentsdb.bind_address }}
46
+  {{- end }}
47
+  selector:
48
+    app: {{ template "influxdb.fullname" . }}

+ 231
- 0
influxdb/values.yaml View File

@@ -0,0 +1,231 @@
1
+## influxdb image version
2
+## ref: https://hub.docker.com/r/library/influxdb/tags/
3
+image:
4
+  repo: "influxdb"
5
+  tag: "1.3-alpine"
6
+  pullPolicy: IfNotPresent
7
+
8
+## Specify a service type
9
+## NodePort is default
10
+## ref: http://kubernetes.io/docs/user-guide/services/
11
+##
12
+service:
13
+  ## Add annotations to service
14
+  # annotations: {}
15
+  type: ClusterIP
16
+
17
+## Persist data to a persistent volume
18
+##
19
+persistence:
20
+  enabled: false
21
+  ## If true will use an existing PVC instead of creating one
22
+  # useExisting: false
23
+  ## Name of existing PVC to be used in the influx deployment
24
+  # name:
25
+  ## influxdb data Persistent Volume Storage Class
26
+  ## If defined, storageClassName: <storageClass>
27
+  ## If set to "-", storageClassName: "", which disables dynamic provisioning
28
+  ## If undefined (the default) or set to null, no storageClassName spec is
29
+  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
30
+  ##   GKE, AWS & OpenStack)
31
+  ##
32
+  # storageClass: "-"
33
+  accessMode: ReadWriteOnce
34
+  size: 8Gi
35
+
36
+## Create default user through Kubernetes job
37
+## Defaults indicated below
38
+##
39
+setDefaultUser:
40
+  enabled: false
41
+
42
+  ## Image of the container used for job
43
+  ## Default: appropriate/curl:latest
44
+  ##
45
+  image: appropriate/curl:latest
46
+
47
+  ## Deadline for job so it does not retry forever.
48
+  ## Default: activeDeadline: 300
49
+  ##
50
+  activeDeadline: 300
51
+
52
+  ## Restart policy for job
53
+  ## Default: OnFailure
54
+  restartPolicy: OnFailure
55
+
56
+  user:
57
+
58
+    ## The user name
59
+    ## Default: "admin"
60
+    username: "admin"
61
+
62
+    ## User password
63
+    ## Default: (Randomly generated 10 characters of Ascii)
64
+    # password:
65
+
66
+    ## User privileges
67
+    ## Default: "WITH ALL PRIVILEGES"
68
+    privileges: "WITH ALL PRIVILEGES"
69
+
70
+## Configure resource requests and limits
71
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
72
+resources:
73
+  requests:
74
+    memory: 256Mi
75
+    cpu: 0.1
76
+  limits:
77
+    memory: 16Gi
78
+    cpu: 8
79
+
80
+## Node labels for pod assignment
81
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
82
+##
83
+nodeSelector: {}
84
+
85
+## Liveness and Readiness check settings
86
+liveness:
87
+  initial_delay_seconds: 30
88
+  timeout_seconds: 5
89
+readiness:
90
+  initial_delay_seconds: 30
91
+  timeout_seconds: 1
92
+
93
+## Change InfluxDB configuration paramaters below:
94
+## Defaults are indicated
95
+## ref: https://docs.influxdata.com/influxdb/v1.1/administration/config/
96
+config:
97
+  reporting_disabled: false
98
+  bind_address: 8088
99
+  storage_directory: /var/lib/influxdb
100
+  meta:
101
+    retention_autocreate: true
102
+    logging_enabled: true
103
+  data:
104
+    query_log_enabled: true
105
+    index_version: inmem
106
+    cache_max_memory_size: 1073741824
107
+    cache_snapshot_memory_size: 26214400
108
+    cache_snapshot_write_cold_duration: 10m0s
109
+    compact_full_write_cold_duration: 4h0m0s
110
+    max_series_per_database: 1000000
111
+    max_values_per_tag: 100000
112
+    trace_logging_enabled: false
113
+  coordinator:
114
+    write_timeout: 10s
115
+    max_concurrent_queries: 0
116
+    query_timeout: 0s
117
+    log_queries_after: 0s
118
+    max_select_point: 0
119
+    max_select_series: 0
120
+    max_select_buckets: 0
121
+  retention:
122
+    enabled: true
123
+    check_interval: 30m0s
124
+  shard_precreation:
125
+    enabled: true
126
+    check_interval: 10m0s
127
+    advance_period: 30m0s
128
+  admin:
129
+    enabled: false
130
+    bind_address: 8083
131
+    https_enabled: false
132
+    https_certificate: /etc/ssl/influxdb.pem
133
+  monitor:
134
+    store_enabled: true
135
+    store_database: _internal
136
+    store_interval: 10s
137
+  subscriber:
138
+    enabled: true
139
+    http_timeout: 30s
140
+    insecure_skip_verify: false
141
+    ca_certs: ""
142
+    write_concurrency: 40
143
+    write_buffer_size: 1000
144
+  http:
145
+    enabled: true
146
+    bind_address: 8086
147
+    auth_enabled: false
148
+    log_enabled: true
149
+    write_tracing: false
150
+    pprof_enabled: true
151
+    https_enabled: false
152
+    https_certificate: /etc/ssl/influxdb.pem
153
+    https_private_key: ""
154
+    max_row_limit: 10000
155
+    max_connection_limit: 0
156
+    shared_secret: "beetlejuicebeetlejuicebeetlejuice"
157
+    realm: InfluxDB
158
+    unix_socket_enabled: false
159
+    bind_socket: /var/run/influxdb.sock
160
+  graphite:
161
+    enabled: false
162
+    bind_address: 2003
163
+    database: graphite
164
+    retention_policy: autogen
165
+    protocol: tcp
166
+    batch_size: 5000
167
+    batch_pending: 10
168
+    batch_timeout: 1s
169
+    consistency_level: one
170
+    separator: .
171
+    udp_read_buffer: 0
172
+  collectd:
173
+    enabled: false
174
+    bind_address: 25826
175
+    database: collectd
176
+    retention_policy: autogen
177
+    batch_size: 5000
178
+    batch_pending: 10
179
+    batch_timeout: 10s
180
+    read_buffer: 0
181
+    typesdb: /usr/share/collectd/types.db
182
+    security_level: none
183
+    auth_file: /etc/collectd/auth_file
184
+  opentsdb:
185
+    enabled: false
186
+    bind_address: 4242
187
+    database: opentsdb
188
+    retention_policy: autogen
189
+    consistency_level: one
190
+    tls_enabled: false
191
+    certificate: /etc/ssl/influxdb.pem
192
+    batch_size: 1000
193
+    batch_pending: 5
194
+    batch_timeout: 1s
195
+    log_point_errors: true
196
+  udp:
197
+    enabled: false
198
+    bind_address: 8089
199
+    database: udp
200
+    retention_policy: autogen
201
+    batch_size: 5000
202
+    batch_pending: 10
203
+    read_buffer: 0
204
+    batch_timeout: 1s
205
+    precision: "ns"
206
+  continuous_queries:
207
+    log_enabled: true
208
+    enabled: true
209
+    run_interval: 1s
210
+
211
+watcher:
212
+  enabled: false
213
+  image:
214
+    repository: monasca/influxdb-watcher
215
+    tag: 0.0.2
216
+    pullPolicy: IfNotPresent
217
+  resources:
218
+    requests:
219
+      memory: 32Mi
220
+      cpu: 25m
221
+    limits:
222
+      memory: 64Mi
223
+      cpu: 50m
224
+  port: 8080
225
+  address: http://localhost:8086
226
+  username: influxdb_watcher
227
+  password: password
228
+  database: mon
229
+  watcher_period: 600
230
+  watcher_timeout: 60
231
+  stay_alive_on_failure: false

+ 21
- 0
kafka/.helmignore View File

@@ -0,0 +1,21 @@
1
+# Patterns to ignore when building packages.
2
+# This supports shell glob matching, relative path matching, and
3
+# negation (prefixed with !). Only one pattern per line.
4
+.DS_Store
5
+# Common VCS dirs
6
+.git/
7
+.gitignore
8
+.bzr/
9
+.bzrignore
10
+.hg/
11
+.hgignore
12
+.svn/
13
+# Common backup files
14
+*.swp
15
+*.bak
16
+*.tmp
17
+*~
18
+# Various IDEs
19
+.project
20
+.idea/
21
+*.tmproj

+ 4
- 0
kafka/Chart.yaml View File

@@ -0,0 +1,4 @@
1
+apiVersion: v1
2
+description: A Helm chart for Kafka
3
+name: kafka
4
+version: 0.4.3

+ 36
- 0
kafka/README.md View File

@@ -0,0 +1,36 @@
1
+### Kafka Configuration parameters
2
+
3
+Parameter | Description | Default
4
+--------- | ----------- | -------
5
+`image.repository` | Kafka container image repository | `monasca/kafka`
6
+`image.tag` | Kafka container image tag | `0.9.0.1-2.11-1.1.4`
7
+`image.pullPolicy` | Kafka container image pull policy | `IfNotPresent`
8
+`resources.requests.memory` | Memory request per kafka pod | `1Gi`
9
+`resources.requests.cpu` | CPU request per kafka pod | `250m`
10
+`resources.limits.memory` | Memory limit per kafka pod | `2Gi`
11
+`resources.limits.cpu` | Memory limit per kafka pod | `2000m`
12
+`persistence.storageClass` | Kafka storage class | `default`
13
+`persistence.enabled` | Kafka persistent storage enabled flag | `false`
14
+`persistence.accessMode` | Kafka persistent storage accessMode | `ReadWriteOnce`
15
+`persistence.size` | Kafka persistent storage size | `10Gi`
16
+`topic_config` | Default config args for created topics  | `segment.ms=900000`
17
+`service.port` | Kafka service port | `9092`
18
+`service.type` | Kafka service type | `ClusterIP`
19
+`exporter.enabled` | Kafka exporter enabled flag | `false`
20
+`exporter.image.repository` | Kafka exporter container image repository | `rbrndt/kafka-prometheus`
21
+`exporter.image.tag` | Kafka exporter container image tag | `latest`
22
+`exporter.image.pullPolicy` | Kafka exporter container image pull policy | `IfNotPresent`
23
+`exporter.port` | Kafka exporter port to expose Promethues metrics on | `7204`
24
+`stack_size` | JVM stack size | `1024k`
25
+`memory_ratio` | Ratio of memory to reserve for the JVM out of cgroup limit | `.85`
26
+`stay_alive_on_failure` | If `true`, container stays alive for 2 hours after kafka exits | `false`
27
+`watcher.enabled` | Kafka watcher enabled flag | `false`
28
+`watcher.image.repository` | Kafka watcher container image repository | `monasca/kafka-watcher`
29
+`watcher.image.tag` | Kafka watcher container image tag | `latest`
30
+`watcher.image.pullPolicy` | Kafka watcher container image pull policy | `IfNotPresent`
31
+`watcher.health_check_topic` | Kafka watcher health check topic | `kafka-health-check`
32
+`watcher.group_id` | Kafka watcher consumer group id | `kafka_watcher`
33
+`watcher.watcher_period` | Kafka watcher period | `600`
34
+`watcher.watcher_timeout` | Kafka watcher read/write timeout | `60`
35
+`watcher.stay_alive_on_failure` | If `true`, watcher container stays alive for 2 hours after watcher exits | `false`
36
+`watcher.port` | Kafka watcher port to expose Promethues metrics on | `8080`

+ 25
- 0
kafka/templates/_helpers.tpl View File

@@ -0,0 +1,25 @@
1
+{{/* vim: set filetype=mustache: */}}
2
+{{/*
3
+Expand the name of the chart.
4
+*/}}
5
+{{- define "name" -}}
6
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7
+{{- end -}}
8
+
9
+{{/*
10
+Create a default fully qualified app name.
11
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12
+*/}}
13
+{{- define "fullname" -}}
14
+{{- $name := default .Chart.Name .Values.nameOverride -}}
15
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16
+{{- end -}}
17
+
18
+{{/*
19
+Create a fully qualified cleanup name.
20
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
21
+*/}}
22
+{{- define "kafka.cleanup.fullname" -}}
23
+{{- $name := default .Chart.Name .Values.nameOverride -}}
24
+{{- printf "%s-%s-%s" .Release.Name $name "cleanup" | trunc 63 | trimSuffix "-" -}}
25
+{{- end -}}

+ 47
- 0
kafka/templates/cleanup-hook.yaml View File

@@ -0,0 +1,47 @@
1
+apiVersion: batch/v1
2
+kind: Job
3
+metadata:
4
+  # while not recommended, we add a random sequence to the end of the job name
5
+  # this job will attempt to delete itself when finished, but should it fail for
6
+  # some reason we don't want future upgrades to fail because of a name conflict
7
+  # (plus the future runs of this job will delete any previous iterations that
8
+  # failed to clean themselves up)
9
+  name: "{{ template "kafka.cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
10
+  labels:
11
+    app: {{ template "fullname" . }}
12
+    component: "{{ .Values.cleanup.name }}"
13
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
14
+    release: "{{ .Release.Name }}"
15
+    heritage: "{{ .Release.Service }}"
16
+  annotations:
17
+    "helm.sh/hook": pre-upgrade,post-delete
18
+    "helm.sh/hook-weight": "-5"
19
+spec:
20
+  template:
21
+    metadata:
22
+      labels:
23
+        app: {{ template "fullname" . }}
24
+        component: "{{ .Values.cleanup.name }}"
25
+        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
26
+        release: "{{ .Release.Name }}"
27
+        heritage: "{{ .Release.Service }}"
28
+    spec:
29
+      restartPolicy: OnFailure
30
+      containers:
31
+        - name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
32
+          image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
33
+          imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
34
+          resources:
35
+{{ toYaml .Values.cleanup.resources | indent 12 }}
36
+          env:
37
+            - name: "WAIT_RETRIES"
38
+              value: "{{ .Values.cleanup.wait.retries }}"
39
+            - name: "WAIT_DELAY"
40
+              value: "{{ .Values.cleanup.wait.delay }}"
41
+            - name: "WAIT_TIMEOUT"
42
+              value: "{{ .Values.cleanup.wait.timeout }}"
43
+      {{- if .Values.cleanup.serviceAccount }}
44
+      serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
45
+      {{- else if .Values.rbac.create }}
46
+      serviceAccountName: "{{ template "kafka.cleanup.fullname" . }}"
47
+      {{- end }}

+ 25
- 0
kafka/templates/cleanup-role.yaml View File

@@ -0,0 +1,25 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: Role
10
+metadata:
11
+  name: {{ template "kafka.cleanup.fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.cleanup.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+rules:
19
+  - apiGroups: [""]
20
+    resources: ["pods"]
21
+    verbs: ["get", "list", "delete", "patch"]
22
+  - apiGroups: ["batch"]
23
+    resources: ["jobs"]
24
+    verbs: ["get", "list", "delete"]
25
+{{- end }}

+ 26
- 0
kafka/templates/cleanup-rolebinding.yaml View File

@@ -0,0 +1,26 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: RoleBinding
10
+metadata:
11
+  name: {{ template "kafka.cleanup.fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.cleanup.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+subjects:
19
+  - kind: ServiceAccount
20
+    name: {{ template "kafka.cleanup.fullname" . }}
21
+    namespace: "{{ .Release.Namespace }}"
22
+roleRef:
23
+  kind: Role
24
+  name: {{ template "kafka.cleanup.fullname" . }}
25
+  apiGroup: rbac.authorization.k8s.io
26
+{{- end }}

+ 12
- 0
kafka/templates/cleanup-serviceaccount.yaml View File

@@ -0,0 +1,12 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+apiVersion: v1
3
+kind: ServiceAccount
4
+metadata:
5
+  name: {{ template "kafka.cleanup.fullname" . }}
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9
+    component: "{{ .Values.cleanup.name }}"
10
+    heritage: {{ .Release.Service }}
11
+    release: {{ .Release.Name }}
12
+{{- end }}

+ 124
- 0
kafka/templates/deployment.yaml View File

@@ -0,0 +1,124 @@
1
+apiVersion: extensions/v1beta1
2
+kind: Deployment
3
+metadata:
4
+  name: {{ template "fullname" . }}
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+    component: kafka
11
+spec:
12
+  replicas: 1
13
+  template:
14
+    metadata:
15
+      labels:
16
+        app: {{ template "fullname" . }}
17
+      {{- if .Values.watcher.enabled }}
18
+      annotations:
19
+        prometheus.io/scrape: "true"
20
+        prometheus.io/port: "{{ .Values.watcher.port }}"
21
+        monasca.io/usek8slabels: "false"
22
+        monasca.io/whitelist: |
23
+          - kafka_dropped_message_count
24
+          - kafka_max_round_trip_time
25
+          - kafka_min_round_trip_time
26
+          - kafka_read_failure_count
27
+          - kafka_watcher_status
28
+          - kafka_write_failure_count
29
+          - go_memstats_heap_objects
30
+          - go_memstats_heap_inuse_bytes
31
+      {{- end }}
32
+    spec:
33
+      containers:
34
+        - name: {{ .Chart.Name }}
35
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
36
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
37
+          resources:
38
+{{ toYaml .Values.resources | indent 12 }}
39
+          ports:
40
+            - name: kafka
41
+              containerPort: 9092
42
+          volumeMounts:
43
+            - name: kafka
44
+              mountPath: /data
45
+          env:
46
+            - name: KAFKA_DELETE_TOPIC_ENABLE
47
+              value: "true"
48
+            - name: KAFKA_AUTO_CREATE_TOPICS
49
+              value: "false"
50
+            - name: KAFKA_JMX
51
+              value: "true"
52
+            - name: JVM_MAX_RATIO
53
+              value: {{ .Values.memory_ratio | quote }}
54
+            - name: KAFKA_STACK_SIZE
55
+              value: {{ .Values.stack_size | quote }}
56
+            - name: ZOOKEEPER_CONNECTION_STRING
57
+            {{- if .Values.zookeeper.overrideUri }}
58
+              value: "{{ .Values.zookeeper.overrideUri }}"
59
+            {{- else }}
60
+              value: {{ .Release.Name }}-zookeeper:2181
61
+            {{- end }}
62
+            - name: STAY_ALIVE_ON_FAILURE
63
+              value: {{ .Values.stay_alive_on_failure | quote }}
64
+        {{- if .Values.exporter.enabled }}
65
+        - name: {{ .Chart.Name }}-exporter
66
+          image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
67
+          imagePullPolicy: {{ .Values.exporter.image.pullPolicy }}
68
+          ports:
69
+            - name: exporter
70
+              containerPort: {{ .Values.exporter.port }}
71
+          volumeMounts:
72
+            - name: kafka-exporter
73
+              mountPath: /prometheus-config
74
+         {{- end }}
75
+        {{- if .Values.watcher.enabled }}
76
+        - name: watcher
77
+          image: "{{ .Values.watcher.image.repository }}:{{ .Values.watcher.image.tag }}"
78
+          imagePullPolicy: {{ .Values.watcher.image.pullPolicy }}
79
+          resources:
80
+{{ toYaml .Values.watcher.resources | indent 12 }}
81
+          env:
82
+            - name: HEALTH_CHECK_TOPIC
83
+              value: {{ .Values.watcher.health_check_topic | quote }}
84
+            - name: BOOT_STRAP_SERVERS
85
+              value: "localhost:9092"
86
+            - name: GROUP_ID
87
+              value: {{ .Values.watcher.group_id | quote }}
88
+            - name: PROMETHEUS_ENDPOINT
89
+              value: "0.0.0.0:{{ .Values.watcher.port }}"
90
+            - name: WATCHER_PERIOD
91
+              value: {{ .Values.watcher.watcher_period | quote }}
92
+            - name: WATCHER_TIMEOUT
93
+              value: {{ .Values.watcher.watcher_timeout | quote }}
94
+            - name: STAY_ALIVE_ON_FAILURE
95
+              value: {{ .Values.watcher.stay_alive_on_failure | quote }}
96
+          ports:
97
+            - name: metrics
98
+              containerPort: {{ .Values.watcher.port }}
99
+         {{- end }}
100
+      volumes:
101
+        - name: kafka
102
+        {{- if .Values.persistence.enabled }}
103
+          persistentVolumeClaim:
104
+            claimName: {{ template "fullname" . }}
105
+        {{- else }}
106
+          emptyDir: {}
107
+        {{- end -}}
108
+        {{- if .Values.exporter.enabled }}
109
+        - name: kafka-exporter
110
+          configMap:
111
+            name: {{ template "fullname" . }}-exporter
112
+        {{- end }}
113
+      affinity:
114
+        podAntiAffinity:
115
+          preferredDuringSchedulingIgnoredDuringExecution:
116
+            - weight: 1
117
+              podAffinityTerm:
118
+                labelSelector:
119
+                  matchExpressions:
120
+                    - key: app
121
+                      operator: In
122
+                      values:
123
+                        - "{{ .Release.Name }}-influxdb"
124
+                topologyKey: "kubernetes.io/hostname"

+ 50
- 0
kafka/templates/exporter-configmap.yaml View File

@@ -0,0 +1,50 @@
1
+{{- if .Values.exporter.enabled }}
2
+apiVersion: v1
3
+kind: ConfigMap
4
+metadata:
5
+  name: {{ template "fullname" . }}-exporter
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    release: "{{ .Release.Name }}"
10
+    heritage: "{{ .Release.Service }}"
11
+data:
12
+  kafka-config.yml: |
13
+    ---
14
+    jmxUrl: service:jmx:rmi:///jndi/rmi://localhost:7203/jmxrmi
15
+
16
+    lowercaseOutputName: true
17
+    rules:
18
+    - pattern: '"kafka.controller"<type="(KafkaController)", name="(OfflinePartitionsCount|ActiveControllerCount)"><>(Value)'
19
+      name: kafka_controller_$1_$2
20
+    - pattern: '"kafka.server"<type="(ReplicaManager)", name="(UnderReplicatedPartitions)"><>(Value)'
21
+      name: kafka_server_$1_$2
22
+    # This metric doesn't appear to be available in 0.8.1.1
23
+    #- pattern: '"kafka.server"<type="(KafkaServer)", name="(BrokerState)"><>(Value)'
24
+    #  name: kafka_server_$2
25
+    - pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="AllTopics(Bytes|Messages)(In|Out)PerSec"><>(Count)'
26
+      name: kafka_server_$1_$2_$3_total
27
+      labels:
28
+        topic: all_topics
29
+    - pattern: '"kafka.server"<type="(BrokerTopicMetrics)", name="(.+)-(Bytes|Messages)(In|Out)PerSec"><>(Count)'
30
+      name: kafka_server_$1_$3_$4_total
31
+      labels:
32
+        topic: $2
33
+    - pattern: '"kafka.network"<type="(RequestMetrics)", name="Fetch-(Consumer|Follower)-TotalTimeMs"><>(Count)'
34
+      name: kafka_network_$1_fetch_$2_total_ms
35
+    - pattern: '"kafka.network"<type="(RequestMetrics)", name="Produce-(Local|Remote|Total|ResponseQueue)TimeMs"><>(Count)'
36
+      name: kafka_network_$1_produce_$2_ms
37
+    # These metric doesn't appear to be available in 0.8.1.1
38
+    #- pattern: '"kafka.server"<type="(KafkaRequestHandlerPool)", name="(RequestHandlerAvgIdlePercent)"><>(Count)'
39
+    #  name: kafka_server_$1_$2
40
+    #- pattern: "kafka.network"<type="(SocketServer)", name="(NetworkProcessorAvgIdlePercent)"><>(Value)'
41
+    #  name: kafa_network_$1_$2
42
+    - pattern: '"kafka.controller"<type="(ControllerStats)", name="(UncleanLeaderElectionsPerSec|LeaderElectionRateAndTimeMs)"><>(Count)'
43
+      name: kafka_controller_$1_$2
44
+    - pattern: '"kafka.server"<type="(ReplicaFetcherManager)", name="(Replica)-(MaxLag)"><>(Value)'
45
+      name: kafka_server_$1_$3
46
+      labels:
47
+        topic: $2
48
+    - pattern: '"kafka.server"<type="(ReplicaManager)", name="Isr(Expands|Shrinks)PerSec"><>(Count)'
49
+      name: kafka_server_$1_isr_$2_per_sec
50
+{{- end }}

+ 49
- 0
kafka/templates/init-job.yaml View File

@@ -0,0 +1,49 @@
1
+{{- if .Values.init.enabled }}
2
+apiVersion: batch/v1
3
+kind: Job
4
+metadata:
5
+  name: {{ template "fullname" . }}-init-job
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    component: "kafka-init-job"
10
+    release: "{{ .Release.Name }}"
11
+    heritage: "{{ .Release.Service }}"
12
+spec:
13
+  template:
14
+    metadata:
15
+      labels:
16
+        app: {{ template "fullname" . }}
17
+        component: kafka-init-job
18
+    spec:
19
+      restartPolicy: OnFailure
20
+      containers:
21
+        - name: kafka-init-job
22
+          image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
23
+          imagePullPolicy: {{ .Values.init.image.pullPolicy }}
24
+          resources:
25
+{{ toYaml .Values.init.resources | indent 12 }}
26
+          env:
27
+            - name: KAFKA_HOST
28
+              value: "{{ template "fullname" . }}:9092"
29
+            - name: ZOOKEEPER_CONNECTION_STRING
30
+            {{- if .Values.zookeeper.overrideUri }}
31
+              value: "{{ .Values.zookeeper.overrideUri }}"
32
+            {{- else }}
33
+              value: {{ .Release.Name }}-zookeeper:2181
34
+            {{- end }}
35
+            - name: KAFKA_DELETE_TOPIC_ENABLE
36
+              value: "true"
37
+            - name: KAFKA_AUTO_CREATE_TOPICS
38
+              value: "false"
39
+            - name: JVM_MAX_HEAP_RATIO
40
+              value: {{ .Values.heap_ratio | quote }}
41
+            - name: KAFKA_STACK_SIZE
42
+              value: {{ .Values.stack_size | quote }}
43
+            {{- if .Values.init.topicConfig }}
44
+            - name: KAFKA_TOPIC_CONFIG
45
+              value: {{ .Values.init.topicConfig | quote }}
46
+            {{- end }}
47
+            - name: KAFKA_CREATE_TOPICS
48
+              value: {{ .Values.init.topics | join "," | quote }}
49
+{{- end }}

+ 18
- 0
kafka/templates/pvc.yaml View File

@@ -0,0 +1,18 @@
1
+{{- if .Values.persistence.enabled }}
2
+apiVersion: v1
3
+kind: PersistentVolumeClaim
4
+metadata:
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    heritage: "{{ .Release.Service }}"
9
+    release: "{{ .Release.Name }}"
10
+  name: {{ template "fullname" . }}
11
+spec:
12
+  accessModes:
13
+    - {{ .Values.persistence.accessMode | quote }}
14
+  storageClassName: {{ .Values.persistence.storageClass | quote }}
15
+  resources:
16
+    requests:
17
+      storage: {{ .Values.persistence.size | quote }}
18
+{{- end }}

+ 19
- 0
kafka/templates/static-svc.yaml View File

@@ -0,0 +1,19 @@
1
+{{- if .Values.static_service.enabled }}
2
+apiVersion: v1
3
+kind: Service
4
+metadata:
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    heritage: "{{ .Release.Service }}"
9
+    release: "{{ .Release.Name }}"
10
+  name: {{ .Values.static_service.name }}
11
+spec:
12
+  type: {{ .Values.static_service.type }}
13
+  ports:
14
+    - name: kafka
15
+      port: {{ .Values.static_service.port }}
16
+      targetPort: kafka
17
+  selector:
18
+    app: {{ template "fullname" . }}
19
+{{- end }}

+ 17
- 0
kafka/templates/svc.yaml View File

@@ -0,0 +1,17 @@
1
+apiVersion: v1
2
+kind: Service
3
+metadata:
4
+  labels:
5
+    app: {{ template "fullname" . }}
6
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
7
+    heritage: "{{ .Release.Service }}"
8
+    release: "{{ .Release.Name }}"
9
+  name: {{ template "fullname" . }}
10
+spec:
11
+  type: {{ .Values.service.type }}
12
+  ports:
13
+    - name: kafka
14
+      port: {{ .Values.service.port }}
15
+      targetPort: kafka
16
+  selector:
17
+    app: {{ template "fullname" . }}

+ 93
- 0
kafka/values.yaml View File

@@ -0,0 +1,93 @@
1
+exporter:
2
+  enabled: false
3
+  image:
4
+    repository: rbrndt/kafka-prometheus
5
+    tag: latest
6
+    pullPolicy: IfNotPresent
7
+  port: 7204
8
+watcher:
9
+  enabled: false
10
+  image:
11
+    repository: monasca/kafka-watcher
12
+    tag: 0.0.4
13
+    pullPolicy: IfNotPresent
14
+  resources:
15
+    requests:
16
+      memory: 32Mi
17
+      cpu: 25m
18
+    limits:
19
+      memory: 64Mi
20
+      cpu: 50m
21
+  port: 8080
22
+  health_check_topic: kafka-health-check
23
+  group_id: kafka_watcher
24
+  watcher_period: 600
25
+  watcher_timeout: 60
26
+  stay_alive_on_failure: false
27
+image:
28
+  repository: monasca/kafka
29
+  tag: 0.9.0.1-2.11-1.1.6
30
+  pullPolicy: IfNotPresent
31
+service:
32
+  type: ClusterIP
33
+  port: 9092
34
+resources:
35
+  requests:
36
+    memory: 1Gi
37
+    cpu: 250m
38
+  limits:
39
+    memory: 2Gi
40
+    cpu: 2000m
41
+persistence:
42
+  storageClass: default
43
+  enabled: false
44
+  accessMode: ReadWriteOnce
45
+  size: 10Gi
46
+memory_ratio: .85
47
+stack_size: 1024k
48
+stay_alive_on_failure: false
49
+init:
50
+  enabled: true
51
+  image:
52
+    repository: monasca/kafka-init
53
+    tag: 0.0.3
54
+    pullPolicy: IfNotPresent
55
+  resources:
56
+    requests:
57
+      memory: 128Mi
58
+      cpu: 200m
59
+    limits:
60
+      memory: 256Mi
61
+      cpu: 250m
62
+  topicConfig: ''
63
+  topics: []
64
+static_service:
65
+  enabled: false
66
+  type: ClusterIP
67
+  name: kafka
68
+  port: 9092
69
+
70
+zookeeper:
71
+  overrideUri: ''
72
+
73
+cleanup:
74
+  name: cleanup
75
+  serviceAccount: ''
76
+  image:
77
+    repository: monasca/job-cleanup
78
+    tag: 1.2.1
79
+    pullPolicy: IfNotPresent
80
+  resources:
81
+    requests:
82
+      memory: 64Mi
83
+      cpu: 50m
84
+    limits:
85
+      memory: 128Mi
86
+      cpu: 100m
87
+  wait:
88
+    retries: "24"
89
+    delay: "5.0"
90
+    timeout: "10"
91
+
92
+rbac:
93
+  create: false

+ 21
- 0
keystone-init/.helmignore View File

@@ -0,0 +1,21 @@
1
+# Patterns to ignore when building packages.
2
+# This supports shell glob matching, relative path matching, and
3
+# negation (prefixed with !). Only one pattern per line.
4
+.DS_Store
5
+# Common VCS dirs
6
+.git/
7
+.gitignore
8
+.bzr/
9
+.bzrignore
10
+.hg/
11
+.hgignore
12
+.svn/
13
+# Common backup files
14
+*.swp
15
+*.bak
16
+*.tmp
17
+*~
18
+# Various IDEs
19
+.project
20
+.idea/
21
+*.tmproj

+ 4
- 0
keystone-init/Chart.yaml View File

@@ -0,0 +1,4 @@
1
+apiVersion: v1
2
+description: Chart to initialize users in Keystone
3
+name: keystone-init
4
+version: 0.4.0

+ 0
- 0
keystone-init/templates/NOTES.txt View File


+ 24
- 0
keystone-init/templates/_helpers.tpl View File

@@ -0,0 +1,24 @@
1
+{{/* vim: set filetype=mustache: */}}
2
+{{/*
3
+Expand the name of the chart.
4
+*/}}
5
+{{- define "name" -}}
6
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7
+{{- end -}}
8
+
9
+{{/*
10
+Create a default fully qualified app name.
11
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12
+*/}}
13
+{{- define "fullname" -}}
14
+{{- $name := default .Chart.Name .Values.nameOverride -}}
15
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16
+{{- end -}}
17
+
18
+{{/*
19
+Create a fully qualified cleanup name.
20
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
21
+*/}}
22
+{{- define "cleanup.fullname" -}}
23
+{{- printf "%s-%s" .Release.Name "cleanup" | trunc 63 -}}
24
+{{- end -}}

+ 150
- 0
keystone-init/templates/_keystone_env.tpl View File

@@ -0,0 +1,150 @@
1
+{{- /*
2
+Read a single optional secret or string from values into an `env` `value:` or
3
+`valueFrom:`, depending on the user-defined content of the value.
4
+
5
+Example:
6
+  - name: OS_AUTH_URL
7
+    {{ template "keystone_init_secret_env" .Values.auth.url }}
8
+
9
+Note that unlike keystone_init_keystone_env, secret_key can not have any default
10
+values.
11
+
12
+Make sure to change the name of this template when copying to keep it unique,
13
+e.g. chart_name_secret_env.
14
+*/}}
15
+{{- define "keystone_init_secret_env" -}}
16
+{{- if eq (kindOf .) "map" -}}
17
+  valueFrom:
18
+    secretKeyRef:
19
+      name: "{{ .secret_name }}"
20
+      key: "{{ .secret_key }}"
21
+{{- else -}}
22
+  value: "{{ . }}"
23
+{{- end -}}
24
+{{- end -}}
25
+
26
+{{- /*
27
+Generate a list of environment vars for Keystone Auth
28
+
29
+Example:
30
+  env:
31
+{{ include "keystone_init_keystone_env" .Values.my_pod.auth | indent 4 }}
32
+
33
+(indent level should be adjusted as necessary)
34
+
35
+Make sure to change the name of this template when copying to keep it unique,
36
+e.g. chart_name_keystone_env.
37
+
38
+Note that keystone_init_secret_env is not used here because we want to provide
39
+default key names.
40
+*/}}
41
+{{- define "keystone_init_keystone_env" -}}
42
+- name: OS_AUTH_URL
43
+{{- if eq (kindOf .url) "map" }}
44
+  valueFrom:
45
+    secretKeyRef:
46
+      name: "{{ .url.secret_name }}"
47
+      key: "{{ .url.secret_key | default "OS_AUTH_URL" }}"
48
+{{- else }}
49
+  value: "{{ .url }}"
50
+{{- end }}
51
+{{- if .admin_url }}
52
+- name: OS_ADMIN_URL
53
+{{- if eq (kindOf .admin_url) "map" }}
54
+  valueFrom:
55
+    secretKeyRef:
56
+      name: "{{ .admin_url.secret_name }}"
57
+      key: "{{ .admin_url.secret_key | default "OS_ADMIN_URL" }}"
58
+{{- else }}
59
+  value: "{{ .admin_url }}"
60
+{{- end }}
61
+{{- end }}
62
+{{- if .api_version }}
63
+- name: OS_IDENTITY_API_VERSION
64
+  value: "{{ .api_version }}"
65
+{{- end }}
66
+- name: OS_USERNAME
67
+{{- if eq (kindOf .username) "map" }}
68
+  valueFrom:
69
+    secretKeyRef:
70
+      name: "{{ .username.secret_name }}"
71
+      key: "{{ .username.secret_key | default "OS_USERNAME" }}"
72
+{{- else }}
73
+  value: "{{ .username }}"
74
+{{- end }}
75
+- name: OS_PASSWORD
76
+{{- if eq (kindOf .password) "map" }}
77
+  valueFrom:
78
+    secretKeyRef:
79
+      name: "{{ .password.secret_name }}"
80
+      key: "{{ .password.secret_key | default "OS_PASSWORD" }}"
81
+{{- else }}
82
+  value: "{{ .password }}"
83
+{{- end }}
84
+{{- if .user_domain_name }}
85
+- name: OS_USER_DOMAIN_NAME
86
+{{- if eq (kindOf .user_domain_name) "map" }}
87
+  valueFrom:
88
+    secretKeyRef:
89
+      name: "{{ .user_domain_name.secret_name }}"
90
+      key: "{{ .user_domain_name.secret_key | default "OS_USER_DOMAIN_NAME" }}"
91
+{{- else }}
92
+  value: "{{ .user_domain_name }}"
93
+{{- end }}
94
+{{- end }}
95
+{{- if .project_name }}
96
+- name: OS_PROJECT_NAME
97
+{{- if eq (kindOf .project_name) "map" }}
98
+  valueFrom:
99
+    secretKeyRef:
100
+      name: "{{ .project_name.secret_name }}"
101
+      key: "{{ .project_name.secret_key | default "OS_PROJECT_NAME" }}"
102
+{{- else }}
103
+  value: "{{ .project_name }}"
104
+{{- end }}
105
+{{- end }}
106
+{{- if .project_domain_name }}
107
+- name: OS_PROJECT_DOMAIN_NAME
108
+{{- if eq (kindOf .project_domain_name) "map" }}
109
+  valueFrom:
110
+    secretKeyRef:
111
+      name: "{{ .project_domain_name.secret_name }}"
112
+      key: "{{ .project_domain_name.secret_key | default "OS_PROJECT_DOMAIN_NAME" }}"
113
+{{- else }}
114
+  value: "{{ .project_domain_name }}"
115
+{{- end }}
116
+{{- end }}
117
+{{- if .tenant_name }}
118
+- name: OS_TENANT_NAME
119
+{{- if eq (kindOf .tenant_name) "map" }}
120
+  valueFrom:
121
+    secretKeyRef:
122
+      name: "{{ .tenant_name.secret_name }}"
123
+      key: "{{ .tenant_name.secret_key | default "OS_TENANT_NAME" }}"
124
+{{- else }}
125
+  value: "{{ .tenant_name }}"
126
+{{- end }}
127
+{{- end }}
128
+{{- if .tenant_id }}
129
+- name: OS_TENANT_ID
130
+{{- if eq (kindOf .tenant_id) "map" }}
131
+  valueFrom:
132
+    secretKeyRef:
133
+      name: "{{ .tenant_id.secret_name }}"
134
+      key: "{{ .tenant_id.secret_key | default "OS_TENANT_ID" }}"
135
+{{- else }}
136
+  value: "{{ .tenant_id }}"
137
+{{- end }}
138
+{{- end }}
139
+{{- if .region_name }}
140
+- name: OS_REGION_NAME
141
+{{- if eq (kindOf .region_name) "map" }}
142
+  valueFrom:
143
+    secretKeyRef:
144
+      name: "{{ .region_name.secret_name }}"
145
+      key: "{{ .region_name.secret_key | default "OS_REGION_NAME" }}"
146
+{{- else }}
147
+  value: "{{ .region_name }}"
148
+{{- end }}
149
+{{- end }}
150
+{{- end -}}

+ 47
- 0
keystone-init/templates/cleanup-hook.yaml View File

@@ -0,0 +1,47 @@
1
+apiVersion: batch/v1
2
+kind: Job
3
+metadata:
4
+  # while not recommended, we add a random sequence to the end of the job name
5
+  # this job will attempt to delete itself when finished, but should it fail for
6
+  # some reason we don't want future upgrades to fail because of a name conflict
7
+  # (plus the future runs of this job will delete any previous iterations that
8
+  # failed to clean themselves up)
9
+  name: "{{ template "cleanup.fullname" . }}-job-{{ randAlphaNum 5 | lower }}"
10
+  labels:
11
+    app: {{ template "fullname" . }}
12
+    component: "{{ .Values.cleanup.name }}"
13
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
14
+    release: "{{ .Release.Name }}"
15
+    heritage: "{{ .Release.Service }}"
16
+  annotations:
17
+    "helm.sh/hook": pre-upgrade,post-delete
18
+    "helm.sh/hook-weight": "-5"
19
+spec:
20
+  template:
21
+    metadata:
22
+      labels:
23
+        app: {{ template "fullname" . }}
24
+        component: "{{ .Values.cleanup.name }}"
25
+        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
26
+        release: "{{ .Release.Name }}"
27
+        heritage: "{{ .Release.Service }}"
28
+    spec:
29
+      restartPolicy: OnFailure
30
+      containers:
31
+        - name: {{ template "name" . }}-{{ .Values.cleanup.name }}-job
32
+          image: "{{ .Values.cleanup.image.repository }}:{{ .Values.cleanup.image.tag }}"
33
+          imagePullPolicy: {{ .Values.cleanup.image.pullPolicy }}
34
+          resources:
35
+{{ toYaml .Values.cleanup.resources | indent 12 }}
36
+          env:
37
+            - name: "WAIT_RETRIES"
38
+              value: "{{ .Values.cleanup.wait.retries }}"
39
+            - name: "WAIT_DELAY"
40
+              value: "{{ .Values.cleanup.wait.delay }}"
41
+            - name: "WAIT_TIMEOUT"
42
+              value: "{{ .Values.cleanup.wait.timeout }}"
43
+      {{- if .Values.cleanup.serviceAccount }}
44
+      serviceAccountName: {{ .Values.cleanup.serviceAccount | quote }}
45
+      {{- else if .Values.rbac.create }}
46
+      serviceAccountName: "{{ template "cleanup.fullname" . }}"
47
+      {{- end }}

+ 25
- 0
keystone-init/templates/cleanup-role.yaml View File

@@ -0,0 +1,25 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: Role
10
+metadata:
11
+  name: {{ template "cleanup.fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.cleanup.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+rules:
19
+  - apiGroups: [""]
20
+    resources: ["pods"]
21
+    verbs: ["get", "list", "delete", "patch"]
22
+  - apiGroups: ["batch"]
23
+    resources: ["jobs"]
24
+    verbs: ["get", "list", "delete"]
25
+{{- end }}

+ 26
- 0
keystone-init/templates/cleanup-rolebinding.yaml View File

@@ -0,0 +1,26 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: RoleBinding
10
+metadata:
11
+  name: {{ template "cleanup.fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.cleanup.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+subjects:
19
+  - kind: ServiceAccount
20
+    name: {{ template "cleanup.fullname" . }}
21
+    namespace: "{{ .Release.Namespace }}"
22
+roleRef:
23
+  kind: Role
24
+  name: {{ template "cleanup.fullname" . }}
25
+  apiGroup: rbac.authorization.k8s.io
26
+{{- end }}

+ 12
- 0
keystone-init/templates/cleanup-serviceaccount.yaml View File

@@ -0,0 +1,12 @@
1
+{{- if and (.Values.rbac.create) (not .Values.cleanup.serviceAccount) }}
2
+apiVersion: v1
3
+kind: ServiceAccount
4
+metadata:
5
+  name: {{ template "cleanup.fullname" . }}
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9
+    component: "{{ .Values.cleanup.name }}"
10
+    heritage: {{ .Release.Service }}
11
+    release: {{ .Release.Name }}
12
+{{- end }}

+ 51
- 0
keystone-init/templates/keystone-init-job.yaml View File

@@ -0,0 +1,51 @@
1
+apiVersion: batch/v1
2
+kind: Job
3
+metadata:
4
+  name: {{ template "fullname" . }}-job
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    component: "{{ .Values.keystone_init.name }}"
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    release: "{{ .Release.Name }}"
10
+    heritage: "{{ .Release.Service }}"
11
+spec:
12
+{{- if .Values.keystone_init.deadline }}
13
+  activeDeadlineSeconds: {{ .Values.keystone_init.deadline }}
14
+{{- end }}
15
+  template:
16
+    metadata:
17
+      labels:
18
+        app: {{ template "fullname" . }}
19
+        component: "{{ .Values.keystone_init.name }}"
20
+    spec:
21
+      restartPolicy: OnFailure
22
+      volumes:
23
+        - name: preload-config
24
+          configMap:
25
+            name: "{{ template "fullname" . }}-preload"
26
+      containers:
27
+        - name: {{ template "fullname" . }}-job
28
+          image: "{{ .Values.keystone_init.image.repository }}:{{ .Values.keystone_init.image.tag }}"
29
+          imagePullPolicy: {{ .Values.keystone_init.image.pullPolicy }}
30
+          resources:
31
+{{ toYaml .Values.keystone_init.resources | indent 12 }}
32
+          env:
33
+            - name: LOG_LEVEL
34
+              value: {{ .Values.keystone_init.log_level }}
35
+            - name: KEYSTONE_TIMEOUT
36
+              value: "{{ .Values.keystone_init.timeout }}"
37
+            - name: KEYSTONE_VERIFY
38
+              value: "{{ .Values.keystone_init.verify }}"
39
+            - name: KEYSTONE_CERT
40
+              value: "{{ .Values.keystone_init.cert }}"
41
+{{ include "keystone_init_keystone_env" .Values.keystone_init.auth | indent 12 }}
42
+            - name: PRELOAD_PATH
43
+              value: "/config/preload.yml"
44
+          volumeMounts:
45
+            - name: preload-config
46
+              mountPath: /config
47
+      {{- if .Values.keystone_init.serviceAccount }}
48
+      serviceAccountName: {{ .Values.keystone_init.serviceAccount | quote }}
49
+      {{- else if .Values.rbac.create }}
50
+      serviceAccountName: "{{ template "fullname" . }}"
51
+      {{- end }}

+ 12
- 0
keystone-init/templates/keystone-preload-configmap.yaml View File

@@ -0,0 +1,12 @@
1
+apiVersion: v1
2
+kind: ConfigMap
3
+metadata:
4
+  name: "{{ template "fullname" . }}-preload"
5
+  labels:
6
+    app: "{{ template "fullname" . }}"
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+data:
11
+  preload.yml: |
12
+{{ toYaml .Values.keystone_init.preload | indent 4 }}

+ 25
- 0
keystone-init/templates/keystone-role.yaml View File

@@ -0,0 +1,25 @@
1
+{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: Role
10
+metadata:
11
+  name: {{ template "fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.keystone_init.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+rules:
19
+  - apiGroups: [""]
20
+    resources: ["secrets"]
21
+    verbs: ["get", "create", "update"]
22
+  - apiGroups: [""]
23
+    resources: ["namespaces"]
24
+    verbs: ["get", "create"]
25
+{{- end }}

+ 26
- 0
keystone-init/templates/keystone-rolebinding.yaml View File

@@ -0,0 +1,26 @@
1
+{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2
+{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
3
+apiVersion: rbac.authorization.k8s.io/v1
4
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1beta1" }}
5
+apiVersion: rbac.authorization.k8s.io/v1beta1
6
+{{- else if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1alpha1" }}
7
+apiVersion: rbac.authorization.k8s.io/v1alpha1
8
+{{- end }}
9
+kind: RoleBinding
10
+metadata:
11
+  name: {{ template "fullname" . }}
12
+  labels:
13
+    app: {{ template "fullname" . }}
14
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
15
+    component: "{{ .Values.keystone_init.name }}"
16
+    heritage: {{ .Release.Service }}
17
+    release: {{ .Release.Name }}
18
+subjects:
19
+  - kind: ServiceAccount
20
+    name: {{ template "fullname" . }}
21
+    namespace: "{{ .Release.Namespace }}"
22
+roleRef:
23
+  kind: Role
24
+  name: {{ template "fullname" . }}
25
+  apiGroup: rbac.authorization.k8s.io
26
+{{- end }}

+ 12
- 0
keystone-init/templates/keystone-serviceaccount.yaml View File

@@ -0,0 +1,12 @@
1
+{{- if and (.Values.rbac.create) (not .Values.keystone_init.serviceAccount) }}
2
+apiVersion: v1
3
+kind: ServiceAccount
4
+metadata:
5
+  name: {{ template "fullname" . }}
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: {{ .Chart.Name }}-{{ .Chart.Version }}
9
+    component: "{{ .Values.keystone_init.name }}"
10
+    heritage: {{ .Release.Service }}
11
+    release: {{ .Release.Name }}
12
+{{- end }}

+ 109
- 0
keystone-init/values.yaml View File

@@ -0,0 +1,109 @@
1
+# Default values for keystone-init.
2
+# This is a YAML-formatted file.
3
+# Declare variables to be passed into your templates.
4
+keystone_init:
5
+  name: keystone-init
6
+
7
+  # an optional preexisting serviceAccount to use
8
+  # to create a service account with the deployment,
9
+  # deploy with rbac.create=true
10
+  serviceAccount: ''
11
+
12
+  image:
13
+    repository: monasca/keystone-init
14
+    tag: 1.3.0
15
+    pullPolicy: IfNotPresent
16
+
17
+  # general options for the init job
18
+  log_level: INFO # python logging level
19
+  timeout: "10" # timeout in seconds
20
+  verify: "true" # if "true", verify SSL
21
+  cert: '' # cert to override if desired (must be mounted as configmap)
22
+
23
+  # keystone authentication for this component
24
+  # note that these options allow the init container to connect to keystone and
25
+  # the referenced account must already exist
26
+  # each parameter may either be specified directly as a string OR reference a
27
+  # secret
28
+  # example:
29
+  #   # plaintext (will be stored in Helm's ConfigMap)
30
+  #   password: 'some-plaintext-password'
31
+  #
32
+  #   # secret ref
33
+  #   password:
34
+  #     secret_name: some-secret-name
35
+  #     # key is optional, will default to `OS_`-style variables
36
+  #     secret_key: some-key
37
+  auth:
38
+    url: 'http://keystone:5000'
39
+    username: "admin"
40
+    password: "s3cr3t"
41
+    user_domain_name: Default
42
+    project_name: 'admin'
43
+    project_domain_name: Default
44
+
45
+  # specify domains, projects, roles, and users to create
46
+  preload:
47
+    # global roles
48
+    global_roles: []
49
+
50
+    # named domains, the key name will be used to look up keystone domain name
51
+    domains:
52
+      # note that `default` is special and refers directly to the ID `default`,
53
+      # not the name `Default`
54
+      default:
55
+        # a list of project names that must exist (will be created)
56
+        projects: []
57
+
58
+        # a list of domain-scoped role names that must exist (will be created)
59
+        roles: []
60
+
61
+        # a list of user objects that must exist
62
+        # example:
63
+        # users:
64
+        #   - username: some-user
65
+        #     project: some-project # will be created if it does not exist
66
+        #     roles: # will also be created automatically
67
+        #       - a
68
+        #       - b
69
+        #       - c
70
+        #     # if desired, create a secret (optional):
71
+        #     secret: some-secret-name
72
+        #     # alternatively, specify a namespace and name
73
+        #     secret: some-namespace/some-secret-name
74
+        #     # or even:
75
+        #     secret:
76
+        #       namespace: some-namespace
77
+        #       name: some-secret-name
78
+        users: []
79
+
80
+  # container resource limits and requests
81
+  resources:
82
+    limits:
83
+      cpu: 100m
84
+      memory: 128Mi
85
+    requests:
86
+      cpu: 100m
87
+      memory: 128Mi
88
+
89
+cleanup:
90
+  name: cleanup
91
+  serviceAccount: ''
92
+  image:
93
+    repository: monasca/job-cleanup
94
+    tag: 1.2.1
95
+    pullPolicy: IfNotPresent
96
+  resources:
97
+    requests:
98
+      memory: 128Mi
99
+      cpu: 200m
100
+    limits:
101
+      memory: 128Mi
102
+      cpu: 250m
103
+  wait:
104
+    retries: "10"
105
+    delay: "3.0"
106
+    timeout: "10"
107
+
108
+rbac:
109
+  create: false

+ 21
- 0
monasca-agent/.helmignore View File

@@ -0,0 +1,21 @@
1
+# Patterns to ignore when building packages.
2
+# This supports shell glob matching, relative path matching, and
3
+# negation (prefixed with !). Only one pattern per line.
4
+.DS_Store
5
+# Common VCS dirs
6
+.git/
7
+.gitignore
8
+.bzr/
9
+.bzrignore
10
+.hg/
11
+.hgignore
12
+.svn/
13
+# Common backup files
14
+*.swp
15
+*.bak
16
+*.tmp
17
+*~
18
+# Various IDEs
19
+.project
20
+.idea/
21
+*.tmproj

+ 9
- 0
monasca-agent/Chart.yaml View File

@@ -0,0 +1,9 @@
1
+apiVersion: v1
2
+description: A Helm chart for Monasca-agent
3
+name: monasca-agent
4
+version: 0.2.3
5
+sources:
6
+- https://github.com/openstack/monasca-agent
7
+maintainers:
8
+- name: Tim Buckley
9
+  email: timothy.jas.buckley@hpe.com

+ 16
- 0
monasca-agent/templates/_helpers.tpl View File

@@ -0,0 +1,16 @@
1
+{{/* vim: set filetype=mustache: */}}
2
+{{/*
3
+Expand the name of the chart.
4
+*/}}
5
+{{- define "name" -}}
6
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7
+{{- end -}}
8
+
9
+{{/*
10
+Create a default fully qualified app name.
11
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12
+*/}}
13
+{{- define "fullname" -}}
14
+{{- $name := default .Chart.Name .Values.nameOverride -}}
15
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
16
+{{- end -}}

+ 14
- 0
monasca-agent/templates/configmap.yaml View File

@@ -0,0 +1,14 @@
1
+{{- if .Values.plugins.enabled }}
2
+apiVersion: v1
3
+kind: ConfigMap
4
+metadata:
5
+  name: {{ template "fullname" . }}
6
+  labels:
7
+    app: {{ template "fullname" . }}
8
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9
+    component: "{{ template "fullname" . }}"
10
+    release: "{{ .Release.Name }}"
11
+    heritage: "{{ .Release.Service }}"
12
+data:
13
+{{ toYaml .Values.plugins.config_files | indent 2 }}
14
+{{- end}}

+ 124
- 0
monasca-agent/templates/daemonset.yaml View File

@@ -0,0 +1,124 @@
1
+apiVersion: extensions/v1beta1
2
+kind: DaemonSet
3
+metadata:
4
+  name: {{ template "fullname" . }}
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+    component: "{{ template "fullname" . }}-daemonset"
11
+spec:
12
+  template:
13
+    metadata:
14
+      labels:
15
+        component: "{{ template "fullname" . }}-daemonset"
16
+        app: {{ template "fullname" . }}
17
+    spec:
18
+      containers:
19
+        - name: {{ template "name" . }}-collector-daemonset
20
+          image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
21
+          imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
22
+          resources:
23
+{{ toYaml .Values.resources | indent 12 }}
24
+          env:
25
+            - name: AGENT_POD_NAME
26
+              valueFrom:
27
+                fieldRef:
28
+                  fieldPath: metadata.name
29
+            - name: AGENT_POD_NAMESPACE
30
+              valueFrom:
31
+                fieldRef:
32
+                  fieldPath: metadata.namespace
33
+            - name: KUBERNETES
34
+              value: "true"
35
+            - name: KUBERNETES_TIMEOUT
36
+              value: {{ .Values.kubernetes.timeout | quote }}
37
+            - name: KUBERNETES_LABELS
38
+              value: {{ .Values.kubernetes.kubernetes_labels | quote }}
39
+            - name: PROMETHEUS
40
+              value: {{ .Values.prometheus.auto_detect_pod_endpoints | quote }}
41
+            - name: PROMETHEUS_TIMEOUT
42
+              value: {{ .Values.prometheus.timeout | quote }}
43
+            - name: PROMETHEUS_DETECT_METHOD
44
+              value: pod
45
+            - name: PROMETHEUS_KUBERNETES_LABELS
46
+              value: {{ .Values.prometheus.kubernetes_labels | quote }}
47
+            - name: CADVISOR
48
+              value: {{ .Values.cadvisor.enabled | quote }}
49
+            - name: CADVISOR_TIMEOUT
50
+              value: {{ .Values.cadvisor.timeout | quote }}
51
+            - name: OS_AUTH_URL
52
+              value: {{ .Values.keystone.url | quote }}
53
+            - name: OS_USERNAME
54
+              value: {{ .Values.keystone.os_username | quote }}
55
+            - name: OS_USER_DOMAIN_NAME
56
+              value: {{ .Values.keystone.os_user_domain_name | quote }}
57
+            - name: OS_PASSWORD
58
+              value: {{ .Values.keystone.os_password | quote }}
59
+            - name: OS_PROJECT_NAME
60
+              value: {{ .Values.keystone.os_project_name | quote }}
61
+            - name: OS_PROJECT_DOMAIN_NAME
62
+              value: {{ .Values.keystone.os_project_domain_name | quote }}
63
+            - name: LOG_LEVEL
64
+              value: {{ .Values.log_level | quote }}
65
+            - name: HOSTNAME_FROM_KUBERNETES
66
+              value: "true"
67
+            {{- if .Values.namespace_annotations }}
68
+            - name: KUBERNETES_NAMESPACE_ANNOTATIONS
69
+              value: {{ .Values.namespace_annotations | quote}}
70
+            {{- end}}
71
+            {{- if .Values.dimensions }}
72
+            - name: DIMENSIONS
73
+              value: {{ .Values.dimensions | quote}}
74
+            {{- end}}
75
+            - name: CHECK_FREQ
76
+              value: {{ .Values.collector.check_freq | quote }}
77
+            - name: NUM_COLLECTOR_THREADS
78
+              value: {{ .Values.collector.num_collector_threads | quote }}
79
+            - name: POOL_FULL_MAX_TRIES
80
+              value: {{ .Values.collector.pool_full_max_retries | quote }}
81
+            - name: SUB_COLLECTION_WARN
82
+              value: {{ .Values.collector.sub_collection_warn | quote }}
83
+        - name: {{ template "name" . }}-forwarder-daemonset
84
+          image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
85
+          imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
86
+          resources:
87
+{{ toYaml .Values.resources | indent 12 }}
88
+          env:
89
+            - name: AGENT_POD_NAME
90
+              valueFrom:
91
+                fieldRef:
92
+                  fieldPath: metadata.name
93
+            - name: AGENT_POD_NAMESPACE
94
+              valueFrom:
95
+                fieldRef:
96
+                  fieldPath: metadata.namespace
97
+            - name: OS_AUTH_URL
98
+              value: {{ .Values.keystone.url | quote }}
99
+            - name: OS_USERNAME
100
+              value: {{ .Values.keystone.os_username | quote }}
101
+            - name: OS_USER_DOMAIN_NAME
102
+              value: {{ .Values.keystone.os_user_domain_name | quote }}
103
+            - name: OS_PASSWORD
104
+              value: {{ .Values.keystone.os_password | quote }}
105
+            - name: OS_PROJECT_NAME
106
+              value: {{ .Values.keystone.os_project_name | quote }}
107
+            - name: OS_PROJECT_DOMAIN_NAME
108
+              value: {{ .Values.keystone.os_project_domain_name | quote }}
109
+            - name: MONASCA_URL
110
+              value: {{ .Values.monasca_url | quote }}
111
+            - name: LOG_LEVEL
112
+              value: {{ .Values.log_level | quote }}
113
+            - name: INSECURE
114
+              value: {{ .Values.insecure | quote }}
115
+            - name: MAX_BATCH_SIZE
116
+              value: {{ .Values.forwarder.max_batch_size | quote }}
117
+            - name: MAX_MEASUREMENT_BUFFER_SIZE
118
+              value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
119
+            - name: BACKLOG_SEND_RATE
120
+              value: {{ .Values.forwarder.backlog_send_rate | quote }}
121
+            - name: HOSTNAME_FROM_KUBERNETES
122
+              value: "true"
123
+            - name: NON_LOCAL_TRAFFIC
124
+              value: {{ .Values.forwarder.non_local_traffic | quote }}

+ 143
- 0
monasca-agent/templates/deployment.yaml View File

@@ -0,0 +1,143 @@
1
+apiVersion: extensions/v1beta1
2
+kind: Deployment
3
+metadata:
4
+  name: {{ template "fullname" . }}
5
+  labels:
6
+    app: {{ template "fullname" . }}
7
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
8
+    release: "{{ .Release.Name }}"
9
+    heritage: "{{ .Release.Service }}"
10
+    component: "{{ template "fullname" . }}-deployment"
11
+spec:
12
+  template:
13
+    metadata:
14
+      labels:
15
+        component: "{{ template "fullname" . }}-deployment"
16
+        app: {{ template "fullname" . }}
17
+    spec:
18
+      containers:
19
+        - name: {{ template "name" . }}-collector-deployment
20
+          image: "{{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}"
21
+          imagePullPolicy: {{ .Values.collector.image.pullPolicy }}
22
+          resources:
23
+{{ toYaml .Values.resources | indent 12 }}
24
+          env:
25
+            - name: AGENT_POD_NAME
26
+              valueFrom:
27
+                fieldRef:
28
+                  fieldPath: metadata.name
29
+            - name: AGENT_POD_NAMESPACE
30
+              valueFrom:
31
+                fieldRef:
32
+                  fieldPath: metadata.namespace
33
+            - name: KUBERNETES_API
34
+              value: "true"
35
+            - name: KUBERNETES_API_TIMEOUT
36
+              value: {{ .Values.kubernetes_api.timeout | quote }}
37
+            - name: KUBERNETES_API_LABELS
38
+              value: {{ .Values.kubernetes_api.kubernetes_labels | quote }}
39
+            - name: PROMETHEUS
40
+              value: {{ .Values.prometheus.auto_detect_service_endpoints | quote }}
41
+            - name: PROMETHEUS_TIMEOUT
42
+              value: {{ .Values.prometheus.timeout | quote }}
43
+            - name: PROMETHEUS_DETECT_METHOD
44
+              value: service
45
+            - name: PROMETHEUS_KUBERNETES_LABELS
46
+              value: {{ .Values.prometheus.kubernetes_labels | quote }}
47
+            - name: OS_AUTH_URL
48
+              value: {{ .Values.keystone.url | quote }}
49
+            - name: OS_USERNAME
50
+              value: {{ .Values.keystone.os_username | quote }}
51
+            - name: OS_USER_DOMAIN_NAME
52
+              value: {{ .Values.keystone.os_user_domain_name | quote }}
53
+            - name: OS_PASSWORD
54
+              value: {{ .Values.keystone.os_password | quote }}
55
+            - name: OS_PROJECT_NAME
56
+              value: {{ .Values.keystone.os_project_name | quote }}
57
+            - name: OS_PROJECT_DOMAIN_NAME
58
+              value: {{ .Values.keystone.os_project_domain_name | quote }}
59
+            - name: LOG_LEVEL
60
+              value: {{ .Values.log_level | quote }}
61
+            - name: HOSTNAME_FROM_KUBERNETES
62
+              value: "true"
63
+            {{- if .Values.namespace_annotations }}
64
+            - name: KUBERNETES_NAMESPACE_ANNOTATIONS
65
+              value: {{ .Values.namespace_annotations | quote}}
66
+            {{- end}}
67
+            {{- if .Values.kubernetes_api.storage.parameter_dimensions }}
68
+            - name: STORAGE_PARAMETERS_DIMENSIONS
69
+              value: {{ .Values.kubernetes_api.storage.parameter_dimensions | quote}}
70
+            {{- end}}
71
+            - name: REPORT_PERSISTENT_STORAGE
72
+              value: {{ .Values.kubernetes_api.storage.report | quote }}
73
+            {{- if .Values.dimensions }}
74
+            - name: DIMENSIONS
75
+              value: {{ .Values.dimensions | quote}}
76
+            {{- end}}
77
+            - name: CHECK_FREQ
78
+              value: {{ .Values.collector.check_freq | quote }}
79
+            - name: NUM_COLLECTOR_THREADS
80
+              value: {{ .Values.collector.num_collector_threads | quote }}
81
+            - name: POOL_FULL_MAX_TRIES
82
+              value: {{ .Values.collector.pool_full_max_retries | quote }}
83
+            - name: SUB_COLLECTION_WARN
84
+              value: {{ .Values.collector.sub_collection_warn | quote }}
85
+          {{- if .Values.plugins.enabled }}
86
+          volumeMounts:
87
+            - name: agent-config
88
+              mountPath: /plugins.d
89
+          {{- end}}
90
+        - name: {{ template "name" . }}-forwarder-deployment
91
+          image: "{{ .Values.forwarder.image.repository }}:{{ .Values.forwarder.image.tag }}"
92
+          imagePullPolicy: {{ .Values.forwarder.image.pullPolicy }}
93
+          resources:
94
+{{ toYaml .Values.resources | indent 12 }}
95
+          env:
96
+            - name: AGENT_POD_NAME
97
+              valueFrom:
98
+                fieldRef:
99
+                  fieldPath: metadata.name
100
+            - name: AGENT_POD_NAMESPACE
101
+              valueFrom:
102
+                fieldRef:
103
+                  fieldPath: metadata.namespace
104
+            - name: OS_AUTH_URL
105
+              value: {{ .Values.keystone.url | quote }}
106
+            - name: OS_USERNAME
107
+              value: {{ .Values.keystone.os_username | quote }}
108
+            - name: OS_USER_DOMAIN_NAME
109
+              value: {{ .Values.keystone.os_user_domain_name | quote }}
110
+            - name: OS_PASSWORD
111
+              value: {{ .Values.keystone.os_password | quote }}
112
+            - name: OS_PROJECT_NAME
113
+              value: {{ .Values.keystone.os_project_name | quote }}
114
+            - name: OS_PROJECT_DOMAIN_NAME
115
+              value: {{ .Values.keystone.os_project_domain_name | quote }}
116
+            - name: MONASCA_URL
117
+              value: {{ .Values.monasca_url | quote }}
118
+            - name: LOG_LEVEL
119
+              value: {{ .Values.log_level | quote }}
120
+            - name: INSECURE
121
+              value: {{ .Values.insecure | quote }}
122
+            - name: MAX_BATCH_SIZE
123
+              value: {{ .Values.forwarder.max_batch_size | quote }}
124
+            - name: MAX_MEASUREMENT_BUFFER_SIZE
125
+              value: {{ .Values.forwarder.max_measurement_buffer_size | quote }}
126
+            - name: BACKLOG_SEND_RATE
127
+              value: {{ .Values.forwarder.backlog_send_rate | quote }}
128
+            - name: HOSTNAME_FROM_KUBERNETES
129
+              value: "true"
130
+            - name: NON_LOCAL_TRAFFIC
131
+              value: {{ .Values.forwarder.non_local_traffic | quote }}
132
+      {{- if .Values.plugins.enabled }}
133
+      volumes:
134
+        - name: agent-config
135
+          configMap:
136
+            name: {{ template "fullname" . }}
137
+      {{- end}}
138
+      {{- if .Values.plugins.enabled }}
139
+      volumes:
140
+        - name: agent-config
141
+          configMap:
142
+            name: {{ template "fullname" . }}
143
+      {{- end}}

+ 32
- 0
monasca-agent/templates/role.yaml View File

@@ -0,0 +1,32 @@
1
+{{- if .Values.rbac.enabled }}
2
+kind: ClusterRole
3
+apiVersion: rbac.authorization.k8s.io/v1alpha1
4
+metadata:
5
+  name: "{{ .Release.Name }}-role"
6
+rules:
7
+  - apiGroups: ["", "extensions", "storage.k8s.io"]
8
+    verbs: ["get", "list"]
9
+    resources:
10
+      - namespaces
11
+      - pods
12
+      - replicasets
13
+      - deployments
14
+      - replicationcontrollers
15
+      - nodes
16
+      - services
17
+      - componentstatuses
18
+      - storageclasses
19
+---
20
+kind: ClusterRoleBinding
21
+apiVersion: rbac.authorization.k8s.io/v1alpha1
22
+metadata:
23
+  name: "{{ .Release.Name }}-role-binding"
24
+subjects:
25
+  - kind: ServiceAccount
26
+    name: default
27
+    namespace: "{{ .Release.Namespace }}"
28
+roleRef:
29
+  kind: ClusterRole
30
+  name: "{{ .Release.Name }}-role"
31
+  apiGroup: rbac.authorization.k8s.io
32
+{{- end }}

+ 56
- 0
monasca-agent/values.yaml View File

@@ -0,0 +1,56 @@
1
+name: agent
2
+collector:
3
+  image:
4
+    repository: monasca/agent-collector
5
+    tag: master-20180112-162543
6
+    pullPolicy: IfNotPresent
7
+  check_freq: 30
8
+  num_collector_threads: 1
9
+  pool_full_max_retries: 4
10
+  sub_collection_warn: 6
11
+forwarder:
12
+  image:
13
+    repository: monasca/agent-forwarder
14
+    tag: master-20180206-002800
15
+    pullPolicy: IfNotPresent
16
+  max_batch_size: 0
17
+  max_measurement_buffer_size: -1
18
+  backlog_send_rate: 5
19
+  non_local_traffic: "true"
20
+insecure: False
21
+log_level: WARN
22
+keystone:
23
+  os_username: mini-mon
24
+  os_user_domain_name: Default
25
+  os_password: password
26
+  os_project_name: mini-mon
27
+  os_project_domain_name: Default
28
+  url: http://keystone:35357/v3
29
+monasca_url: http://monasca-api:8070/v2.0
30
+prometheus:
31
+  auto_detect_pod_endpoints: true
32
+  auto_detect_service_endpoints: true
33
+  kubernetes_labels: 'app'
34
+  timeout: 3
35
+kubernetes_api:
36
+  kubernetes_labels: 'app'
37
+  timeout: 3
38
+  storage:
39
+    report: true
40
+kubernetes:
41
+  kubernetes_labels: 'app'
42
+  timeout: 3
43
+cadvisor:
44
+  enabled: true
45
+  timeout: 3
46
+resources:
47
+  requests:
48
+    memory: 256Mi
49
+    cpu: 100m
50
+  limits:
51
+    memory: 512Mi
52
+    cpu: 500m
53
+plugins:
54
+  enabled: false
55
+rbac:
56
+  enabled: false

+ 9
- 0
monasca-alarms/Chart.yaml View File

@@ -0,0 +1,9 @@
1
+apiVersion: v1
2
+description: A Helm chart for adding Alarms for Monasca
3
+name: monasca-alarms
4
+version: 0.0.1
5
+sources:
6
+- https://wiki.openstack.org/wiki/Monasca
7
+maintainers:
8
+- name: Michael Hoppal
9
+  email: michael.jam.hoppal@hpe.com

+ 112
- 0
monasca-alarms/README.md View File

@@ -0,0 +1,112 @@
1
+# Monasca-alarms
2
+
3
+##  Alarms for Monasca components
4
+
5
+[Monasca](https://wiki.openstack.org/wiki/Monasca), an
6
+[Openstack](https://www.openstack.org/) official project, is a scalable
7
+monitoring as a service solution. It monitors services and systems by a push
8
+model. The Monasca Agent will collect metrics from each node and push them to
9
+the Monasca API. It will then be processed by separate microservices for
10
+storing, alarming and notifications. The architecture can be viewed
11
+[here](https://wiki.openstack.org/wiki/File:Monasca-arch-component-diagram.png)
12
+