From 91be3e32e253bf87108b9c24f83f43f8d2363904 Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Tue, 2 Nov 2021 16:41:57 +0100 Subject: [PATCH 1/8] Initial commit --- Chart.yaml | 10 +- influxdb/.helmignore | 21 + influxdb/Chart.yaml | 27 + influxdb/README.md | 575 ++++++++++ influxdb/charts/common/.helmignore | 22 + influxdb/charts/common/Chart.yaml | 23 + influxdb/charts/common/README.md | 328 ++++++ .../charts/common/templates/_affinities.tpl | 102 ++ .../charts/common/templates/_capabilities.tpl | 128 +++ influxdb/charts/common/templates/_errors.tpl | 23 + influxdb/charts/common/templates/_images.tpl | 75 ++ influxdb/charts/common/templates/_ingress.tpl | 55 + influxdb/charts/common/templates/_labels.tpl | 18 + influxdb/charts/common/templates/_names.tpl | 52 + influxdb/charts/common/templates/_secrets.tpl | 129 +++ influxdb/charts/common/templates/_storage.tpl | 23 + .../charts/common/templates/_tplvalues.tpl | 13 + influxdb/charts/common/templates/_utils.tpl | 62 + .../charts/common/templates/_warnings.tpl | 14 + .../templates/validations/_cassandra.tpl | 72 ++ .../common/templates/validations/_mariadb.tpl | 103 ++ .../common/templates/validations/_mongodb.tpl | 108 ++ .../templates/validations/_postgresql.tpl | 131 +++ .../common/templates/validations/_redis.tpl | 76 ++ .../templates/validations/_validations.tpl | 46 + influxdb/charts/common/values.yaml | 5 + influxdb/files/conf/README.md | 6 + .../docker-entrypoint-initdb.d/README.md | 3 + influxdb/templates/NOTES.txt | 201 ++++ influxdb/templates/_helpers.tpl | 153 +++ influxdb/templates/extradeploy.yaml | 4 + .../templates/influxdb/configmap-backup.yaml | 78 ++ .../influxdb/configmap-initdb-scripts.yaml | 17 + influxdb/templates/influxdb/configmap.yaml | 19 + .../templates/influxdb/cronjob-backup.yaml | 147 +++ .../influxdb/deployment-standalone.yaml | 310 +++++ influxdb/templates/influxdb/pvc-backup.yaml | 23 + influxdb/templates/influxdb/pvc.yaml | 23 + .../templates/influxdb/secrets-backup.yaml | 31 + influxdb/templates/influxdb/secrets.yaml | 27 + .../templates/influxdb/service-headless.yaml | 30 + .../templates/influxdb/service-metrics.yaml | 48 + influxdb/templates/influxdb/service.yaml | 61 + .../templates/influxdb/servicemonitor.yaml | 37 + .../statefulset-high-availability.yaml | 322 ++++++ influxdb/templates/ingress.yaml | 78 ++ influxdb/templates/networkpolicy.yaml | 37 + influxdb/templates/relay/configmap.yaml | 18 + influxdb/templates/relay/deployment.yaml | 105 ++ influxdb/templates/relay/service.yaml | 48 + influxdb/templates/service-collectd.yaml | 48 + influxdb/values.yaml | 1011 +++++++++++++++++ values.yaml | 35 +- 53 files changed, 5142 insertions(+), 19 deletions(-) create mode 100644 influxdb/.helmignore create mode 100644 influxdb/Chart.yaml create mode 100644 influxdb/README.md create mode 100644 influxdb/charts/common/.helmignore create mode 100644 influxdb/charts/common/Chart.yaml create mode 100644 influxdb/charts/common/README.md create mode 100644 influxdb/charts/common/templates/_affinities.tpl create mode 100644 influxdb/charts/common/templates/_capabilities.tpl create mode 100644 influxdb/charts/common/templates/_errors.tpl create mode 100644 influxdb/charts/common/templates/_images.tpl create mode 100644 influxdb/charts/common/templates/_ingress.tpl create mode 100644 influxdb/charts/common/templates/_labels.tpl create mode 100644 influxdb/charts/common/templates/_names.tpl create mode 100644 influxdb/charts/common/templates/_secrets.tpl create mode 100644 influxdb/charts/common/templates/_storage.tpl create mode 100644 influxdb/charts/common/templates/_tplvalues.tpl create mode 100644 influxdb/charts/common/templates/_utils.tpl create mode 100644 influxdb/charts/common/templates/_warnings.tpl create mode 100644 influxdb/charts/common/templates/validations/_cassandra.tpl create mode 100644 influxdb/charts/common/templates/validations/_mariadb.tpl create mode 100644 influxdb/charts/common/templates/validations/_mongodb.tpl create mode 100644 influxdb/charts/common/templates/validations/_postgresql.tpl create mode 100644 influxdb/charts/common/templates/validations/_redis.tpl create mode 100644 influxdb/charts/common/templates/validations/_validations.tpl create mode 100644 influxdb/charts/common/values.yaml create mode 100644 influxdb/files/conf/README.md create mode 100644 influxdb/files/docker-entrypoint-initdb.d/README.md create mode 100644 influxdb/templates/NOTES.txt create mode 100644 influxdb/templates/_helpers.tpl create mode 100644 influxdb/templates/extradeploy.yaml create mode 100644 influxdb/templates/influxdb/configmap-backup.yaml create mode 100644 influxdb/templates/influxdb/configmap-initdb-scripts.yaml create mode 100644 influxdb/templates/influxdb/configmap.yaml create mode 100644 influxdb/templates/influxdb/cronjob-backup.yaml create mode 100644 influxdb/templates/influxdb/deployment-standalone.yaml create mode 100644 influxdb/templates/influxdb/pvc-backup.yaml create mode 100644 influxdb/templates/influxdb/pvc.yaml create mode 100644 influxdb/templates/influxdb/secrets-backup.yaml create mode 100644 influxdb/templates/influxdb/secrets.yaml create mode 100644 influxdb/templates/influxdb/service-headless.yaml create mode 100644 influxdb/templates/influxdb/service-metrics.yaml create mode 100644 influxdb/templates/influxdb/service.yaml create mode 100644 influxdb/templates/influxdb/servicemonitor.yaml create mode 100644 influxdb/templates/influxdb/statefulset-high-availability.yaml create mode 100644 influxdb/templates/ingress.yaml create mode 100644 influxdb/templates/networkpolicy.yaml create mode 100644 influxdb/templates/relay/configmap.yaml create mode 100644 influxdb/templates/relay/deployment.yaml create mode 100644 influxdb/templates/relay/service.yaml create mode 100644 influxdb/templates/service-collectd.yaml create mode 100644 influxdb/values.yaml diff --git a/Chart.yaml b/Chart.yaml index df11385..09f256a 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,8 +1,8 @@ --- apiVersion: v2 name: fadi -version: 0.2.9 -appVersion: 0.2.9 +version: 0.2.10 +appVersion: 0.2.10 description: FADI is a Cloud Native platform for Big Data based on mature open source tools. keywords: - fadi @@ -113,4 +113,8 @@ dependencies: - name: airflow version: ~8.0.5 repository: https://charts.bitnami.com/bitnami - condition: airflow.enabled \ No newline at end of file + condition: airflow.enabled +- name: influxdb + version: ^2.3.18 + repository: https://charts.bitnami.com/bitnami + condition: influxdb.enabled \ No newline at end of file diff --git a/influxdb/.helmignore b/influxdb/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/influxdb/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/influxdb/Chart.yaml b/influxdb/Chart.yaml new file mode 100644 index 0000000..154ce7b --- /dev/null +++ b/influxdb/Chart.yaml @@ -0,0 +1,27 @@ +annotations: + category: Database +apiVersion: v2 +appVersion: 2.0.9 +dependencies: +- name: common + repository: https://charts.bitnami.com/bitnami + tags: + - bitnami-common + version: 1.x.x +description: InfluxDB™ is an open source time-series database designed to handle + large write and read loads in real-time. +home: https://github.com/bitnami/charts/tree/master/bitnami/influxdb +icon: https://bitnami.com/assets/stacks/influxdb/img/influxdb-stack-220x234.png +keywords: +- influxdb +- tick +- database +- timeseries +maintainers: +- email: containers@bitnami.com + name: Bitnami +name: influxdb +sources: +- https://github.com/bitnami/bitnami-docker-influxdb +- https://www.influxdata.com/products/influxdb-overview/ +version: 2.3.18 diff --git a/influxdb/README.md b/influxdb/README.md new file mode 100644 index 0000000..bf9f6dd --- /dev/null +++ b/influxdb/README.md @@ -0,0 +1,575 @@ +# InfluxDB™ + +[InfluxDB™](https://www.influxdata.com/products/influxdb-overview/) is an open source time-series database designed to handle large write and read loads in real-time. + +Disclaimer: The respective trademarks mentioned in the offering are owned by the respective companies. We do not provide a commercial license for any of these products. This listing has an open-source license. InfluxDB™ and InfluxDB Relay™ are run and maintained by InfluxData, which is a completely separate project from Bitnami. + +## TL;DR + +```console +$ helm repo add bitnami https://charts.bitnami.com/bitnami +$ helm install my-release bitnami/influxdb +``` + +## Introduction + +This chart bootstraps a [influxdb](https://github.com/bitnami/bitnami-docker-influxdb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. + +## Prerequisites + +- Kubernetes 1.12+ +- Helm 3.1.0 +- PV provisioner support in the underlying infrastructure +- ReadWriteMany volumes for deployment scaling + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add bitnami https://charts.bitnami.com/bitnami +$ helm install my-release bitnami/influxdb +``` + +These commands deploy influxdb on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` statefulset: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. Use the option `--purge` to delete all history too. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ----- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global storage class for dynamic provisioning | `""` | + + +### Common parameters + +| Name | Description | Value | +| ------------------------ | ----------------------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` | +| `nameOverride` | String to partially override influxdb.fullname template with a string (will prepend the release name) | `""` | +| `fullnameOverride` | String to fully override influxdb.fullname template with a string | `""` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | + + +### InfluxDB™ parameters + +| Name | Description | Value | +| --------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | +| `image.registry` | InfluxDB™ image registry | `docker.io` | +| `image.repository` | InfluxDB™ image repository | `bitnami/influxdb` | +| `image.tag` | InfluxDB™ image tag (immutable tags are recommended) | `2.0.9-debian-10-r5` | +| `image.pullPolicy` | InfluxDB™ image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `architecture` | InfluxDB™ architecture (`standalone` or `high-availability`) | `standalone` | +| `auth.enabled` | Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) | `true` | +| `auth.usePasswordFiles` | Whether to use files to provide secrets instead of env vars. | `false` | +| `auth.admin.username` | InfluxDB™ admin user name | `admin` | +| `auth.admin.password` | InfluxDB™ admin user's password | `""` | +| `auth.admin.token` | InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 | `""` | +| `auth.admin.org` | InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 | `primary` | +| `auth.admin.bucket` | InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 | `primary` | +| `auth.createUserToken` | Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) | `false` | +| `auth.user.username` | Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` | `""` | +| `auth.user.password` | InfluxDB™ password for `user.name` user | `""` | +| `auth.user.org` | Org to be created on first run | `""` | +| `auth.user.bucket` | Bucket to be created on first run | `""` | +| `auth.readUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | +| `auth.readUser.password` | InfluxDB™ password for `auth.readUser.username` user | `""` | +| `auth.writeUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | +| `auth.writeUser.password` | InfluxDB™ password for `auth.writeUser.username` user | `""` | +| `auth.existingSecret` | Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) | `""` | +| `influxdb.configuration` | Specify content for influxdb.conf | `""` | +| `influxdb.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). | `""` | +| `influxdb.initdbScripts` | Dictionary of initdb scripts | `{}` | +| `influxdb.initdbScriptsCM` | Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). | `""` | +| `influxdb.initdbScriptsSecret` | Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) | `""` | +| `influxdb.extraEnvVars` | Array containing extra env vars to configure InfluxDB™ | `[]` | +| `influxdb.replicaCount` | The number of InfluxDB™ replicas to deploy | `1` | +| `influxdb.updateStrategy` | Update strategy, can be set to RollingUpdate or OnDelete by default. | `RollingUpdate` | +| `influxdb.podManagementPolicy` | Pod Management Policy [`OrderedReady` or `Parallel`] | `OrderedReady` | +| `influxdb.podAffinityPreset` | InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `influxdb.podAntiAffinityPreset` | InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `influxdb.nodeAffinityPreset.type` | InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `influxdb.nodeAffinityPreset.key` | InfluxDB™ Node label key to match Ignored if `affinity` is set. | `""` | +| `influxdb.nodeAffinityPreset.values` | InfluxDB™ Node label values to match. Ignored if `affinity` is set. | `[]` | +| `influxdb.affinity` | InfluxDB™ Affinity for pod assignment | `{}` | +| `influxdb.nodeSelector` | InfluxDB™ Node labels for pod assignment | `{}` | +| `influxdb.tolerations` | InfluxDB™ Tolerations for pod assignment | `[]` | +| `influxdb.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | +| `influxdb.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | +| `influxdb.securityContext.enabled` | Enable security context for InfluxDB™ | `true` | +| `influxdb.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | +| `influxdb.securityContext.runAsUser` | User ID for the InfluxDB™ container | `1001` | +| `influxdb.resources.limits` | The resources limits for the container | `{}` | +| `influxdb.resources.requests` | The requested resources for the container | `{}` | +| `influxdb.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `influxdb.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `influxdb.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `45` | +| `influxdb.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | +| `influxdb.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `influxdb.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `influxdb.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `influxdb.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | +| `influxdb.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `45` | +| `influxdb.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | +| `influxdb.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `influxdb.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `influxdb.customLivenessProbe` | Override default liveness probe | `{}` | +| `influxdb.customReadinessProbe` | Override default readiness probe | `{}` | +| `influxdb.containerPorts` | Container ports | `{}` | +| `influxdb.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `influxdb.service.port` | InfluxDB™ HTTP port | `8086` | +| `influxdb.service.rpcPort` | InfluxDB™ RPC port | `8088` | +| `influxdb.service.nodePorts` | Specify the nodePort(s) value for the LoadBalancer and NodePort service types. | `{}` | +| `influxdb.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `influxdb.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `influxdb.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `influxdb.service.annotations` | Annotations for InfluxDB™ service | `{}` | +| `influxdb.service.sessionAffinity` | Session affinity for the InfluxDB™ service | `""` | +| `influxdb.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | + + +### InfluxDB Relay™ parameters + +| Name | Description | Value | +| ------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `relay.image.registry` | InfluxDB Relay™ image registry | `docker.io` | +| `relay.image.repository` | InfluxDB Relay™ image repository | `bitnami/influxdb-relay` | +| `relay.image.tag` | InfluxDB Relay™ image tag (immutable tags are recommended) | `0.20200717.0-scratch-r12` | +| `relay.image.pullPolicy` | InfluxDB Relay™ image pull policy | `IfNotPresent` | +| `relay.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `relay.configuration` | InfluxDB Relay™ Configuration. Specify content for relay.toml | `""` | +| `relay.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB Relay™ configuration (`relay.configuration` will be ignored) | `""` | +| `relay.replicaCount` | The number of InfluxDB Relay™ replicas to deploy | `1` | +| `relay.updateStrategy` | Update strategy, can be set to RollingUpdate or OnDelete by default. | `RollingUpdate` | +| `relay.podAffinityPreset` | InfluxDB Relay™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `relay.podAntiAffinityPreset` | InfluxDB Relay™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `relay.nodeAffinityPreset.type` | InfluxDB Relay™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `relay.nodeAffinityPreset.key` | InfluxDB Relay™ Node label key to match Ignored if `affinity` is set. | `""` | +| `relay.nodeAffinityPreset.values` | InfluxDB Relay™ Node label values to match. Ignored if `affinity` is set. | `[]` | +| `relay.affinity` | InfluxDB Relay™ Affinity for pod assignment | `{}` | +| `relay.nodeSelector` | InfluxDB Relay™ Node labels for pod assignment | `{}` | +| `relay.tolerations` | InfluxDB Relay™ Tolerations for pod assignment | `[]` | +| `relay.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | +| `relay.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | +| `relay.securityContext.enabled` | Enable security context for InfluxDB Relay™ | `true` | +| `relay.securityContext.fsGroup` | Group ID for the InfluxDB Relay™ filesystem | `1001` | +| `relay.securityContext.runAsUser` | User ID for the InfluxDB Relay™ container | `1001` | +| `relay.resources.limits` | The resources limits for the container | `{}` | +| `relay.resources.requests` | The requested resources for the container | `{}` | +| `relay.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `relay.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `relay.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `relay.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `relay.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `relay.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `relay.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `relay.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `relay.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `relay.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `relay.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `relay.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `relay.customLivenessProbe` | Override default liveness probe | `{}` | +| `relay.customReadinessProbe` | Override default readiness probe | `{}` | +| `relay.containerPorts` | Container ports | `{}` | +| `relay.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `relay.service.port` | InfluxDB Relay™ HTTP port | `9096` | +| `relay.service.nodePort` | Kubernetes HTTP node port | `""` | +| `relay.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `relay.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `relay.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `relay.service.annotations` | Annotations for InfluxDB Relay™ service | `{}` | + + +### InfluxDB Collectd™ parameters + +| Name | Description | Value | +| ------------------------------------------- | ----------------------------------------------------------------------------------------- | ----------- | +| `collectd.enabled` | InfluxDB Collectd™ service enable | `false` | +| `collectd.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `collectd.service.port` | InfluxDB Collectd™ UDP port (should match with corresponding port in influxdb.conf) | `25826` | +| `collectd.service.nodePort` | Kubernetes HTTP node port | `""` | +| `collectd.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `collectd.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `collectd.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `collectd.service.annotations` | Annotations for InfluxDB Collectd™ service | `{}` | + + +### Exposing parameters + +| Name | Description | Value | +| --------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.tls` | Create TLS Secret | `false` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `ingress.hostname` | Default host for the ingress resource | `influxdb.local` | +| `ingress.path` | Ingress path*' in order to use this | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | +| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | + + +### Metrics parameters + +| Name | Description | Value | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | ------------------- | +| `metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `metrics.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `metrics.service.port` | InfluxDB™ Prometheus port | `9122` | +| `metrics.service.nodePort` | Kubernetes HTTP node port | `""` | +| `metrics.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `metrics.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `persistence.enabled` | Enable data persistence | `true` | +| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `persistence.storageClass` | Specify the `storageClass` used to provision the volume | `""` | +| `persistence.accessModes` | Access mode of data volume | `["ReadWriteOnce"]` | +| `persistence.size` | Size of data volume | `8Gi` | + + +### Volume permissions parameters + +| Name | Description | Value | +| --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `10-debian-10-r212` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.securityContext.runAsUser` | User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") | `0` | + + +### InfluxDB™ backup parameters + +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | -------------------------- | +| `backup.enabled` | Enable InfluxDB™ backup | `false` | +| `backup.directory` | Directory where backups are stored | `/backups` | +| `backup.retentionDays` | Retention time in days for backups (older backups are deleted) | `10` | +| `backup.cronjob.schedule` | Schedule in Cron format to save snapshots | `0 2 * * *` | +| `backup.cronjob.historyLimit` | Number of successful finished jobs to retain | `1` | +| `backup.cronjob.podAnnotations` | Pod annotations | `{}` | +| `backup.cronjob.securityContext.enabled` | Enable security context for InfluxDB™ | `true` | +| `backup.cronjob.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | +| `backup.cronjob.securityContext.runAsUser` | Group ID for the InfluxDB™ filesystem | `1001` | +| `backup.podAffinityPreset` | Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `backup.podAntiAffinityPreset` | Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `backup.nodeAffinityPreset.type` | Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `backup.nodeAffinityPreset.key` | Backup™ Node label key to match Ignored if `affinity` is set. | `""` | +| `backup.nodeAffinityPreset.values` | Backup™ Node label values to match. Ignored if `affinity` is set. | `[]` | +| `backup.affinity` | Backup™ Affinity for backup pod assignment | `{}` | +| `backup.nodeSelector` | Backup™ Node labels for backup pod assignment | `{}` | +| `backup.tolerations` | Backup™ Tolerations for backup pod assignment | `[]` | +| `backup.uploadProviders.google.enabled` | enable upload to google storage bucket | `false` | +| `backup.uploadProviders.google.secret` | json secret with serviceaccount data to access Google storage bucket | `""` | +| `backup.uploadProviders.google.secretKey` | service account secret key name | `key.json` | +| `backup.uploadProviders.google.existingSecret` | Name of existing secret object with Google serviceaccount json credentials | `""` | +| `backup.uploadProviders.google.bucketName` | google storage bucket name name | `gs://bucket/influxdb` | +| `backup.uploadProviders.google.image.registry` | Google Cloud SDK image registry | `docker.io` | +| `backup.uploadProviders.google.image.repository` | Google Cloud SDK image name | `bitnami/google-cloud-sdk` | +| `backup.uploadProviders.google.image.tag` | Google Cloud SDK image tag | `0.359.0-debian-10-r6` | +| `backup.uploadProviders.google.image.pullPolicy` | Google Cloud SDK image pull policy | `IfNotPresent` | +| `backup.uploadProviders.google.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `backup.uploadProviders.azure.enabled` | Enable upload to azure storage container | `false` | +| `backup.uploadProviders.azure.secret` | Secret with credentials to access Azure storage | `""` | +| `backup.uploadProviders.azure.secretKey` | Service account secret key name | `connection-string` | +| `backup.uploadProviders.azure.existingSecret` | Name of existing secret object | `""` | +| `backup.uploadProviders.azure.containerName` | Destination container | `influxdb-container` | +| `backup.uploadProviders.azure.image.registry` | Azure CLI image registry | `docker.io` | +| `backup.uploadProviders.azure.image.repository` | Azure CLI image repository | `bitnami/azure-cli` | +| `backup.uploadProviders.azure.image.tag` | Azure CLI image tag (immutable tags are recommended) | `2.28.1-debian-10-r25` | +| `backup.uploadProviders.azure.image.pullPolicy` | Azure CLI image pull policy | `IfNotPresent` | +| `backup.uploadProviders.azure.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install my-release \ + --set auth.admin.username=admin-user bitnami/influxdb +``` + +The above command sets the InfluxDB™ admin user to `admin-user`. + +> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +$ helm install my-release -f values.yaml bitnami/influxdb +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Configuration and installation details + +### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +## Standalone vs High Availability architecture + +You can install the InfluxDB™ chart with two different architecture setups: "standalone" or "high-availability", you can use the `architecture` parameter: + +```console +architecture="standalone" +architecture="high-availability" +``` + +The standalone architecture installs a deployment with one InfluxDB™ server (it cannot be scaled): + +``` + ┌──────────────────┐ + │ Ingress │ + │ Controller │ + └────────┬─────────┘ + | + │ /query + │ /write + ▼ + ┌────────────────┐ + │ InfluxDB(TM) │ + | svc │ + └───────┬────────┘ + │ + ▼ + ┌──────────────┐ + │ InfluxDB(TM) │ + │ Server │ + │ Pod │ + └──────────────┘ +``` + +The high availability install a statefulset with N InfluxDB™ servers and M InfluxDB Relay™ instances: + +``` + ┌──────────────────┐ + │ Ingress │ + │ Controller │ + └───────┬─┬────────┘ + │ │ + │ │ + ┌────────────┘ └─────────────┐ + │ │ + │ /write /query │ + ▼ ▼ + ┌────────────────────┐ ┌────────────────────┐ + │ InfluxDB Relay(TM) │ │ InfluxDB(TM) │ + │ svc │ │ svc │ + └───────────┬─┬──────┘ └─────┬─────┬────────┘ + ┌────────── │─|───────────────|─────│───────┐ + | │ | | │ ▼ +┌─────┴────────┐ │ | | │ ┌──────────────┐ +│ InfluxDB │ │ | | │ │ InfluxDB(TM) │ +│ Relay(TM) │◀─┘ | | └─▶│ Server │ +│ Pod │ │ │ │ Pod │ +└─────┬────────┘ │ │ └──────────────┘ + | │ │ ▲ + └─────────────│───────────────│───────┐ | + │ │ | | + ┌──────────────── │───────────────│───────────┘ + | │ │ | + | │ │ ▼ +┌─┴─────────────┐ │ │ ┌──────────────┐ +│ InfluxDB │ │ │ │ InfluxDB(TM) │ +│ Relay(TM) │◀──┘ └──▶│ Server │ +│ Pod │ │ Pod │ +└─────┬─────────┘ └──────────────┘ + | ▲ + └───────────────────────────────────┘ +``` + +When using the high-availability architecture, it is recommended to configure sticky sessions using `--set influxdb.service.sessionAffinity="ClientIP"` or configuring the IngressController accordingly. + +### Configure the way how to expose InfluxDB™ + +- **Ingress**: The ingress controller must be installed in the Kubernetes cluster. Set `ingress.enabled=true` to expose InfluxDB™ through Ingress. +- **ClusterIP**: Exposes the service on a cluster-internal IP. Choosing this value makes the service only reachable from within the cluster. Set `influxdb.service.type=ClusterIP` to choose this service type. +- **NodePort**: Exposes the service on each Node's IP at a static port (the NodePort). You’ll be able to contact the NodePort service, from outside the cluster, by requesting `NodeIP:NodePort`. Set `influxdb.service.type=NodePort` to choose this service type. +- **LoadBalancer**: Exposes the service externally using a cloud provider's load balancer. Set `influxdb.service.type=LoadBalancer` to choose this service type. + +### Using custom configuration + +This helm chart supports to customize the whole configuration file. + +Add your custom configuration file to "files/conf" in your working directory. This file will be mounted as a configMap to the containers and it will be used for configuring InfluxDB™. + +Alternatively, you can specify the InfluxDB™ configuration using the `influxdb.configuration` parameter. + +In addition to these options, you can also set an external ConfigMap with all the configuration files. This is done by setting the `influxdb.existingConfiguration` parameter. Note that this will override the two previous options. + +### Adding extra environment variables + +In case you want to add extra environment variables, you can use the `influxdb.extraEnvVars` property. + +```yaml +extraEnvVars: + - name: INFLUXDB_DATA_QUERY_LOG_ENABLED + value: "true" +``` + +### Initialize a fresh instance + +The [Bitnami InfluxDB™](https://github.com/bitnami/bitnami-docker-influxdb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap. + +Alternatively, you can specify custom scripts using the `influxdb.initdbScripts` parameter. + +In addition to these options, you can also set an external ConfigMap with all the initialization scripts. This is done by setting the `influxdb.initdbScriptsCM` parameter. Note that this will override the two previous options. parameter. + +The allowed extensions are `.sh`, and `.txt`. + +### Setting Pod's affinity + +This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters. + +## Persistence + +The data is persisted by default using PVC(s). You can disable the persistence setting the `persistence.enabled` parameter to `false`. +A default `StorageClass` is needed in the Kubernetes cluster to dynamically provision the volumes. Specify another StorageClass in the `persistence.storageClass` or set `persistence.existingClaim` if you have already existing persistent volumes to use. + +### Adjust permissions of persistent volume mountpoint + +As the images run as non-root by default, it is necessary to adjust the ownership of the persistent volumes so that the containers can write data into it. + +By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. +As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. + +You can enable this **initContainer** by setting `volumePermissions.enabled` to `true`. +There are K8s distribution, such as OpenShift, where you can dynamically define the UID to run this **initContainer**. To do so, set the `volumePermissions.securityContext.runAsUser` to `auto`. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami’s Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Upgrade + +It's necessary to specify the existing passwords while performing an upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `auth.admin.password`, `user.pwd`, ` auth.readUser.password` and `auth.writeUser.password` parameters when upgrading the chart: + +```bash +$ helm upgrade my-release bitnami/influxdb \ + --set auth.admin.password=[ADMIN_USER_PASSWORD] \ + --set auth.user.password=[USER_PASSWORD] \ + --set auth.readUser.password=[READ_USER_PASSWORD] \ + --set auth.writeUser.password=[WRITE_USER_PASSWORD] +``` + +> Note: you need to substitute the placeholders _[ADMIN_USER_PASSWORD]_, _[USER_PASSWORD]_, _[READ_USER_PASSWORD]_, and _[WRITE_USER_PASSWORD]_ with the values obtained from instructions in the installation notes. + +## Upgrading + +### To 2.0.0 + +This version adds support to InfluxDB™ +2.0, since this version the chart is only verified to work with InfluxDB™ +2.0 bitnami images. +However, you can use images for versions ~1.x.x taking into account the chart may need some modification to run with them. + +#### Installing InfluxDB™ v1 in chart v2. + +``` +$ helm install bitnami/influxdb --set image.tag=1.8.3-debian-10-r88 +``` + +As a consecuece some breaking changes have been included in this version. + +- Authentication values has been moved to `auth....`. +- We keep `auth.readUser` and `auth.writeUser` user options in order to be compatible with InfluxDB™ v1. If you are using InfluxDB™ 2.0, please, use the CLI to create user and tokens through initDb scripts at `influxdb.initdbScripts` or the UI due to we are not able to automacally provide a token for them to be used. See more [InfluxDB™ 2.0 auth](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) +- InfluxDB™ 2.0 has removed database concept, now it is called Bucket so the property `database` has been also moved to `auth.user.bucket`. +- Removed support for `files/docker-entrypoint-initdb.d/*.{sh,txt}`, please use `.influxdb.initdbScripts` or `.Values.influxdb.initdbScriptsCM` instead. +- Removed support for `files/conf/influxdb.conf`, please use `.influxdb.configuration` or `.influxdb.existingConfiguration` instead. +- Removed support for `files/conf/relay.toml`, please use `.Values.relay.configuration` or `.Values.relay.existingConfiguration` instead. +- `ingress.hosts` parameter has been replaced by `ingress.hostname` and `ingress.extraHosts` that may give us a bit more flexibility. + +#### Migrating form InfluxDB™ v1 to v2 + +Since this release could mean lot of concepts changes, we strongly recommend to not do it direcly using the chart upgrade. Please, read more info in their [upgrade guide](https://docs.influxdata.com/influxdb/v2.0/upgrade/v1-to-v2/). + +We actually recommend to backup all the data form a previous helm release, install new release using latest version of the chart and images and then restore data following their guides. + +#### Upgrading the chart form 1.x.x to 2.x.x using InfluxDB™ v1 images. + +> NOTE: Please, create a backup of your database before running any of those actions. + +Having an already existing chart release called `influxdb` and deployed like + +```console +$ helm install influxdb bitnami/influxdb +``` + +##### Export secrets and required values to update + +```console +$ export INFLUXDB_ADMIN_PASSWORD=$(kubectl get secret --namespace default influxdb -o jsonpath="{.data.admin-user-password}" | base64 --decode) +``` + +##### Upgrade the chart release + +> NOTE: Please remember to migrate all the values to its new path following the above notes, e.g: `adminUser.pwd` -> `auth.admin.password`. + +```console +$ helm upgrade influxdb bitnami/influxdb --set image.tag=1.8.3-debian-10-r99 \ + --set auth.admin.password=${INFLUXDB_ADMIN_PASSWORD} +``` + +### To 1.1.0 + +This version introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. + +### To 1.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +**What changes were introduced in this major version?** + +- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. +- The different fields present in the _Chart.yaml_ file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts + +**Considerations when upgrading to this version** + +- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues +- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore +- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 + +**Useful links** + +- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/ +- https://helm.sh/docs/topics/v2_v3_migration/ +- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/ diff --git a/influxdb/charts/common/.helmignore b/influxdb/charts/common/.helmignore new file mode 100644 index 0000000..50af031 --- /dev/null +++ b/influxdb/charts/common/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/influxdb/charts/common/Chart.yaml b/influxdb/charts/common/Chart.yaml new file mode 100644 index 0000000..243bc6c --- /dev/null +++ b/influxdb/charts/common/Chart.yaml @@ -0,0 +1,23 @@ +annotations: + category: Infrastructure +apiVersion: v2 +appVersion: 1.10.0 +description: A Library Helm Chart for grouping common logic between bitnami charts. + This chart is not deployable by itself. +home: https://github.com/bitnami/charts/tree/master/bitnami/common +icon: https://bitnami.com/downloads/logos/bitnami-mark.png +keywords: +- common +- helper +- template +- function +- bitnami +maintainers: +- email: containers@bitnami.com + name: Bitnami +name: common +sources: +- https://github.com/bitnami/charts +- http://www.bitnami.com/ +type: library +version: 1.10.0 diff --git a/influxdb/charts/common/README.md b/influxdb/charts/common/README.md new file mode 100644 index 0000000..cbbc31d --- /dev/null +++ b/influxdb/charts/common/README.md @@ -0,0 +1,328 @@ +# Bitnami Common Library Chart + +A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts. + +## TL;DR + +```yaml +dependencies: + - name: common + version: 0.x.x + repository: https://charts.bitnami.com/bitnami +``` + +```bash +$ helm dependency update +``` + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }} +data: + myvalue: "Hello World" +``` + +## Introduction + +This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications. + +## Prerequisites + +- Kubernetes 1.12+ +- Helm 3.1.0 + +## Parameters + +The following table lists the helpers available in the library which are scoped in different sections. + +### Affinities + +| Helper identifier | Description | Expected Input | +|-------------------------------|------------------------------------------------------|------------------------------------------------| +| `common.affinities.node.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.node.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.pod.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.pod.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | + +### Capabilities + +| Helper identifier | Description | Expected Input | +|------------------------------------------------|------------------------------------------------------------------------------------------------|-------------------| +| `common.capabilities.kubeVersion` | Return the target Kubernetes version (using client default if .Values.kubeVersion is not set). | `.` Chart context | +| `common.capabilities.cronjob.apiVersion` | Return the appropriate apiVersion for cronjob. | `.` Chart context | +| `common.capabilities.deployment.apiVersion` | Return the appropriate apiVersion for deployment. | `.` Chart context | +| `common.capabilities.statefulset.apiVersion` | Return the appropriate apiVersion for statefulset. | `.` Chart context | +| `common.capabilities.ingress.apiVersion` | Return the appropriate apiVersion for ingress. | `.` Chart context | +| `common.capabilities.rbac.apiVersion` | Return the appropriate apiVersion for RBAC resources. | `.` Chart context | +| `common.capabilities.crd.apiVersion` | Return the appropriate apiVersion for CRDs. | `.` Chart context | +| `common.capabilities.policy.apiVersion` | Return the appropriate apiVersion for podsecuritypolicy. | `.` Chart context | +| `common.capabilities.networkPolicy.apiVersion` | Return the appropriate apiVersion for networkpolicy. | `.` Chart context | +| `common.capabilities.supportsHelmVersion` | Returns true if the used Helm version is 3.3+ | `.` Chart context | + +### Errors + +| Helper identifier | Description | Expected Input | +|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------| +| `common.errors.upgrade.passwords.empty` | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01) "context" $` | + +### Images + +| Helper identifier | Description | Expected Input | +|-----------------------------|------------------------------------------------------|---------------------------------------------------------------------------------------------------------| +| `common.images.image` | Return the proper and full image name | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure. | +| `common.images.pullSecrets` | Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global` | +| `common.images.renderPullSecrets` | Return the proper Docker Image Registry Secret Names (evaluates values as templates) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $` | + +### Ingress + +| Helper identifier | Description | Expected Input | +|-------------------------------------------|----------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.ingress.backend` | Generate a proper Ingress backend entry depending on the API version | `dict "serviceName" "foo" "servicePort" "bar"`, see the [Ingress deprecation notice](https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/) for the syntax differences | +| `common.ingress.supportsPathType` | Prints "true" if the pathType field is supported | `.` Chart context | +| `common.ingress.supportsIngressClassname` | Prints "true" if the ingressClassname field is supported | `.` Chart context | + +### Labels + +| Helper identifier | Description | Expected Input | +|-----------------------------|------------------------------------------------------|-------------------| +| `common.labels.standard` | Return Kubernetes standard labels | `.` Chart context | +| `common.labels.matchLabels` | Return the proper Docker Image Registry Secret Names | `.` Chart context | + +### Names + +| Helper identifier | Description | Expected Input | +|-------------------------|------------------------------------------------------------|-------------------| +| `common.names.name` | Expand the name of the chart or use `.Values.nameOverride` | `.` Chart context | +| `common.names.fullname` | Create a default fully qualified app name. | `.` Chart context | +| `common.names.chart` | Chart name plus version | `.` Chart context | + +### Secrets + +| Helper identifier | Description | Expected Input | +|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | +| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | +| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | +| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | + +### Storage + +| Helper identifier | Description | Expected Input | +|-------------------------------|---------------------------------------|---------------------------------------------------------------------------------------------------------------------| +| `common.storage.class` | Return the proper Storage Class | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure. | + +### TplValues + +| Helper identifier | Description | Expected Input | +|---------------------------|----------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.tplvalues.render` | Renders a value that contains template | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frequently is the chart context `$` or `.` | + +### Utils + +| Helper identifier | Description | Expected Input | +|--------------------------------|------------------------------------------------------------------------------------------|------------------------------------------------------------------------| +| `common.utils.fieldToEnvVar` | Build environment variable name given a field. | `dict "field" "my-password"` | +| `common.utils.secret.getvalue` | Print instructions to get a secret value. | `dict "secret" "secret-name" "field" "secret-value-field" "context" $` | +| `common.utils.getValueFromKey` | Gets a value from `.Values` object given its key path | `dict "key" "path.to.key" "context" $` | +| `common.utils.getKeyFromList` | Returns first `.Values` key with a defined value or first of the list if all non-defined | `dict "keys" (list "path.to.key1" "path.to.key2") "context" $` | + +### Validations + +| Helper identifier | Description | Expected Input | +|--------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.validations.values.single.empty` | Validate a value must not be empty. | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "subchart" "subchart" "context" $` secret, field and subchart are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) | +| `common.validations.values.multiple.empty` | Validate a multiple values must not be empty. It returns a shared error for all the values. | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue) | +| `common.validations.values.mariadb.passwords` | This helper will ensure required password for MariaDB are not empty. It returns a shared error for all the values. | `dict "secret" "mariadb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mariadb chart and the helper. | +| `common.validations.values.postgresql.passwords` | This helper will ensure required password for PostgreSQL are not empty. It returns a shared error for all the values. | `dict "secret" "postgresql-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper. | +| `common.validations.values.redis.passwords` | This helper will ensure required password for Redis™ are not empty. It returns a shared error for all the values. | `dict "secret" "redis-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use redis chart and the helper. | +| `common.validations.values.cassandra.passwords` | This helper will ensure required password for Cassandra are not empty. It returns a shared error for all the values. | `dict "secret" "cassandra-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use cassandra chart and the helper. | +| `common.validations.values.mongodb.passwords` | This helper will ensure required password for MongoDB® are not empty. It returns a shared error for all the values. | `dict "secret" "mongodb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mongodb chart and the helper. | + +### Warnings + +| Helper identifier | Description | Expected Input | +|------------------------------|----------------------------------|------------------------------------------------------------| +| `common.warnings.rollingTag` | Warning about using rolling tag. | `ImageRoot` see [ImageRoot](#imageroot) for the structure. | + +## Special input schemas + +### ImageRoot + +```yaml +registry: + type: string + description: Docker registry where the image is located + example: docker.io + +repository: + type: string + description: Repository and image name + example: bitnami/nginx + +tag: + type: string + description: image tag + example: 1.16.1-debian-10-r63 + +pullPolicy: + type: string + description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + +pullSecrets: + type: array + items: + type: string + description: Optionally specify an array of imagePullSecrets (evaluated as templates). + +debug: + type: boolean + description: Set to true if you would like to see extra information on logs + example: false + +## An instance would be: +# registry: docker.io +# repository: bitnami/nginx +# tag: 1.16.1-debian-10-r63 +# pullPolicy: IfNotPresent +# debug: false +``` + +### Persistence + +```yaml +enabled: + type: boolean + description: Whether enable persistence. + example: true + +storageClass: + type: string + description: Ghost data Persistent Volume Storage Class, If set to "-", storageClassName: "" which disables dynamic provisioning. + example: "-" + +accessMode: + type: string + description: Access mode for the Persistent Volume Storage. + example: ReadWriteOnce + +size: + type: string + description: Size the Persistent Volume Storage. + example: 8Gi + +path: + type: string + description: Path to be persisted. + example: /bitnami + +## An instance would be: +# enabled: true +# storageClass: "-" +# accessMode: ReadWriteOnce +# size: 8Gi +# path: /bitnami +``` + +### ExistingSecret + +```yaml +name: + type: string + description: Name of the existing secret. + example: mySecret +keyMapping: + description: Mapping between the expected key name and the name of the key in the existing secret. + type: object + +## An instance would be: +# name: mySecret +# keyMapping: +# password: myPasswordKey +``` + +#### Example of use + +When we store sensitive data for a deployment in a secret, some times we want to give to users the possibility of using theirs existing secrets. + +```yaml +# templates/secret.yaml +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + labels: + app: {{ include "common.names.fullname" . }} +type: Opaque +data: + password: {{ .Values.password | b64enc | quote }} + +# templates/dpl.yaml +--- +... + env: + - name: PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }} + key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "password") }} +... + +# values.yaml +--- +name: mySecret +keyMapping: + password: myPasswordKey +``` + +### ValidateValue + +#### NOTES.txt + +```console +{{- $validateValueConf00 := (dict "valueKey" "path.to.value00" "secret" "secretName" "field" "password-00") -}} +{{- $validateValueConf01 := (dict "valueKey" "path.to.value01" "secret" "secretName" "field" "password-01") -}} + +{{ include "common.validations.values.multiple.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }} +``` + +If we force those values to be empty we will see some alerts + +```console +$ helm install test mychart --set path.to.value00="",path.to.value01="" + 'path.to.value00' must not be empty, please add '--set path.to.value00=$PASSWORD_00' to the command. To get the current value: + + export PASSWORD_00=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-00}" | base64 --decode) + + 'path.to.value01' must not be empty, please add '--set path.to.value01=$PASSWORD_01' to the command. To get the current value: + + export PASSWORD_01=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-01}" | base64 --decode) +``` + +## Upgrading + +### To 1.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +**What changes were introduced in this major version?** + +- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. +- Use `type: library`. [Here](https://v3.helm.sh/docs/faq/#library-chart-support) you can find more information. +- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts + +**Considerations when upgrading to this version** + +- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues +- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore +- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 + +**Useful links** + +- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/ +- https://helm.sh/docs/topics/v2_v3_migration/ +- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/ diff --git a/influxdb/charts/common/templates/_affinities.tpl b/influxdb/charts/common/templates/_affinities.tpl new file mode 100644 index 0000000..189ea40 --- /dev/null +++ b/influxdb/charts/common/templates/_affinities.tpl @@ -0,0 +1,102 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Return a soft nodeAffinity definition +{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes.soft" -}} +preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: {{ .key }} + operator: In + values: + {{- range .values }} + - {{ . | quote }} + {{- end }} + weight: 1 +{{- end -}} + +{{/* +Return a hard nodeAffinity definition +{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes.hard" -}} +requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .key }} + operator: In + values: + {{- range .values }} + - {{ . | quote }} + {{- end }} +{{- end -}} + +{{/* +Return a nodeAffinity definition +{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes" -}} + {{- if eq .type "soft" }} + {{- include "common.affinities.nodes.soft" . -}} + {{- else if eq .type "hard" }} + {{- include "common.affinities.nodes.hard" . -}} + {{- end -}} +{{- end -}} + +{{/* +Return a soft podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +*/}} +{{- define "common.affinities.pods.soft" -}} +{{- $component := default "" .component -}} +{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := $extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + namespaces: + - {{ .context.Release.Namespace | quote }} + topologyKey: kubernetes.io/hostname + weight: 1 +{{- end -}} + +{{/* +Return a hard podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +*/}} +{{- define "common.affinities.pods.hard" -}} +{{- $component := default "" .component -}} +{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := $extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + namespaces: + - {{ .context.Release.Namespace | quote }} + topologyKey: kubernetes.io/hostname +{{- end -}} + +{{/* +Return a podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.pods" -}} + {{- if eq .type "soft" }} + {{- include "common.affinities.pods.soft" . -}} + {{- else if eq .type "hard" }} + {{- include "common.affinities.pods.hard" . -}} + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_capabilities.tpl b/influxdb/charts/common/templates/_capabilities.tpl new file mode 100644 index 0000000..26a4ef8 --- /dev/null +++ b/influxdb/charts/common/templates/_capabilities.tpl @@ -0,0 +1,128 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "common.capabilities.kubeVersion" -}} +{{- if .Values.global }} + {{- if .Values.global.kubeVersion }} + {{- .Values.global.kubeVersion -}} + {{- else }} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} + {{- end -}} +{{- else }} +{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for podsecuritypolicy. +*/}} +{{- define "common.capabilities.policy.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "common.capabilities.networkPolicy.apiVersion" -}} +{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for cronjob. +*/}} +{{- define "common.capabilities.cronjob.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "batch/v1beta1" -}} +{{- else -}} +{{- print "batch/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for deployment. +*/}} +{{- define "common.capabilities.deployment.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for statefulset. +*/}} +{{- define "common.capabilities.statefulset.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "apps/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress. +*/}} +{{- define "common.capabilities.ingress.apiVersion" -}} +{{- if .Values.ingress -}} +{{- if .Values.ingress.apiVersion -}} +{{- .Values.ingress.apiVersion -}} +{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end }} +{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for RBAC resources. +*/}} +{{- define "common.capabilities.rbac.apiVersion" -}} +{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "rbac.authorization.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "rbac.authorization.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for CRDs. +*/}} +{{- define "common.capabilities.crd.apiVersion" -}} +{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "apiextensions.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "apiextensions.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if the used Helm version is 3.3+. +A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure. +This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error. +**To be removed when the catalog's minimun Helm version is 3.3** +*/}} +{{- define "common.capabilities.supportsHelmVersion" -}} +{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }} + {{- true -}} +{{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_errors.tpl b/influxdb/charts/common/templates/_errors.tpl new file mode 100644 index 0000000..a79cc2e --- /dev/null +++ b/influxdb/charts/common/templates/_errors.tpl @@ -0,0 +1,23 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Through error when upgrading using empty passwords values that must not be empty. + +Usage: +{{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}} +{{- $validationError01 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password01" "secret" "secretName" "field" "password-01") -}} +{{ include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $validationError00 $validationError01) "context" $) }} + +Required password params: + - validationErrors - String - Required. List of validation strings to be return, if it is empty it won't throw error. + - context - Context - Required. Parent context. +*/}} +{{- define "common.errors.upgrade.passwords.empty" -}} + {{- $validationErrors := join "" .validationErrors -}} + {{- if and $validationErrors .context.Release.IsUpgrade -}} + {{- $errorString := "\nPASSWORDS ERROR: You must provide your current passwords when upgrading the release." -}} + {{- $errorString = print $errorString "\n Note that even after reinstallation, old credentials may be needed as they may be kept in persistent volume claims." -}} + {{- $errorString = print $errorString "\n Further information can be obtained at https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases" -}} + {{- $errorString = print $errorString "\n%s" -}} + {{- printf $errorString $validationErrors | fail -}} + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_images.tpl b/influxdb/charts/common/templates/_images.tpl new file mode 100644 index 0000000..42ffbc7 --- /dev/null +++ b/influxdb/charts/common/templates/_images.tpl @@ -0,0 +1,75 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Return the proper image name +{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }} +*/}} +{{- define "common.images.image" -}} +{{- $registryName := .imageRoot.registry -}} +{{- $repositoryName := .imageRoot.repository -}} +{{- $tag := .imageRoot.tag | toString -}} +{{- if .global }} + {{- if .global.imageRegistry }} + {{- $registryName = .global.imageRegistry -}} + {{- end -}} +{{- end -}} +{{- if $registryName }} +{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- else -}} +{{- printf "%s:%s" $repositoryName $tag -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) +{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }} +*/}} +{{- define "common.images.pullSecrets" -}} + {{- $pullSecrets := list }} + + {{- if .global }} + {{- range .global.imagePullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + + {{- range .images -}} + {{- range .pullSecrets -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + + {{- if (not (empty $pullSecrets)) }} +imagePullSecrets: + {{- range $pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names evaluating values as templates +{{ include "common.images.renderPullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $) }} +*/}} +{{- define "common.images.renderPullSecrets" -}} + {{- $pullSecrets := list }} + {{- $context := .context }} + + {{- if $context.Values.global }} + {{- range $context.Values.global.imagePullSecrets -}} + {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} + {{- end -}} + {{- end -}} + + {{- range .images -}} + {{- range .pullSecrets -}} + {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} + {{- end -}} + {{- end -}} + + {{- if (not (empty $pullSecrets)) }} +imagePullSecrets: + {{- range $pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/influxdb/charts/common/templates/_ingress.tpl b/influxdb/charts/common/templates/_ingress.tpl new file mode 100644 index 0000000..f905f20 --- /dev/null +++ b/influxdb/charts/common/templates/_ingress.tpl @@ -0,0 +1,55 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Generate backend entry that is compatible with all Kubernetes API versions. + +Usage: +{{ include "common.ingress.backend" (dict "serviceName" "backendName" "servicePort" "backendPort" "context" $) }} + +Params: + - serviceName - String. Name of an existing service backend + - servicePort - String/Int. Port name (or number) of the service. It will be translated to different yaml depending if it is a string or an integer. + - context - Dict - Required. The context for the template evaluation. +*/}} +{{- define "common.ingress.backend" -}} +{{- $apiVersion := (include "common.capabilities.ingress.apiVersion" .context) -}} +{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}} +serviceName: {{ .serviceName }} +servicePort: {{ .servicePort }} +{{- else -}} +service: + name: {{ .serviceName }} + port: + {{- if typeIs "string" .servicePort }} + name: {{ .servicePort }} + {{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }} + number: {{ .servicePort | int }} + {{- end }} +{{- end -}} +{{- end -}} + +{{/* +Print "true" if the API pathType field is supported +Usage: +{{ include "common.ingress.supportsPathType" . }} +*/}} +{{- define "common.ingress.supportsPathType" -}} +{{- if (semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .)) -}} +{{- print "false" -}} +{{- else -}} +{{- print "true" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if the ingressClassname field is supported +Usage: +{{ include "common.ingress.supportsIngressClassname" . }} +*/}} +{{- define "common.ingress.supportsIngressClassname" -}} +{{- if semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "false" -}} +{{- else -}} +{{- print "true" -}} +{{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_labels.tpl b/influxdb/charts/common/templates/_labels.tpl new file mode 100644 index 0000000..252066c --- /dev/null +++ b/influxdb/charts/common/templates/_labels.tpl @@ -0,0 +1,18 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Kubernetes standard labels +*/}} +{{- define "common.labels.standard" -}} +app.kubernetes.io/name: {{ include "common.names.name" . }} +helm.sh/chart: {{ include "common.names.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector +*/}} +{{- define "common.labels.matchLabels" -}} +app.kubernetes.io/name: {{ include "common.names.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/influxdb/charts/common/templates/_names.tpl b/influxdb/charts/common/templates/_names.tpl new file mode 100644 index 0000000..cf03231 --- /dev/null +++ b/influxdb/charts/common/templates/_names.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "common.names.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "common.names.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "common.names.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified dependency name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +Usage: +{{ include "common.names.dependency.fullname" (dict "chartName" "dependency-chart-name" "chartValues" .Values.dependency-chart "context" $) }} +*/}} +{{- define "common.names.dependency.fullname" -}} +{{- if .chartValues.fullnameOverride -}} +{{- .chartValues.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .chartName .chartValues.nameOverride -}} +{{- if contains $name .context.Release.Name -}} +{{- .context.Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .context.Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_secrets.tpl b/influxdb/charts/common/templates/_secrets.tpl new file mode 100644 index 0000000..60b84a7 --- /dev/null +++ b/influxdb/charts/common/templates/_secrets.tpl @@ -0,0 +1,129 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Generate secret name. + +Usage: +{{ include "common.secrets.name" (dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $) }} + +Params: + - existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user + to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility. + +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret + - defaultNameSuffix - String - Optional. It is used only if we have several secrets in the same deployment. + - context - Dict - Required. The context for the template evaluation. +*/}} +{{- define "common.secrets.name" -}} +{{- $name := (include "common.names.fullname" .context) -}} + +{{- if .defaultNameSuffix -}} +{{- $name = printf "%s-%s" $name .defaultNameSuffix | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- with .existingSecret -}} +{{- if not (typeIs "string" .) -}} +{{- with .name -}} +{{- $name = . -}} +{{- end -}} +{{- else -}} +{{- $name = . -}} +{{- end -}} +{{- end -}} + +{{- printf "%s" $name -}} +{{- end -}} + +{{/* +Generate secret key. + +Usage: +{{ include "common.secrets.key" (dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName") }} + +Params: + - existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user + to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility. + +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret + - key - String - Required. Name of the key in the secret. +*/}} +{{- define "common.secrets.key" -}} +{{- $key := .key -}} + +{{- if .existingSecret -}} + {{- if not (typeIs "string" .existingSecret) -}} + {{- if .existingSecret.keyMapping -}} + {{- $key = index .existingSecret.keyMapping $.key -}} + {{- end -}} + {{- end }} +{{- end -}} + +{{- printf "%s" $key -}} +{{- end -}} + +{{/* +Generate secret password or retrieve one if already created. + +Usage: +{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $) }} + +Params: + - secret - String - Required - Name of the 'Secret' resource where the password is stored. + - key - String - Required - Name of the key in the secret. + - providedValues - List - Required - The path to the validating value in the values.yaml, e.g: "mysql.password". Will pick first parameter with a defined value. + - length - int - Optional - Length of the generated random password. + - strong - Boolean - Optional - Whether to add symbols to the generated random password. + - chartName - String - Optional - Name of the chart used when said chart is deployed as a subchart. + - context - Context - Required - Parent context. +*/}} +{{- define "common.secrets.passwords.manage" -}} + +{{- $password := "" }} +{{- $subchart := "" }} +{{- $chartName := default "" .chartName }} +{{- $passwordLength := default 10 .length }} +{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }} +{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }} +{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }} +{{- if $secret }} + {{- if index $secret.data .key }} + {{- $password = index $secret.data .key }} + {{- end -}} +{{- else if $providedPasswordValue }} + {{- $password = $providedPasswordValue | toString | b64enc | quote }} +{{- else }} + + {{- if .context.Values.enabled }} + {{- $subchart = $chartName }} + {{- end -}} + + {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}} + {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}} + {{- $passwordValidationErrors := list $requiredPasswordError -}} + {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}} + + {{- if .strong }} + {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }} + {{- $password = randAscii $passwordLength }} + {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }} + {{- $password = printf "%s%s" $subStr $password | toString | shuffle | b64enc | quote }} + {{- else }} + {{- $password = randAlphaNum $passwordLength | b64enc | quote }} + {{- end }} +{{- end -}} +{{- printf "%s" $password -}} +{{- end -}} + +{{/* +Returns whether a previous generated secret already exists + +Usage: +{{ include "common.secrets.exists" (dict "secret" "secret-name" "context" $) }} + +Params: + - secret - String - Required - Name of the 'Secret' resource where the password is stored. + - context - Context - Required - Parent context. +*/}} +{{- define "common.secrets.exists" -}} +{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }} +{{- if $secret }} + {{- true -}} +{{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_storage.tpl b/influxdb/charts/common/templates/_storage.tpl new file mode 100644 index 0000000..60e2a84 --- /dev/null +++ b/influxdb/charts/common/templates/_storage.tpl @@ -0,0 +1,23 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Return the proper Storage Class +{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }} +*/}} +{{- define "common.storage.class" -}} + +{{- $storageClass := .persistence.storageClass -}} +{{- if .global -}} + {{- if .global.storageClass -}} + {{- $storageClass = .global.storageClass -}} + {{- end -}} +{{- end -}} + +{{- if $storageClass -}} + {{- if (eq "-" $storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" $storageClass -}} + {{- end -}} +{{- end -}} + +{{- end -}} diff --git a/influxdb/charts/common/templates/_tplvalues.tpl b/influxdb/charts/common/templates/_tplvalues.tpl new file mode 100644 index 0000000..2db1668 --- /dev/null +++ b/influxdb/charts/common/templates/_tplvalues.tpl @@ -0,0 +1,13 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Renders a value that contains template. +Usage: +{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }} +*/}} +{{- define "common.tplvalues.render" -}} + {{- if typeIs "string" .value }} + {{- tpl .value .context }} + {{- else }} + {{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} diff --git a/influxdb/charts/common/templates/_utils.tpl b/influxdb/charts/common/templates/_utils.tpl new file mode 100644 index 0000000..ea083a2 --- /dev/null +++ b/influxdb/charts/common/templates/_utils.tpl @@ -0,0 +1,62 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Print instructions to get a secret value. +Usage: +{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }} +*/}} +{{- define "common.utils.secret.getvalue" -}} +{{- $varname := include "common.utils.fieldToEnvVar" . -}} +export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 --decode) +{{- end -}} + +{{/* +Build env var name given a field +Usage: +{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }} +*/}} +{{- define "common.utils.fieldToEnvVar" -}} + {{- $fieldNameSplit := splitList "-" .field -}} + {{- $upperCaseFieldNameSplit := list -}} + + {{- range $fieldNameSplit -}} + {{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}} + {{- end -}} + + {{ join "_" $upperCaseFieldNameSplit }} +{{- end -}} + +{{/* +Gets a value from .Values given +Usage: +{{ include "common.utils.getValueFromKey" (dict "key" "path.to.key" "context" $) }} +*/}} +{{- define "common.utils.getValueFromKey" -}} +{{- $splitKey := splitList "." .key -}} +{{- $value := "" -}} +{{- $latestObj := $.context.Values -}} +{{- range $splitKey -}} + {{- if not $latestObj -}} + {{- printf "please review the entire path of '%s' exists in values" $.key | fail -}} + {{- end -}} + {{- $value = ( index $latestObj . ) -}} + {{- $latestObj = $value -}} +{{- end -}} +{{- printf "%v" (default "" $value) -}} +{{- end -}} + +{{/* +Returns first .Values key with a defined value or first of the list if all non-defined +Usage: +{{ include "common.utils.getKeyFromList" (dict "keys" (list "path.to.key1" "path.to.key2") "context" $) }} +*/}} +{{- define "common.utils.getKeyFromList" -}} +{{- $key := first .keys -}} +{{- $reverseKeys := reverse .keys }} +{{- range $reverseKeys }} + {{- $value := include "common.utils.getValueFromKey" (dict "key" . "context" $.context ) }} + {{- if $value -}} + {{- $key = . }} + {{- end -}} +{{- end -}} +{{- printf "%s" $key -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/_warnings.tpl b/influxdb/charts/common/templates/_warnings.tpl new file mode 100644 index 0000000..ae10fa4 --- /dev/null +++ b/influxdb/charts/common/templates/_warnings.tpl @@ -0,0 +1,14 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Warning about using rolling tag. +Usage: +{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }} +*/}} +{{- define "common.warnings.rollingTag" -}} + +{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }} +WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. ++info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ +{{- end }} + +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_cassandra.tpl b/influxdb/charts/common/templates/validations/_cassandra.tpl new file mode 100644 index 0000000..8679ddf --- /dev/null +++ b/influxdb/charts/common/templates/validations/_cassandra.tpl @@ -0,0 +1,72 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Validate Cassandra required passwords are not empty. + +Usage: +{{ include "common.validations.values.cassandra.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} +Params: + - secret - String - Required. Name of the secret where Cassandra values are stored, e.g: "cassandra-passwords-secret" + - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false +*/}} +{{- define "common.validations.values.cassandra.passwords" -}} + {{- $existingSecret := include "common.cassandra.values.existingSecret" . -}} + {{- $enabled := include "common.cassandra.values.enabled" . -}} + {{- $dbUserPrefix := include "common.cassandra.values.key.dbUser" . -}} + {{- $valueKeyPassword := printf "%s.password" $dbUserPrefix -}} + + {{- if and (not $existingSecret) (eq $enabled "true") -}} + {{- $requiredPasswords := list -}} + + {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "cassandra-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} + + {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} + + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for existingSecret. + +Usage: +{{ include "common.cassandra.values.existingSecret" (dict "context" $) }} +Params: + - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false +*/}} +{{- define "common.cassandra.values.existingSecret" -}} + {{- if .subchart -}} + {{- .context.Values.cassandra.dbUser.existingSecret | quote -}} + {{- else -}} + {{- .context.Values.dbUser.existingSecret | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled cassandra. + +Usage: +{{ include "common.cassandra.values.enabled" (dict "context" $) }} +*/}} +{{- define "common.cassandra.values.enabled" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.cassandra.enabled -}} + {{- else -}} + {{- printf "%v" (not .context.Values.enabled) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for the key dbUser + +Usage: +{{ include "common.cassandra.values.key.dbUser" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false +*/}} +{{- define "common.cassandra.values.key.dbUser" -}} + {{- if .subchart -}} + cassandra.dbUser + {{- else -}} + dbUser + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_mariadb.tpl b/influxdb/charts/common/templates/validations/_mariadb.tpl new file mode 100644 index 0000000..bb5ed72 --- /dev/null +++ b/influxdb/charts/common/templates/validations/_mariadb.tpl @@ -0,0 +1,103 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Validate MariaDB required passwords are not empty. + +Usage: +{{ include "common.validations.values.mariadb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} +Params: + - secret - String - Required. Name of the secret where MariaDB values are stored, e.g: "mysql-passwords-secret" + - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false +*/}} +{{- define "common.validations.values.mariadb.passwords" -}} + {{- $existingSecret := include "common.mariadb.values.auth.existingSecret" . -}} + {{- $enabled := include "common.mariadb.values.enabled" . -}} + {{- $architecture := include "common.mariadb.values.architecture" . -}} + {{- $authPrefix := include "common.mariadb.values.key.auth" . -}} + {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}} + {{- $valueKeyUsername := printf "%s.username" $authPrefix -}} + {{- $valueKeyPassword := printf "%s.password" $authPrefix -}} + {{- $valueKeyReplicationPassword := printf "%s.replicationPassword" $authPrefix -}} + + {{- if and (not $existingSecret) (eq $enabled "true") -}} + {{- $requiredPasswords := list -}} + + {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mariadb-root-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}} + + {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }} + {{- if not (empty $valueUsername) -}} + {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mariadb-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} + {{- end -}} + + {{- if (eq $architecture "replication") -}} + {{- $requiredReplicationPassword := dict "valueKey" $valueKeyReplicationPassword "secret" .secret "field" "mariadb-replication-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}} + {{- end -}} + + {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} + + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for existingSecret. + +Usage: +{{ include "common.mariadb.values.auth.existingSecret" (dict "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false +*/}} +{{- define "common.mariadb.values.auth.existingSecret" -}} + {{- if .subchart -}} + {{- .context.Values.mariadb.auth.existingSecret | quote -}} + {{- else -}} + {{- .context.Values.auth.existingSecret | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled mariadb. + +Usage: +{{ include "common.mariadb.values.enabled" (dict "context" $) }} +*/}} +{{- define "common.mariadb.values.enabled" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.mariadb.enabled -}} + {{- else -}} + {{- printf "%v" (not .context.Values.enabled) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for architecture + +Usage: +{{ include "common.mariadb.values.architecture" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false +*/}} +{{- define "common.mariadb.values.architecture" -}} + {{- if .subchart -}} + {{- .context.Values.mariadb.architecture -}} + {{- else -}} + {{- .context.Values.architecture -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for the key auth + +Usage: +{{ include "common.mariadb.values.key.auth" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false +*/}} +{{- define "common.mariadb.values.key.auth" -}} + {{- if .subchart -}} + mariadb.auth + {{- else -}} + auth + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_mongodb.tpl b/influxdb/charts/common/templates/validations/_mongodb.tpl new file mode 100644 index 0000000..1e5bba9 --- /dev/null +++ b/influxdb/charts/common/templates/validations/_mongodb.tpl @@ -0,0 +1,108 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Validate MongoDB® required passwords are not empty. + +Usage: +{{ include "common.validations.values.mongodb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} +Params: + - secret - String - Required. Name of the secret where MongoDB® values are stored, e.g: "mongodb-passwords-secret" + - subchart - Boolean - Optional. Whether MongoDB® is used as subchart or not. Default: false +*/}} +{{- define "common.validations.values.mongodb.passwords" -}} + {{- $existingSecret := include "common.mongodb.values.auth.existingSecret" . -}} + {{- $enabled := include "common.mongodb.values.enabled" . -}} + {{- $authPrefix := include "common.mongodb.values.key.auth" . -}} + {{- $architecture := include "common.mongodb.values.architecture" . -}} + {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}} + {{- $valueKeyUsername := printf "%s.username" $authPrefix -}} + {{- $valueKeyDatabase := printf "%s.database" $authPrefix -}} + {{- $valueKeyPassword := printf "%s.password" $authPrefix -}} + {{- $valueKeyReplicaSetKey := printf "%s.replicaSetKey" $authPrefix -}} + {{- $valueKeyAuthEnabled := printf "%s.enabled" $authPrefix -}} + + {{- $authEnabled := include "common.utils.getValueFromKey" (dict "key" $valueKeyAuthEnabled "context" .context) -}} + + {{- if and (not $existingSecret) (eq $enabled "true") (eq $authEnabled "true") -}} + {{- $requiredPasswords := list -}} + + {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mongodb-root-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}} + + {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }} + {{- $valueDatabase := include "common.utils.getValueFromKey" (dict "key" $valueKeyDatabase "context" .context) }} + {{- if and $valueUsername $valueDatabase -}} + {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mongodb-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} + {{- end -}} + + {{- if (eq $architecture "replicaset") -}} + {{- $requiredReplicaSetKey := dict "valueKey" $valueKeyReplicaSetKey "secret" .secret "field" "mongodb-replica-set-key" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredReplicaSetKey -}} + {{- end -}} + + {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} + + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for existingSecret. + +Usage: +{{ include "common.mongodb.values.auth.existingSecret" (dict "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MongoDb is used as subchart or not. Default: false +*/}} +{{- define "common.mongodb.values.auth.existingSecret" -}} + {{- if .subchart -}} + {{- .context.Values.mongodb.auth.existingSecret | quote -}} + {{- else -}} + {{- .context.Values.auth.existingSecret | quote -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled mongodb. + +Usage: +{{ include "common.mongodb.values.enabled" (dict "context" $) }} +*/}} +{{- define "common.mongodb.values.enabled" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.mongodb.enabled -}} + {{- else -}} + {{- printf "%v" (not .context.Values.enabled) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for the key auth + +Usage: +{{ include "common.mongodb.values.key.auth" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MongoDB® is used as subchart or not. Default: false +*/}} +{{- define "common.mongodb.values.key.auth" -}} + {{- if .subchart -}} + mongodb.auth + {{- else -}} + auth + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for architecture + +Usage: +{{ include "common.mongodb.values.architecture" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false +*/}} +{{- define "common.mongodb.values.architecture" -}} + {{- if .subchart -}} + {{- .context.Values.mongodb.architecture -}} + {{- else -}} + {{- .context.Values.architecture -}} + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_postgresql.tpl b/influxdb/charts/common/templates/validations/_postgresql.tpl new file mode 100644 index 0000000..992bcd3 --- /dev/null +++ b/influxdb/charts/common/templates/validations/_postgresql.tpl @@ -0,0 +1,131 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Validate PostgreSQL required passwords are not empty. + +Usage: +{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} +Params: + - secret - String - Required. Name of the secret where postgresql values are stored, e.g: "postgresql-passwords-secret" + - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false +*/}} +{{- define "common.validations.values.postgresql.passwords" -}} + {{- $existingSecret := include "common.postgresql.values.existingSecret" . -}} + {{- $enabled := include "common.postgresql.values.enabled" . -}} + {{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}} + {{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}} + + {{- if and (not $existingSecret) (eq $enabled "true") -}} + {{- $requiredPasswords := list -}} + + {{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}} + + {{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}} + {{- if (eq $enabledReplication "true") -}} + {{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}} + {{- end -}} + + {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to decide whether evaluate global values. + +Usage: +{{ include "common.postgresql.values.use.global" (dict "key" "key-of-global" "context" $) }} +Params: + - key - String - Required. Field to be evaluated within global, e.g: "existingSecret" +*/}} +{{- define "common.postgresql.values.use.global" -}} + {{- if .context.Values.global -}} + {{- if .context.Values.global.postgresql -}} + {{- index .context.Values.global.postgresql .key | quote -}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for existingSecret. + +Usage: +{{ include "common.postgresql.values.existingSecret" (dict "context" $) }} +*/}} +{{- define "common.postgresql.values.existingSecret" -}} + {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "existingSecret" "context" .context) -}} + + {{- if .subchart -}} + {{- default (.context.Values.postgresql.existingSecret | quote) $globalValue -}} + {{- else -}} + {{- default (.context.Values.existingSecret | quote) $globalValue -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled postgresql. + +Usage: +{{ include "common.postgresql.values.enabled" (dict "context" $) }} +*/}} +{{- define "common.postgresql.values.enabled" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.postgresql.enabled -}} + {{- else -}} + {{- printf "%v" (not .context.Values.enabled) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for the key postgressPassword. + +Usage: +{{ include "common.postgresql.values.key.postgressPassword" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false +*/}} +{{- define "common.postgresql.values.key.postgressPassword" -}} + {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "postgresqlUsername" "context" .context) -}} + + {{- if not $globalValue -}} + {{- if .subchart -}} + postgresql.postgresqlPassword + {{- else -}} + postgresqlPassword + {{- end -}} + {{- else -}} + global.postgresql.postgresqlPassword + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled.replication. + +Usage: +{{ include "common.postgresql.values.enabled.replication" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false +*/}} +{{- define "common.postgresql.values.enabled.replication" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.postgresql.replication.enabled -}} + {{- else -}} + {{- printf "%v" .context.Values.replication.enabled -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for the key replication.password. + +Usage: +{{ include "common.postgresql.values.key.replicationPassword" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false +*/}} +{{- define "common.postgresql.values.key.replicationPassword" -}} + {{- if .subchart -}} + postgresql.replication.password + {{- else -}} + replication.password + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_redis.tpl b/influxdb/charts/common/templates/validations/_redis.tpl new file mode 100644 index 0000000..18d9813 --- /dev/null +++ b/influxdb/charts/common/templates/validations/_redis.tpl @@ -0,0 +1,76 @@ + +{{/* vim: set filetype=mustache: */}} +{{/* +Validate Redis™ required passwords are not empty. + +Usage: +{{ include "common.validations.values.redis.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} +Params: + - secret - String - Required. Name of the secret where redis values are stored, e.g: "redis-passwords-secret" + - subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false +*/}} +{{- define "common.validations.values.redis.passwords" -}} + {{- $enabled := include "common.redis.values.enabled" . -}} + {{- $valueKeyPrefix := include "common.redis.values.keys.prefix" . -}} + {{- $standarizedVersion := include "common.redis.values.standarized.version" . }} + + {{- $existingSecret := ternary (printf "%s%s" $valueKeyPrefix "auth.existingSecret") (printf "%s%s" $valueKeyPrefix "existingSecret") (eq $standarizedVersion "true") }} + {{- $existingSecretValue := include "common.utils.getValueFromKey" (dict "key" $existingSecret "context" .context) }} + + {{- $valueKeyRedisPassword := ternary (printf "%s%s" $valueKeyPrefix "auth.password") (printf "%s%s" $valueKeyPrefix "password") (eq $standarizedVersion "true") }} + {{- $valueKeyRedisUseAuth := ternary (printf "%s%s" $valueKeyPrefix "auth.enabled") (printf "%s%s" $valueKeyPrefix "usePassword") (eq $standarizedVersion "true") }} + + {{- if and (not $existingSecretValue) (eq $enabled "true") -}} + {{- $requiredPasswords := list -}} + + {{- $useAuth := include "common.utils.getValueFromKey" (dict "key" $valueKeyRedisUseAuth "context" .context) -}} + {{- if eq $useAuth "true" -}} + {{- $requiredRedisPassword := dict "valueKey" $valueKeyRedisPassword "secret" .secret "field" "redis-password" -}} + {{- $requiredPasswords = append $requiredPasswords $requiredRedisPassword -}} + {{- end -}} + + {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right value for enabled redis. + +Usage: +{{ include "common.redis.values.enabled" (dict "context" $) }} +*/}} +{{- define "common.redis.values.enabled" -}} + {{- if .subchart -}} + {{- printf "%v" .context.Values.redis.enabled -}} + {{- else -}} + {{- printf "%v" (not .context.Values.enabled) -}} + {{- end -}} +{{- end -}} + +{{/* +Auxiliary function to get the right prefix path for the values + +Usage: +{{ include "common.redis.values.key.prefix" (dict "subchart" "true" "context" $) }} +Params: + - subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false +*/}} +{{- define "common.redis.values.keys.prefix" -}} + {{- if .subchart -}}redis.{{- else -}}{{- end -}} +{{- end -}} + +{{/* +Checks whether the redis chart's includes the standarizations (version >= 14) + +Usage: +{{ include "common.redis.values.standarized.version" (dict "context" $) }} +*/}} +{{- define "common.redis.values.standarized.version" -}} + + {{- $standarizedAuth := printf "%s%s" (include "common.redis.values.keys.prefix" .) "auth" -}} + {{- $standarizedAuthValues := include "common.utils.getValueFromKey" (dict "key" $standarizedAuth "context" .context) }} + + {{- if $standarizedAuthValues -}} + {{- true -}} + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_validations.tpl b/influxdb/charts/common/templates/validations/_validations.tpl new file mode 100644 index 0000000..9a814cf --- /dev/null +++ b/influxdb/charts/common/templates/validations/_validations.tpl @@ -0,0 +1,46 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Validate values must not be empty. + +Usage: +{{- $validateValueConf00 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-00") -}} +{{- $validateValueConf01 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-01") -}} +{{ include "common.validations.values.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }} + +Validate value params: + - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password" + - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret" + - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password" +*/}} +{{- define "common.validations.values.multiple.empty" -}} + {{- range .required -}} + {{- include "common.validations.values.single.empty" (dict "valueKey" .valueKey "secret" .secret "field" .field "context" $.context) -}} + {{- end -}} +{{- end -}} + +{{/* +Validate a value must not be empty. + +Usage: +{{ include "common.validations.value.empty" (dict "valueKey" "mariadb.password" "secret" "secretName" "field" "my-password" "subchart" "subchart" "context" $) }} + +Validate value params: + - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password" + - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret" + - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password" + - subchart - String - Optional - Name of the subchart that the validated password is part of. +*/}} +{{- define "common.validations.values.single.empty" -}} + {{- $value := include "common.utils.getValueFromKey" (dict "key" .valueKey "context" .context) }} + {{- $subchart := ternary "" (printf "%s." .subchart) (empty .subchart) }} + + {{- if not $value -}} + {{- $varname := "my-value" -}} + {{- $getCurrentValue := "" -}} + {{- if and .secret .field -}} + {{- $varname = include "common.utils.fieldToEnvVar" . -}} + {{- $getCurrentValue = printf " To get the current value:\n\n %s\n" (include "common.utils.secret.getvalue" .) -}} + {{- end -}} + {{- printf "\n '%s' must not be empty, please add '--set %s%s=$%s' to the command.%s" .valueKey $subchart .valueKey $varname $getCurrentValue -}} + {{- end -}} +{{- end -}} diff --git a/influxdb/charts/common/values.yaml b/influxdb/charts/common/values.yaml new file mode 100644 index 0000000..f2df68e --- /dev/null +++ b/influxdb/charts/common/values.yaml @@ -0,0 +1,5 @@ +## bitnami/common +## It is required by CI/CD tools and processes. +## @skip exampleValue +## +exampleValue: common-chart diff --git a/influxdb/files/conf/README.md b/influxdb/files/conf/README.md new file mode 100644 index 0000000..11f633a --- /dev/null +++ b/influxdb/files/conf/README.md @@ -0,0 +1,6 @@ +Place your InfluxDB™ and InfluxDB Relay™ configuration files here. These will not be used in case the values *existingConfiguration*, *relay.existingConfiguration* are used. + +More information can be found in the links below: + +- [InfluxDB™ Configuration File](https://github.com/bitnami/bitnami-docker-influxdb#configuration-file) +- [InfluxDB Relay™ Configuration File](https://github.com/bitnami/bitnami-docker-influxdb-relay#configuration) diff --git a/influxdb/files/docker-entrypoint-initdb.d/README.md b/influxdb/files/docker-entrypoint-initdb.d/README.md new file mode 100644 index 0000000..00c283d --- /dev/null +++ b/influxdb/files/docker-entrypoint-initdb.d/README.md @@ -0,0 +1,3 @@ +You can copy here your custom `.sh` or `.txt` files so they are executed during the first boot of the image. + +More info in the [bitnami-docker-influxdb](https://github.com/bitnami/bitnami-docker-influxdb#initializing-a-new-instance) repository. diff --git a/influxdb/templates/NOTES.txt b/influxdb/templates/NOTES.txt new file mode 100644 index 0000000..55680c3 --- /dev/null +++ b/influxdb/templates/NOTES.txt @@ -0,0 +1,201 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +** Please be patient while the chart is being deployed ** + +{{- if .Values.diagnosticMode.enabled }} +The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: + + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} + +Get the list of pods by executing: + + kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +Access the pod you want to debug by executing + + kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash + +In order to replicate the container startup scripts execute this command: + + /opt/bitnami/scripts/influxdb/entrypoint.sh /opt/bitnami/scripts/influxdb/run.sh + +{{- else }} + +InfluxDB™ can be accessed through following DNS names from within your cluster: + + {{- if eq .Values.architecture "high-availability" }} + InfluxDB Relay™ (write operations): {{ include "common.names.fullname" . }}-relay.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.relay.service.port }}) + InfluxDB™ servers (read operations): {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.influxdb.service.port }}) + {{- else }} + InfluxDB™: {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.influxdb.service.port }}) + {{- end }} + {{- if .Values.metrics.enabled }} + InfluxDB™ Prometheus Metrics: {{ include "common.names.fullname" . }}-metrics.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.metrics.service.port }}) + {{- end }} + +{{- if .Values.authEnabled }} + +To get the password for the {{ .Values.auth.admin.username }} user, run: + + export ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.admin-user-password}" | base64 --decode) + +{{- if .Values.auth.user.username }} + +To get the password for the {{ .Values.auth.user.username }} user, run: + + export USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.user-password}" | base64 --decode) + +{{- end }} +{{- if .Values.readUser.name }} + +To get the password for the {{ .Values.readUser.name }} user, run: + + export READ_USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.read-user-password}" | base64 --decode) + +{{- end }} +{{- if .Values.writeUser.name }} + +To get the password for the {{ .Values.writeUser.name }} user, run: + + export WRITE_USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.write-user-password}" | base64 --decode) + +{{- end }} +{{- end }} + +To connect to your database run the following commands: + + {{- if eq .Values.architecture "high-availability" }} + + (write operations): + + kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} {{ if .Values.authEnabled }}--env="INFLUX_USERNAME={{ .Values.auth.admin.username }}" --env="INFLUX_PASSWORD=$ADMIN_PASSWORD"{{ end }} \ + {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ include "common.names.fullname" . }}-client=true" {{ end }}--image {{ include "influxdb.image" . }} \ + --command -- influx -host {{ include "common.names.fullname" . }}-relay -port {{ .Values.relay.service.port }} + + (read operations): + + {{- end }} + + kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} {{ if .Values.authEnabled }}--env="INFLUX_USERNAME={{ .Values.auth.admin.username }}" --env="INFLUX_PASSWORD=$ADMIN_PASSWORD"{{ end }} \ + {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ include "common.names.fullname" . }}-client=true" {{ end }}--image {{ include "influxdb.image" . }} \ + --command -- influx -host {{ include "common.names.fullname" . }} -port {{ .Values.influxdb.service.port }} + +{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} + +Note: Since NetworkPolicy is enabled, only pods with label "{{ include "common.names.fullname" . }}-client=true" will be able to connect to InfluxDB™ server(s). + +{{- end }} + +To connect to your database from outside the cluster execute the following commands: + +{{- if .Values.ingress.enabled }} +{{- $ingressHost := .Values.ingress.hostname }} + {{- if .Values.ingress.extraHosts }} + You should be able to access your new InfluxDB™ server(s) through: + {{- end }} + {{- range .Values.ingress.extraHosts }} + {{ if .tls }}https{{- else }}http{{ end }}://{{ .name }} + {{- end }} + + e.g.: + + {{ if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{ end }} influx -host {{ $ingressHost }} -port 80 + +{{- else if contains "NodePort" .Values.influxdb.service.type }} + + {{- if eq .Values.architecture "high-availability" }} + + (write operations): + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}-relay) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $NODE_IP -port $NODE_PORT + + (read operations): + + {{- end }} + + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $NODE_IP -port $NODE_PORT + +{{- else if contains "LoadBalancer" .Values.influxdb.service.type }} + + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + Watch the status with: 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "common.names.fullname" . }}-relay' + + {{- if eq .Values.architecture "high-availability" }} + + (write operations): + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }}-relay -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $SERVICE_IP -port {{ .Values.relay.service.port }} + + (read operations): + + {{- end }} + + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $SERVICE_IP -port {{ .Values.influxdb.service.port }} + +{{- else if contains "ClusterIP" .Values.influxdb.service.type }} + + {{- if eq .Values.architecture "high-availability" }} + + (write operations): + + kubectl port-forward svc/{{ include "common.names.fullname" . }}-relay 9096:{{ .Values.relay.service.port }} & + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host 127.0.0.1 -port 9096 + + (read operations): + + {{- end }} + + kubectl port-forward svc/{{ include "common.names.fullname" . }} 8086:{{ .Values.influxdb.service.port }} & + {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host 127.0.0.1 -port 8086 + +{{- end }} + +{{- if and (eq .Values.architecture "high-availability") (not .Values.influxdb.service.sessionAffinity) (not .Values.ingress.enabled) }} + +NOTE: When using "high-availability" it is recommended to configure 'influxdb.service.sessionAffinity' to prevent client connections from switching pods when connecting to InfluxDB UI. +{{- end }} + +{{- include "influxdb.validateValues" . }} + +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.relay.image }} +{{- include "common.warnings.rollingTag" .Values.backup.uploadProviders.google.image }} +{{- include "common.warnings.rollingTag" .Values.backup.uploadProviders.azure.image }} +{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} + +{{- $passwordValueConfigs := list -}} +{{- if not .Values.auth.existingSecret -}} + {{- $secretName := include "influxdb.secretName" . -}} + + {{- $adminPasswordConfig := dict "valueKey" "auth.admin.password" "secret" $secretName "field" "admin-user-password" "context" $ -}} + {{- $passwordValueConfigs = append $passwordValueConfigs $adminPasswordConfig -}} + {{- $adminTokenConfig := dict "valueKey" "auth.admin.token" "secret" $secretName "field" "admin-user-token" "context" $ -}} + {{- $passwordValueConfigs = append $passwordValueConfigs $adminTokenConfig -}} + + {{- if .Values.auth.user.username }} + {{- $userPasswordConfig := dict "valueKey" "auth.user.password" "secret" $secretName "field" "user-password" "context" $ -}} + {{- $passwordValueConfigs = append $passwordValueConfigs $userPasswordConfig -}} + {{- end }} + {{- if .Values.auth.readUser.username }} + {{- $readUserPasswordConfig := dict "valueKey" "auth.readUser.password" "secret" $secretName "field" "read-user-password" "context" $ -}} + {{- $passwordValueConfigs = append $passwordValueConfigs $readUserPasswordConfig -}} + {{- end }} + {{- if .Values.auth.writeUser.username }} + {{- $writeUserPasswordConfig := dict "valueKey" "auth.writeUser.password" "secret" $secretName "field" "write-user-password" "context" $ -}} + {{- $passwordValueConfigs = append $passwordValueConfigs $writeUserPasswordConfig -}} + {{- end }} +{{- end -}} + +{{- $passwordValidationErrors := include "common.validations.values.multiple.empty" (dict "required" $passwordValueConfigs "context" $) -}} +{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} + +{{- end }} diff --git a/influxdb/templates/_helpers.tpl b/influxdb/templates/_helpers.tpl new file mode 100644 index 0000000..304f761 --- /dev/null +++ b/influxdb/templates/_helpers.tpl @@ -0,0 +1,153 @@ +{{/* vim: set filetype=mustache: */}} + + +{{/* +Return the proper InfluxDB™ image name +*/}} +{{- define "influxdb.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper InfluxDB Relay™ image name +*/}} +{{- define "influxdb.relay.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.relay.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper init container volume-permissions image name +*/}} +{{- define "influxdb.volumePermissions.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper gcloud-sdk image name +*/}} +{{- define "gcloudSdk.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.backup.uploadProviders.google.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper azure-cli image name +*/}} +{{- define "azureCli.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.backup.uploadProviders.azure.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "influxdb.imagePullSecrets" -}} +{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.relay.image .Values.volumePermissions.image .Values.backup.uploadProviders.google.image .Values.backup.uploadProviders.azure.image) "global" .Values.global) }} +{{- end -}} + +{{/* +Return the InfluxDB™ credentials secret. +*/}} +{{- define "influxdb.secretName" -}} +{{- if .Values.auth.existingSecret -}} + {{- printf "%s" (tpl .Values.auth.existingSecret $) -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the InfluxDB™ configuration configmap. +*/}} +{{- define "influxdb.configmapName" -}} +{{- if .Values.influxdb.existingConfiguration -}} + {{- printf "%s" (tpl .Values.influxdb.existingConfiguration $) -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the InfluxDB™ PVC name. +*/}} +{{- define "influxdb.claimName" -}} +{{- if .Values.persistence.existingClaim }} + {{- printf "%s" (tpl .Values.persistence.existingClaim $) -}} +{{- else -}} + {{- printf "%s" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the InfluxDB™ initialization scripts configmap. +*/}} +{{- define "influxdb.initdbScriptsConfigmapName" -}} +{{- if .Values.influxdb.initdbScriptsCM -}} + {{- printf "%s" (tpl .Values.influxdb.initdbScriptsCM $) -}} +{{- else -}} + {{- printf "%s-initdb-scripts" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Get the InfluxDB™ initialization scripts secret. +*/}} +{{- define "influxdb.initdbScriptsSecret" -}} +{{- printf "%s" (tpl .Values.influxdb.initdbScriptsSecret $) -}} +{{- end -}} + +{{/* +Return the InfluxDB™ configuration configmap. +*/}} +{{- define "influxdb.relay.configmapName" -}} +{{- if .Values.relay.existingConfiguration -}} + {{- printf "%s" (tpl .Values.relay.existingConfiguration $) -}} +{{- else -}} + {{- printf "%s-relay" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + + +{{/* +Return the appropriate apiVersion for networkPolicy +*/}} +{{- define "influxdb.networkPolicy.apiVersion" -}} +{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} +"extensions/v1beta1" +{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}} +"networking.k8s.io/v1" +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message, and call fail. +*/}} +{{- define "influxdb.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "influxdb.validateValues.architecture" .) -}} +{{- $messages := append $messages (include "influxdb.validateValues.replicaCount" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} + +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of InfluxDB™ - must provide a valid architecture */}} +{{- define "influxdb.validateValues.architecture" -}} +{{- if and (ne .Values.architecture "standalone") (ne .Values.architecture "high-availability") -}} +influxdb: architecture + Invalid architecture selected. Valid values are "standalone" and + "high-availability". Please set a valid architecture (--set architecture="xxxx") +{{- end -}} +{{- end -}} + +{{/* Validate values of InfluxDB™ - number of replicas */}} +{{- define "influxdb.validateValues.replicaCount" -}} +{{- $replicaCount := int .Values.influxdb.replicaCount }} +{{- if and (eq .Values.architecture "standalone") (gt $replicaCount 1) -}} +influxdb: replicaCount + The standalone architecture doesn't allow to run more than 1 replica. + Please set a valid number of replicas (--set influxdb.replicaCount=1) or + use the "high-availability" architecture (--set architecture="high-availability") +{{- end -}} +{{- end -}} diff --git a/influxdb/templates/extradeploy.yaml b/influxdb/templates/extradeploy.yaml new file mode 100644 index 0000000..9ac65f9 --- /dev/null +++ b/influxdb/templates/extradeploy.yaml @@ -0,0 +1,4 @@ +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/influxdb/templates/influxdb/configmap-backup.yaml b/influxdb/templates/influxdb/configmap-backup.yaml new file mode 100644 index 0000000..a79220a --- /dev/null +++ b/influxdb/templates/influxdb/configmap-backup.yaml @@ -0,0 +1,78 @@ +{{- if .Values.backup.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-backup + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + backup.sh: |- + #!/bin/bash + + set -e + + . /opt/bitnami/scripts/libinfluxdb.sh + + DATE="$(date +%Y%m%d_%H%M%S)" + BRANCH="$(influxdb_branch)" + + host="{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc" + + get_orgs() { + INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" org list 2> /dev/null | grep -v 'ID' | awk -F '\t' 'BEGIN{ORS=" "} {print $2}' + } + + get_databases() { + local org_name="${1:-}" + if [[ "${BRANCH}" = "1" ]]; then + influx -username "{{ .Values.auth.admin.username }}" -password "${INFLUXDB_ADMIN_USER_PASSWORD}" -host "${host}" -port {{ .Values.influxdb.service.port }} -execute 'SHOW DATABASES' | sed -e '1,3d' + else + INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" bucket list --org "${org_name}" 2> /dev/null | grep -v 'ID' | awk -F '\t' 'BEGIN{ORS=" "} {print $2}' + fi + } + + if [[ "${BRANCH}" = "1" ]]; then + for DATABASE in $(get_databases); do + echo "backuping ${DATABASE} db to {{ .Values.backup.directory }}/${DATABASE}" + mkdir -p {{ .Values.backup.directory }}/${DATABASE} + + influxd backup -host "${host}" -port {{ .Values.influxdb.service.port }} -portable -db ${DATABASE} {{ .Values.backup.directory }}/"${DATABASE}/${DATE}" + done + + echo "deleting old backups" + find {{ .Values.backup.directory }} -mindepth 2 -maxdepth 2 -not -name ".snapshot" -not -name "lost+found" -type d -mtime +{{ .Values.backup.retentionDays }} -exec rm -r {} \; + else + for ORG in $(get_orgs); do + for BUCKET in $(get_databases "${ORG}"); do + backup_dir="{{ .Values.backup.directory }}/${ORG}/${BUCKET}" + echo "backuping ${BUCKET} bucket to ${backup_dir}" + mkdir -p "${backup_dir}" + + INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" backup --bucket "${BUCKET}" "${backup_dir}/${DATE}" + done + done + + echo "deleting old backups" + find {{ .Values.backup.directory }} -mindepth 3 -maxdepth 3 -not -name ".snapshot" -not -name "lost+found" -type d -mtime +{{ .Values.backup.retentionDays }} -exec rm -r {} \; + fi + upload-google.sh: |- + #!/bin/sh + + set -e + + gcloud auth activate-service-account --key-file /var/secrets/google/{{ .Values.backup.uploadProviders.google.secretKey }} + gsutil -m rsync -r -d {{ .Values.backup.directory }}/ {{ .Values.backup.uploadProviders.google.bucketName }} + upload-azure.sh: |- + #!/bin/sh + + set -e + + az storage blob sync --source {{ .Values.backup.directory }} --container {{ .Values.backup.uploadProviders.azure.containerName }} +{{ end }} diff --git a/influxdb/templates/influxdb/configmap-initdb-scripts.yaml b/influxdb/templates/influxdb/configmap-initdb-scripts.yaml new file mode 100644 index 0000000..222d629 --- /dev/null +++ b/influxdb/templates/influxdb/configmap-initdb-scripts.yaml @@ -0,0 +1,17 @@ +{{- if and (.Values.influxdb.initdbScripts) (not .Values.influxdb.initdbScriptsCM) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-initdb-scripts + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{ include "common.tplvalues.render" (dict "value" .Values.influxdb.initdbScripts "context" $) | nindent 2 }} +{{- end }} diff --git a/influxdb/templates/influxdb/configmap.yaml b/influxdb/templates/influxdb/configmap.yaml new file mode 100644 index 0000000..a13da4d --- /dev/null +++ b/influxdb/templates/influxdb/configmap.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.influxdb.configuration (not .Values.influxdb.existingConfiguration) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + influxdb.conf: |- + # User-supplied configuration: + {{ include "common.tplvalues.render" (dict "value" .Values.influxdb.configuration "context" $) | nindent 4 }} +{{- end }} diff --git a/influxdb/templates/influxdb/cronjob-backup.yaml b/influxdb/templates/influxdb/cronjob-backup.yaml new file mode 100644 index 0000000..ea4295c --- /dev/null +++ b/influxdb/templates/influxdb/cronjob-backup.yaml @@ -0,0 +1,147 @@ +{{- if .Values.backup.enabled }} +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: "{{ template "common.names.fullname" . }}-backup" + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + schedule: {{.Values.backup.cronjob.schedule | quote }} + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: {{ .Values.backup.cronjob.historyLimit }} + failedJobsHistoryLimit: {{ .Values.backup.cronjob.historyLimit }} + jobTemplate: + spec: + template: + metadata: + labels: + {{- include "common.labels.matchLabels" . | nindent 12 }} + annotations: + {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.podAnnotations "context" $) | nindent 12 }} + spec: + {{- if .Values.backup.cronjob.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.backup.cronjob.securityContext.fsGroup }} + runAsUser: {{ .Values.backup.cronjob.securityContext.runAsUser }} + {{- end }} + restartPolicy: OnFailure + volumes: + - name: backup-scripts + configMap: + name: {{ include "common.names.fullname" . }}-backup + defaultMode: 0755 + {{- if .Values.backup.uploadProviders.google.enabled }} + - name: google-cloud-key + secret: + {{- if .Values.backup.uploadProviders.google.existingSecret }} + secretName: {{ .Values.backup.uploadProviders.google.existingSecret | quote }} + {{- else }} + secretName: {{ include "common.names.fullname" . }}-backup-gcloud + {{- end }} + {{- end }} + - name: {{ include "common.names.fullname" . }}-backups + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.names.fullname" . }}-backups + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.backup.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.backup.affinity "context" $) | nindent 12 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.backup.podAffinityPreset "component" "influxdb" "context" $) | nindent 14 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.backup.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 14 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.backup.nodeAffinityPreset.type "key" .Values.backup.nodeAffinityPreset.key "values" .Values.backup.nodeAffinityPreset.values) | nindent 14 }} + {{- end }} + {{- if .Values.backup.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.backup.nodeSelector "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.backup.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.backup.tolerations "context" $) | nindent 10 }} + {{- end }} + initContainers: + - name: influxdb-backup + image: {{ include "influxdb.image" . | quote }} + env: + - name: INFLUXDB_ADMIN_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-password + - name: INFLUXDB_ADMIN_USER_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-token + command: + - "/tmp/backup.sh" + volumeMounts: + - name: {{ include "common.names.fullname" . }}-backups + mountPath: {{ .Values.backup.directory | quote }} + - name: backup-scripts + mountPath: /tmp/backup.sh + subPath: backup.sh + containers: + - name: influxdb-backup-dummy-container + image: {{ include "influxdb.image" . | quote }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} + {{- else }} + command: + - "/bin/true" + {{- end }} + {{- if .Values.backup.uploadProviders.google.enabled }} + - name: gsutil-cp + image: {{ include "gcloudSdk.image" . }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} + {{- else }} + command: + - "/tmp/upload-google.sh" + {{- end }} + volumeMounts: + - name: {{ include "common.names.fullname" . }}-backups + mountPath: {{ .Values.backup.directory | quote }} + - name: backup-scripts + mountPath: /tmp/upload-google.sh + subPath: upload-google.sh + - name: google-cloud-key + mountPath: /var/secrets/google/ + {{- end }} + {{- if .Values.backup.uploadProviders.azure.enabled }} + - name: azure-cli + image: {{ include "azureCli.image" . }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} + {{- else }} + command: + - "/tmp/upload-azure.sh" + {{- end }} + env: + - name: AZURE_STORAGE_CONNECTION_STRING + valueFrom: + secretKeyRef: + {{- if .Values.backup.uploadProviders.azure.existingSecret }} + name: {{ .Values.backup.uploadProviders.azure.existingSecret | quote }} + {{- else }} + name: {{ include "common.names.fullname" . }}-backup-azure + {{- end }} + key: {{ .Values.backup.uploadProviders.azure.secretKey }} + volumeMounts: + - name: {{ include "common.names.fullname" . }}-backups + mountPath: {{ .Values.backup.directory | quote }} + - name: backup-scripts + mountPath: /tmp/upload-azure.sh + subPath: upload-azure.sh + {{- end }} +{{- end }} diff --git a/influxdb/templates/influxdb/deployment-standalone.yaml b/influxdb/templates/influxdb/deployment-standalone.yaml new file mode 100644 index 0000000..b76887f --- /dev/null +++ b/influxdb/templates/influxdb/deployment-standalone.yaml @@ -0,0 +1,310 @@ +{{- if eq .Values.architecture "standalone" }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: 1 + strategy: + type: {{ .Values.influxdb.updateStrategy }} + {{- if (eq "Recreate" .Values.influxdb.updateStrategy) }} + rollingUpdate: null + {{- end }} + selector: + matchLabels: + {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: influxdb + template: + metadata: + labels: + {{- include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }} + {{- end }} + spec: + {{- include "influxdb.imagePullSecrets" . | nindent 6 }} + {{- if .Values.influxdb.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.influxdb.nodeAffinityPreset.type "key" .Values.influxdb.nodeAffinityPreset.key "values" .Values.influxdb.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.influxdb.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.influxdb.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.influxdb.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.influxdb.securityContext.fsGroup }} + {{- end }} + {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + initContainers: + - name: init-chmod-data + image: {{ include "influxdb.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + - -c + - | + mkdir -p /bitnami/influxdb/{data,meta,wal} + chmod 700 /bitnami/influxdb/{data,meta,wal} + find /bitnami/influxdb/{data,meta,wal} -mindepth 0 -maxdepth 1 | \ + {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} + xargs chown -R `id -u`:`id -G | cut -d " " -f2` + {{- else }} + xargs chown -R {{ .Values.influxdb.securityContext.runAsUser }}:{{ .Values.influxdb.securityContext.fsGroup }} + {{- end }} + {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} + securityContext: + {{- else }} + securityContext: + runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} + {{- end }} + volumeMounts: + - name: data + mountPath: /bitnami/influxdb + {{- end }} + containers: + - name: influxdb + image: {{ include "influxdb.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.influxdb.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.influxdb.securityContext.runAsUser }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: INFLUXDB_HTTP_AUTH_ENABLED + value: {{ .Values.auth.enabled | quote }} + - name: INFLUXDB_CREATE_USER_TOKEN + value: {{ ternary "yes" "no" .Values.auth.createUserToken | quote }} + {{- if .Values.auth.admin.username }} + - name: INFLUXDB_ADMIN_USER + value: {{ .Values.auth.admin.username | quote }} + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_ADMIN_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/admin-user-password" + {{- else }} + - name: INFLUXDB_ADMIN_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-password + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_ADMIN_USER_TOKEN_FILE + value: "/opt/bitnami/influxdb/secrets/admin-user-token" + {{- else }} + - name: INFLUXDB_ADMIN_USER_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-token + {{- end }} + - name: INFLUXDB_ADMIN_BUCKET + value: {{ .Values.auth.admin.bucket | quote }} + - name: INFLUXDB_ADMIN_ORG + value: {{ .Values.auth.admin.org | quote }} + {{- if .Values.auth.user.username }} + - name: INFLUXDB_USER + value: {{ .Values.auth.user.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/user-password" + {{- else }} + - name: INFLUXDB_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: user-password + {{- end }} + {{- end }} + {{- if .Values.auth.user.bucket }} + - name: INFLUXDB_USER_BUCKET + value: {{ .Values.auth.user.bucket | quote }} + {{- end }} + {{- if .Values.auth.user.org }} + - name: INFLUXDB_USER_ORG + value: {{ .Values.auth.user.org | quote }} + {{- end }} + {{- if .Values.auth.readUser.username }} + - name: INFLUXDB_READ_USER + value: {{ .Values.auth.readUser.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_READ_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/read-user-password" + {{- else }} + - name: INFLUXDB_READ_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: read-user-password + {{- end }} + {{- end }} + {{- if .Values.auth.writeUser.username }} + - name: INFLUXDB_WRITE_USER + value: {{ .Values.auth.writeUser.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_WRITE_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/write-user-password" + {{- else }} + - name: INFLUXDB_WRITE_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: write-user-password + {{- end }} + {{- end }} + {{- if .Values.auth.user.bucket }} + - name: INFLUXDB_DB + value: {{ .Values.auth.user.bucket | quote }} + {{- end }} + {{- if .Values.influxdb.extraEnvVars }} + {{- tpl (toYaml .Values.influxdb.extraEnvVars) $ | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.influxdb.containerPorts.http }} + protocol: TCP + - name: rpc + containerPort: {{ .Values.influxdb.containerPorts.rpc }} + protocol: TCP + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.influxdb.livenessProbe.enabled }} + {{- $livenessTimeout := sub (int .Values.influxdb.livenessProbe.timeoutSeconds) 1 }} + livenessProbe: {{- omit .Values.influxdb.livenessProbe "enabled" | toYaml | nindent 12 }} + exec: + command: + - bash + - -c + - | + . /opt/bitnami/scripts/libinfluxdb.sh + + influxdb_env + + {{- if .Values.auth.enabled }} + export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" + export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" + {{- end }} + + branch=$(influxdb_branch) + + if [[ "$branch" = "2" ]]; then + timeout {{ $livenessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping + else + timeout {{ $livenessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" + fi + {{- else if .Values.influxdb.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.influxdb.readinessProbe.enabled }} + {{- $readinessTimeout := sub (int .Values.influxdb.readinessProbe.timeoutSeconds) 1 }} + readinessProbe: {{- omit .Values.influxdb.readinessProbe "enabled" | toYaml | nindent 12 }} + exec: + command: + - bash + - -c + - | + . /opt/bitnami/scripts/libinfluxdb.sh + + influxdb_env + + {{- if .Values.auth.enabled }} + export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" + export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" + {{- end }} + + branch=$(influxdb_branch) + + if [[ "$branch" = "2" ]]; then + timeout {{ $readinessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping + else + timeout {{ $readinessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" + fi + {{- else if .Values.influxdb.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.influxdb.resources }} + resources: {{- toYaml .Values.influxdb.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if or .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} + - name: influxdb-config + mountPath: /opt/bitnami/influxdb/etc + {{- end }} + {{- if or .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} + - name: custom-init-scripts + mountPath: /docker-entrypoint-initdb.d/ + {{- end }} + {{- if .Values.influxdb.initdbScriptsSecret }} + - name: custom-init-scripts-secret + mountPath: /docker-entrypoint-initdb.d/secret + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: influxdb-credentials + mountPath: /opt/bitnami/influxdb/secrets/ + {{- end }} + {{- if .Values.persistence.enabled }} + - name: data + mountPath: /bitnami/influxdb + {{- end }} + {{- if .Values.influxdb.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + volumes: + {{- if or .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} + - name: influxdb-config + configMap: + name: {{ include "influxdb.configmapName" . }} + {{- end }} + {{- if or .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} + - name: custom-init-scripts + configMap: + name: {{ include "influxdb.initdbScriptsConfigmapName" . }} + {{- end }} + {{- if .Values.influxdb.initdbScriptsSecret }} + - name: custom-init-scripts-secret + secret: + secretName: {{ template "influxdb.initdbScriptsSecret" . }} + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: influxdb-credentials + secret: + secretName: {{ include "influxdb.secretName" . }} + {{- end }} + - name: data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "influxdb.claimName" . }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.influxdb.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/influxdb/pvc-backup.yaml b/influxdb/templates/influxdb/pvc-backup.yaml new file mode 100644 index 0000000..c639444 --- /dev/null +++ b/influxdb/templates/influxdb/pvc-backup.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.backup.enabled .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.names.fullname" . }}-backups + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 2 }} +{{- end }} diff --git a/influxdb/templates/influxdb/pvc.yaml b/influxdb/templates/influxdb/pvc.yaml new file mode 100644 index 0000000..43e8f04 --- /dev/null +++ b/influxdb/templates/influxdb/pvc.yaml @@ -0,0 +1,23 @@ +{{- if and (eq .Values.architecture "standalone") .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 2 }} +{{- end }} diff --git a/influxdb/templates/influxdb/secrets-backup.yaml b/influxdb/templates/influxdb/secrets-backup.yaml new file mode 100644 index 0000000..e09f97e --- /dev/null +++ b/influxdb/templates/influxdb/secrets-backup.yaml @@ -0,0 +1,31 @@ +{{- if .Values.backup.enabled }} +{{- if and (.Values.backup.uploadProviders.google.enabled) (not .Values.backup.uploadProviders.google.existingSecret) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }}-backup-gcloud + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{ .Values.backup.uploadProviders.google.secretKey }}: {{ .Values.backup.uploadProviders.google.secret | b64enc | quote }} +{{- end }} +--- +{{ if and (.Values.backup.uploadProviders.azure.enabled) (not .Values.backup.uploadProviders.azure.existingSecret) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }}-backup-azure + labels: + {{- include "common.labels.standard" . | nindent 4 }} +type: Opaque +data: + {{ .Values.backup.uploadProviders.azure.secretKey }}: {{ .Values.backup.uploadProviders.azure.secret | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/influxdb/templates/influxdb/secrets.yaml b/influxdb/templates/influxdb/secrets.yaml new file mode 100644 index 0000000..f8a186e --- /dev/null +++ b/influxdb/templates/influxdb/secrets.yaml @@ -0,0 +1,27 @@ +{{- if (not .Values.auth.existingSecret) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + admin-user-password: {{ ternary (randAlphaNum 10) .Values.auth.admin.password (empty .Values.auth.admin.password) | b64enc | quote }} + admin-user-token: {{ ternary (randAlphaNum 20) .Values.auth.admin.token (empty .Values.auth.admin.token) | b64enc | quote }} + {{- if .Values.auth.user.username }} + user-password: {{ ternary (randAlphaNum 10) .Values.auth.user.password (empty .Values.auth.user.password) | b64enc | quote }} + {{- end }} + {{- if .Values.auth.readUser.username }} + read-user-password: {{ ternary (randAlphaNum 10) .Values.auth.readUser.password (empty .Values.auth.readUser.password) | b64enc | quote }} + {{- end }} + {{- if .Values.auth.writeUser.username }} + write-user-password: {{ ternary (randAlphaNum 10) .Values.auth.writeUser.password (empty .Values.auth.writeUser.password) | b64enc | quote }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/influxdb/service-headless.yaml b/influxdb/templates/influxdb/service-headless.yaml new file mode 100644 index 0000000..fad4554 --- /dev/null +++ b/influxdb/templates/influxdb/service-headless.yaml @@ -0,0 +1,30 @@ +{{- if eq .Values.architecture "high-availability" }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }}-headless + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.influxdb.service.port }} + targetPort: http + protocol: TCP + name: http + - port: {{ .Values.influxdb.service.rpcPort }} + targetPort: rpc + protocol: TCP + name: rpc + selector: + {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: influxdb +{{- end }} diff --git a/influxdb/templates/influxdb/service-metrics.yaml b/influxdb/templates/influxdb/service-metrics.yaml new file mode 100644 index 0000000..726228d --- /dev/null +++ b/influxdb/templates/influxdb/service-metrics.yaml @@ -0,0 +1,48 @@ +{{- if .Values.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }}-metrics + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.metrics.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.metrics.service.type }} + {{- if and .Values.metrics.service.loadBalancerIP (eq .Values.metrics.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- with .Values.metrics.service.loadBalancerSourceRanges }} +{{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.metrics.service.type "ClusterIP") .Values.metrics.service.clusterIP }} + clusterIP: {{ .Values.metrics.service.clusterIP }} + {{- end }} + ports: + - port: {{ .Values.metrics.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if (and (or (eq .Values.metrics.service.type "NodePort") (eq .Values.metrics.service.type "LoadBalancer")) (not (empty .Values.metrics.service.nodePort)))}} + nodePort: {{ .Values.metrics.service.nodePort }} + {{- else if eq .Values.metrics.service.type "ClusterIP" }} + nodePort: null + {{- end }} + selector: + {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: influxdb +{{- end }} diff --git a/influxdb/templates/influxdb/service.yaml b/influxdb/templates/influxdb/service.yaml new file mode 100644 index 0000000..9ecbc9d --- /dev/null +++ b/influxdb/templates/influxdb/service.yaml @@ -0,0 +1,61 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.influxdb.service.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.influxdb.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.influxdb.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.influxdb.service.type }} + {{- if and .Values.influxdb.service.loadBalancerIP (eq .Values.influxdb.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.influxdb.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.influxdb.service.type "LoadBalancer") .Values.influxdb.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- with .Values.influxdb.service.loadBalancerSourceRanges }} +{{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.influxdb.service.type "ClusterIP") .Values.influxdb.service.clusterIP }} + clusterIP: {{ .Values.influxdb.service.clusterIP }} + {{- end }} + {{- if .Values.influxdb.service.sessionAffinity }} + sessionAffinity: {{ .Values.influxdb.service.sessionAffinity }} + {{- if .Values.influxdb.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + {{- end }} + ports: + - port: {{ .Values.influxdb.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if (and (or (eq .Values.influxdb.service.type "NodePort") (eq .Values.influxdb.service.type "LoadBalancer")) (not (empty .Values.influxdb.service.nodePorts.http)))}} + nodePort: {{ .Values.influxdb.service.nodePorts.http }} + {{- else if eq .Values.influxdb.service.type "ClusterIP" }} + nodePort: null + {{- end }} + - port: {{ .Values.influxdb.service.rpcPort }} + targetPort: rpc + protocol: TCP + name: rpc + {{- if (and (or (eq .Values.influxdb.service.type "NodePort") (eq .Values.influxdb.service.type "LoadBalancer")) (not (empty .Values.influxdb.service.nodePorts.rpc)))}} + nodePort: {{ .Values.influxdb.service.nodePorts.rpc }} + {{- else if eq .Values.influxdb.service.type "ClusterIP" }} + nodePort: null + {{- end }} + selector: + {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: influxdb diff --git a/influxdb/templates/influxdb/servicemonitor.yaml b/influxdb/templates/influxdb/servicemonitor.yaml new file mode 100644 index 0000000..cab7597 --- /dev/null +++ b/influxdb/templates/influxdb/servicemonitor.yaml @@ -0,0 +1,37 @@ +{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "common.names.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }} + {{- if .Values.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + app.kubernetes.io/component: influxdb + endpoints: + - port: http + path: "/metrics" + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} diff --git a/influxdb/templates/influxdb/statefulset-high-availability.yaml b/influxdb/templates/influxdb/statefulset-high-availability.yaml new file mode 100644 index 0000000..69a38ee --- /dev/null +++ b/influxdb/templates/influxdb/statefulset-high-availability.yaml @@ -0,0 +1,322 @@ +{{- if eq .Values.architecture "high-availability" }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "common.names.fullname" . }} + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + serviceName: {{ include "common.names.fullname" . }}-headless + podManagementPolicy: {{ .Values.influxdb.podManagementPolicy }} + replicas: {{ .Values.influxdb.replicaCount }} + updateStrategy: + type: {{ .Values.influxdb.updateStrategy }} + {{- if (eq "OnDelete" .Values.influxdb.updateStrategy) }} + rollingUpdate: null + {{- end }} + selector: + matchLabels: + {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: influxdb + template: + metadata: + labels: + {{ include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: influxdb + spec: + {{- include "influxdb.imagePullSecrets" . | nindent 6 }} + {{- if .Values.influxdb.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.influxdb.nodeAffinityPreset.type "key" .Values.influxdb.nodeAffinityPreset.key "values" .Values.influxdb.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.influxdb.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.influxdb.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.influxdb.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.influxdb.securityContext.fsGroup }} + {{- end }} + {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + initContainers: + - name: init-chmod-data + image: {{ include "influxdb.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + - -c + - | + mkdir -p /bitnami/influxdb/{data,meta,wal} + chmod 700 /bitnami/influxdb/{data,meta,wal} + {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} + chown -R `id -u`:`id -G` /bitnami/influxdb/{data,meta,wal} + {{- else }} + chown -R {{ .Values.influxdb.securityContext.runAsUser }}:{{ .Values.influxdb.securityContext.fsGroup }} /bitnami/influxdb/{data,meta,wal} + {{- end }} + {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} + securityContext: + {{- else }} + securityContext: + runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} + {{- end }} + volumeMounts: + - name: data + mountPath: /bitnami/influxdb + {{- end }} + containers: + - name: influxdb + image: {{ include "influxdb.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.influxdb.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.influxdb.securityContext.runAsUser }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: INFLUXDB_HTTP_AUTH_ENABLED + value: {{ .Values.auth.enabled | quote }} + - name: INFLUXDB_CREATE_USER_TOKEN + value: {{ ternary "yes" "no" .Values.auth.createUserToken | quote }} + {{- if .Values.auth.admin.username }} + - name: INFLUXDB_ADMIN_USER + value: {{ .Values.auth.admin.username | quote }} + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_ADMIN_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/admin-user-password" + {{- else }} + - name: INFLUXDB_ADMIN_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-password + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_ADMIN_USER_TOKEN_FILE + value: "/opt/bitnami/influxdb/secrets/admin-user-token" + {{- else }} + - name: INFLUXDB_ADMIN_USER_TOKEN + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: admin-user-token + {{- end }} + - name: INFLUXDB_ADMIN_BUCKET + value: {{ .Values.auth.admin.bucket | quote }} + - name: INFLUXDB_ADMIN_ORG + value: {{ .Values.auth.admin.org | quote }} + {{- if .Values.auth.user.username }} + - name: INFLUXDB_USER + value: {{ .Values.auth.user.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/user-password" + {{- else }} + - name: INFLUXDB_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: user-password + {{- end }} + {{- end }} + {{- if .Values.auth.user.bucket }} + - name: INFLUXDB_USER_BUCKET + value: {{ .Values.auth.user.bucket | quote }} + {{- end }} + {{- if .Values.auth.user.org }} + - name: INFLUXDB_USER_ORG + value: {{ .Values.auth.user.org | quote }} + {{- end }} + {{- if .Values.auth.readUser.username }} + - name: INFLUXDB_READ_USER + value: {{ .Values.auth.readUser.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_READ_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/read-user-password" + {{- else }} + - name: INFLUXDB_READ_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: read-user-password + {{- end }} + {{- end }} + {{- if .Values.auth.writeUser.username }} + - name: INFLUXDB_WRITE_USER + value: {{ .Values.auth.writeUser.username | quote }} + {{- if .Values.auth.usePasswordFiles }} + - name: INFLUXDB_WRITE_USER_PASSWORD_FILE + value: "/opt/bitnami/influxdb/secrets/write-user-password" + {{- else }} + - name: INFLUXDB_WRITE_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "influxdb.secretName" . }} + key: write-user-password + {{- end }} + {{- end }} + {{- if .Values.auth.user.bucket }} + - name: INFLUXDB_DB + value: {{ .Values.auth.user.bucket | quote }} + {{- end }} + {{- if .Values.influxdb.extraEnvVars }} + {{- tpl (toYaml .Values.influxdb.extraEnvVars) $ | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.influxdb.containerPorts.http }} + protocol: TCP + - name: rpc + containerPort: {{ .Values.influxdb.containerPorts.rpc }} + protocol: TCP + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.influxdb.livenessProbe.enabled }} + {{- $livenessTimeout := sub (int .Values.influxdb.livenessProbe.timeoutSeconds) 1 }} + livenessProbe: {{- omit .Values.influxdb.livenessProbe "enabled" | toYaml | nindent 12 }} + exec: + command: + - bash + - -c + - | + . /opt/bitnami/scripts/libinfluxdb.sh + + influxdb_env + + {{- if .Values.auth.enabled }} + export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" + export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" + {{- end }} + + branch=$(influxdb_branch) + + if [[ "$branch" = "2" ]]; then + timeout {{ $livenessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping + else + timeout {{ $livenessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" + fi + {{- else if .Values.influxdb.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.influxdb.readinessProbe.enabled }} + {{- $readinessTimeout := sub (int .Values.influxdb.readinessProbe.timeoutSeconds) 1 }} + readinessProbe: {{- omit .Values.influxdb.readinessProbe "enabled" | toYaml | nindent 12 }} + exec: + command: + - bash + - -c + - | + . /opt/bitnami/scripts/libinfluxdb.sh + + influxdb_env + + {{- if .Values.auth.enabled }} + export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" + export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" + {{- end }} + + branch=$(influxdb_branch) + + if [[ "$branch" = "2" ]]; then + timeout {{ $readinessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping + else + timeout {{ $readinessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" + fi + {{- else if .Values.influxdb.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.influxdb.resources }} + resources: {{- toYaml .Values.influxdb.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if or (.Files.Glob "files/conf/influxdb.conf") .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} + - name: influxdb-config + mountPath: /opt/bitnami/influxdb/etc + {{- end }} + {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,txt}") .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} + - name: custom-init-scripts + mountPath: /docker-entrypoint-initdb.d/ + {{- end }} + {{- if .Values.influxdb.initdbScriptsSecret }} + - name: custom-init-scripts-secret + mountPath: /docker-entrypoint-initdb.d/secret + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: influxdb-credentials + mountPath: /opt/bitnami/influxdb/secrets/ + {{- end }} + {{- if .Values.persistence.enabled }} + - name: data + mountPath: /bitnami/influxdb + {{- end }} + {{- if .Values.influxdb.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + volumes: + {{- if or (.Files.Glob "files/conf/influxdb.conf") .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} + - name: influxdb-config + configMap: + name: {{ include "influxdb.configmapName" . }} + {{- end }} + {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,txt}") .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} + - name: custom-init-scripts + configMap: + name: {{ include "influxdb.initdbScriptsConfigmapName" . }} + {{- end }} + {{- if .Values.influxdb.initdbScriptsSecret }} + - name: custom-init-scripts-secret + secret: + secretName: {{ template "influxdb.initdbScriptsSecret" . }} + {{- end }} + {{- if .Values.auth.usePasswordFiles }} + - name: influxdb-credentials + secret: + secretName: {{ include "influxdb.secretName" . }} + {{- end }} + {{- if .Values.influxdb.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} + - name: data + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim }} + {{- else if not .Values.persistence.enabled }} + - name: data + emptyDir: {} + {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/ingress.yaml b/influxdb/templates/ingress.yaml new file mode 100644 index 0000000..84b6054 --- /dev/null +++ b/influxdb/templates/ingress.yaml @@ -0,0 +1,78 @@ +{{- if .Values.ingress.enabled -}} +{{- $architecture := .Values.architecture }} +apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.ingress.annotations .Values.commonAnnotations .Values.ingress.certManager }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.ingress.certManager }} + kubernetes.io/tls-acme: "true" + {{- end }} + {{- range $key, $value := .Values.ingress.annotations }} + {{ $key }}: {{ include "common.tplvalues.render" ( dict "value" $value "context" $ ) | quote }} + {{- end }} + {{- end }} +spec: + rules: + {{- if .Values.ingress.hostname }} + - host: {{ .Values.ingress.hostname }} + http: + paths: + {{- if .Values.ingress.extraPaths }} + {{- toYaml .Values.ingress.extraPaths | nindent 10 }} + {{- end }} + {{- if eq $architecture "high-availability" }} + - path: /write + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + {{- $relayServiceName := printf "%s-%s" (include "common.names.fullname" .) "relay" }} + backend: {{- include "common.ingress.backend" (dict "serviceName" $relayServiceName "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + - path: {{ default "/" .Values.ingress.path }} + {{- if eq "true" (include "common.ingress.supportsPathType" .) }} + pathType: {{ .Values.ingress.pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- range .Values.ingress.extraHosts }} + - host: {{ .name | quote }} + http: + paths: + {{- if $.Values.ingress.extraPaths }} + {{- toYaml $.Values.ingress.extraPaths | nindent 10 }} + {{- end }} + {{- if eq $architecture "high-availability" }} + - path: /write + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ $.Values.ingress.pathType }} + {{- end }} + {{- $relayServiceName := printf "%s-%s" (include "common.names.fullname" $) "relay" }} + backend: {{- include "common.ingress.backend" (dict "serviceName" $relayServiceName "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + - path: {{ default "/" .path }} + {{- if eq "true" (include "common.ingress.supportsPathType" $) }} + pathType: {{ default "ImplementationSpecific" .pathType }} + {{- end }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} + {{- end }} + {{- if or .Values.ingress.tls .Values.ingress.extraTls }} + tls: + {{- if .Values.ingress.tls }} + - hosts: + - {{ .Values.ingress.hostname }} + secretName: {{ printf "%s-tls" .Values.ingress.hostname }} + {{- end }} + {{- if .Values.ingress.extraTls }} + {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/networkpolicy.yaml b/influxdb/templates/networkpolicy.yaml new file mode 100644 index 0000000..f4bcd9b --- /dev/null +++ b/influxdb/templates/networkpolicy.yaml @@ -0,0 +1,37 @@ +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "influxdb.networkPolicy.apiVersion" . }} +metadata: + name: {{ include "common.names.fullname" . }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: influxdb + policyTypes: + - Ingress + ingress: + # Allow inbound connections + - ports: + - port: {{ .Values.influxdb.containerPorts.http }} + protocol: TCP + - port: {{ .Values.influxdb.containerPorts.rpc }} + protocol: TCP + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "common.names.fullname" . }}-client: "true" + {{- if eq .Values.architecture "high-availability" }} + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 14 }} + app.kubernetes.io/component: relay + {{- end }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/relay/configmap.yaml b/influxdb/templates/relay/configmap.yaml new file mode 100644 index 0000000..c61a383 --- /dev/null +++ b/influxdb/templates/relay/configmap.yaml @@ -0,0 +1,18 @@ +{{- if and (eq .Values.architecture "high-availability") .Values.relay.configuration (not .Values.relay.existingConfiguration) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-relay + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: relay + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + relay.toml: |- + {{ include "common.tplvalues.render" (dict "value" .Values.relay.configuration "context" $) | nindent 4 }} +{{- end }} diff --git a/influxdb/templates/relay/deployment.yaml b/influxdb/templates/relay/deployment.yaml new file mode 100644 index 0000000..7417c96 --- /dev/null +++ b/influxdb/templates/relay/deployment.yaml @@ -0,0 +1,105 @@ +{{- if eq .Values.architecture "high-availability" }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.names.fullname" . }}-relay + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: relay + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.relay.replicaCount }} + strategy: + type: {{ .Values.relay.updateStrategy }} + {{- if (eq "Recreate" .Values.relay.updateStrategy) }} + rollingUpdate: null + {{- end }} + selector: + matchLabels: + {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: relay + template: + metadata: + labels: + {{- include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: relay + spec: + {{- include "influxdb.imagePullSecrets" . | nindent 6 }} + {{- if .Values.relay.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.relay.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.relay.podAffinityPreset "component" "relay" "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.relay.podAntiAffinityPreset "component" "relay" "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.relay.nodeAffinityPreset.type "key" .Values.relay.nodeAffinityPreset.key "values" .Values.relay.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.relay.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.relay.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.relay.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.relay.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.relay.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.relay.securityContext.fsGroup }} + {{- end }} + containers: + - name: relay + image: {{ include "influxdb.relay.image" . }} + imagePullPolicy: {{ .Values.relay.image.pullPolicy | quote }} + {{- if .Values.relay.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.relay.securityContext.runAsUser }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else }} + command: + - /influxdb-relay + args: + - -config + - /conf/relay.toml + {{- end }} + ports: + - name: http + containerPort: {{ .Values.relay.containerPorts.http }} + protocol: TCP + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.relay.livenessProbe.enabled }} + livenessProbe: {{- omit .Values.relay.livenessProbe "enabled" | toYaml | nindent 12 }} + tcpSocket: + port: http + {{- else if .Values.relay.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.relay.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.relay.readinessProbe.enabled }} + readinessProbe: {{- omit .Values.relay.readinessProbe "enabled" | toYaml | nindent 12 }} + tcpSocket: + port: http + {{- else if .Values.relay.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.relay.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.relay.resources }} + resources: {{- toYaml .Values.relay.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: relay-config + mountPath: /conf + {{- if .Values.relay.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.relay.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + volumes: + - name: relay-config + configMap: + name: {{ include "influxdb.relay.configmapName" . }} + {{- if .Values.relay.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.relay.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/influxdb/templates/relay/service.yaml b/influxdb/templates/relay/service.yaml new file mode 100644 index 0000000..60f71f7 --- /dev/null +++ b/influxdb/templates/relay/service.yaml @@ -0,0 +1,48 @@ +{{- if eq .Values.architecture "high-availability" }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }}-relay + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: relay + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.relay.service.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.relay.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.relay.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.relay.service.type }} + {{- if and .Values.relay.service.loadBalancerIP (eq .Values.relay.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.relay.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.relay.service.type "LoadBalancer") .Values.relay.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{ with .Values.relay.service.loadBalancerSourceRanges }} +{{ toYaml . | indent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.relay.service.type "ClusterIP") .Values.relay.service.clusterIP }} + clusterIP: {{ .Values.relay.service.clusterIP }} + {{- end }} + ports: + - port: {{ .Values.relay.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if (and (or (eq .Values.relay.service.type "NodePort") (eq .Values.relay.service.type "LoadBalancer")) (not (empty .Values.relay.service.nodePort)))}} + nodePort: {{ .Values.relay.service.nodePort }} + {{- else if eq .Values.relay.service.type "ClusterIP" }} + nodePort: null + {{- end }} + selector: + {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: relay +{{- end }} diff --git a/influxdb/templates/service-collectd.yaml b/influxdb/templates/service-collectd.yaml new file mode 100644 index 0000000..50ee93f --- /dev/null +++ b/influxdb/templates/service-collectd.yaml @@ -0,0 +1,48 @@ +{{- if .Values.collectd.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.names.fullname" . }}-collectd + labels: + {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: influxdb + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if or .Values.collectd.service.annotations .Values.commonAnnotations }} + annotations: + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.collectd.service.annotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.collectd.service.annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.collectd.service.type }} + {{- if and .Values.collectd.service.loadBalancerIP (eq .Values.collectd.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.collectd.service.loadBalancerIP }} + {{- end }} + {{- if and (eq .Values.collectd.service.type "LoadBalancer") .Values.collectd.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- with .Values.collectd.service.loadBalancerSourceRanges }} +{{ toYaml . | nindent 4 }} + {{- end }} + {{- end }} + {{- if and (eq .Values.collectd.service.type "ClusterIP") .Values.collectd.service.clusterIP }} + clusterIP: {{ .Values.collectd.service.clusterIP }} + {{- end }} + ports: + - port: {{ .Values.collectd.service.port }} + targetPort: {{ .Values.collectd.service.port }} + protocol: UDP + name: udp + {{- if (and (or (eq .Values.collectd.service.type "NodePort") (eq .Values.collectd.service.type "LoadBalancer")) (not (empty .Values.collectd.service.nodePort)))}} + nodePort: {{ .Values.collectd.service.nodePort }} + {{- else if eq .Values.collectd.service.type "ClusterIP" }} + nodePort: null + {{- end }} + selector: + {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: influxdb +{{- end }} diff --git a/influxdb/values.yaml b/influxdb/values.yaml new file mode 100644 index 0000000..ba4e6dc --- /dev/null +++ b/influxdb/values.yaml @@ -0,0 +1,1011 @@ +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global storage class for dynamic provisioning +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + +## @section Common parameters + +## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) +## +kubeVersion: "" +## @param nameOverride String to partially override influxdb.fullname template with a string (will prepend the release name) +## +nameOverride: "" +## @param fullnameOverride String to fully override influxdb.fullname template with a string +## +fullnameOverride: "" +## @param clusterDomain Default Kubernetes cluster domain +## +clusterDomain: cluster.local +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] + +## Enable diagnostic mode in the deployment +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the deployment + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the deployment + ## + args: + - infinity + +## @section InfluxDB™ parameters + +## Bitnami InfluxDB™ image +## ref: https://hub.docker.com/r/bitnami/influxdb/tags/ +## @param image.registry InfluxDB™ image registry +## @param image.repository InfluxDB™ image repository +## @param image.tag InfluxDB™ image tag (immutable tags are recommended) +## @param image.pullPolicy InfluxDB™ image pull policy +## @param image.pullSecrets Specify docker-registry secret names as an array +## @param image.debug Specify if debug logs should be enabled +## +image: + registry: docker.io + repository: bitnami/influxdb + tag: 2.0.9-debian-10-r25 + ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Set to true if you would like to see extra information on logs + ## + debug: false +## @param architecture InfluxDB™ architecture (`standalone` or `high-availability`) +## +architecture: standalone +## Authentication parameters +## +auth: + ## @param auth.enabled Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) + ## + enabled: true + ## @param auth.usePasswordFiles Whether to use files to provide secrets instead of env vars. + ## + usePasswordFiles: false + ## InfluxDB™ admin credentials + ## + admin: + ## @param auth.admin.username InfluxDB™ admin user name + ## + username: admin + ## @param auth.admin.password InfluxDB™ admin user's password + ## + password: "" + ## @param auth.admin.token InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 + ## + token: "" + ## @param auth.admin.org InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 + ## + org: primary + ## @param auth.admin.bucket InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 + ## + bucket: primary + ## @param auth.createUserToken Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) + ## You should take into account these tokens are going to be created by CLI + ## so it is not possible to get them by k8s secrets nor to provide them though + ## values + ## See more influxdb 2.0 auth ref: https://docs.influxdata.com/influxdb/v2.0/security/tokens/ + ## + createUserToken: false + ## InfluxDB™ credentials for user with 'admin' privileges on the db specified at 'database' parameter + ## + user: + ## @param auth.user.username Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` + ## + username: "" + ## @param auth.user.password InfluxDB™ password for `user.name` user + ## + password: "" + ## @param auth.user.org Org to be created on first run + ## + org: "" + ## @param auth.user.bucket Bucket to be created on first run + ## already create. If it is not null a new bucket will be created. + ## + bucket: "" + ## InfluxDB™ credentials for user with 'read' privileges on the db specified at 'database' parameter + ## @param auth.readUser.username Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` + ## @param auth.readUser.password InfluxDB™ password for `auth.readUser.username` user + ## + readUser: + username: "" + password: "" + ## InfluxDB™ credentials for user with 'write' privileges on the db specified at 'database' parameter + ## @param auth.writeUser.username Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` + ## @param auth.writeUser.password InfluxDB™ password for `auth.writeUser.username` user + ## + writeUser: + username: "" + password: "" + ## @param auth.existingSecret Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) + ## + existingSecret: "" +## InfluxDB™ backend parameters +## +influxdb: + ## @param influxdb.configuration Specify content for influxdb.conf + ## Alternatively, you can put your influxdb.conf under the files/conf/ directory + ## + ## configuration: |- + ## reporting-disabled = false + ## bind-address = "127.0.0.1:8088" + ## [meta] + ## dir = "/bitnami/influxdb/meta" + ## ... + ## + configuration: "" + ## @param influxdb.existingConfiguration Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). + ## + existingConfiguration: "" + ## @param influxdb.initdbScripts Dictionary of initdb scripts + ## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory + ## + ## initdbScripts: + ## my_init_script.sh: | + ## #!/bin/sh + ## echo "Do something." + initdbScripts: {} + ## @param influxdb.initdbScriptsCM Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). + ## + initdbScriptsCM: "" + ## @param influxdb.initdbScriptsSecret Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) + ## + initdbScriptsSecret: "" + ## @param influxdb.extraEnvVars Array containing extra env vars to configure InfluxDB™ + ## For example: + ## extraEnvVars: + ## - name: INFLUXDB_DATA_QUERY_LOG_ENABLED + ## value: "true" + ## + extraEnvVars: [] + ## @param influxdb.replicaCount The number of InfluxDB™ replicas to deploy + ## + replicaCount: 1 + ## @param influxdb.updateStrategy Update strategy, can be set to RollingUpdate or OnDelete by default. + ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets + ## + updateStrategy: RollingUpdate + ## @param influxdb.podManagementPolicy Pod Management Policy [`OrderedReady` or `Parallel`] + ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#parallel-pod-management + ## + podManagementPolicy: OrderedReady + ## @param influxdb.podAffinityPreset InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param influxdb.podAntiAffinityPreset InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param influxdb.nodeAffinityPreset.type InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + type: "" + ## @param influxdb.nodeAffinityPreset.key InfluxDB™ Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param influxdb.nodeAffinityPreset.values InfluxDB™ Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param influxdb.affinity InfluxDB™ Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param influxdb.nodeSelector InfluxDB™ Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param influxdb.tolerations InfluxDB™ Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param influxdb.extraVolumes Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts + ## + extraVolumes: [] + ## @param influxdb.extraVolumeMounts Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. + ## + extraVolumeMounts: [] + ## K8s Security Context for InfluxDB™ pods + ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## @param influxdb.securityContext.enabled Enable security context for InfluxDB™ + ## @param influxdb.securityContext.fsGroup Group ID for the InfluxDB™ filesystem + ## @param influxdb.securityContext.runAsUser User ID for the InfluxDB™ container + ## + securityContext: + enabled: true + fsGroup: 1001 + runAsUser: 1001 + ## InfluxDB™ pods' resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param influxdb.resources.limits The resources limits for the container + ## @param influxdb.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## InfluxDB™ pods' liveness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param influxdb.livenessProbe.enabled Enable livenessProbe + ## @param influxdb.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param influxdb.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param influxdb.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param influxdb.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param influxdb.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 180 + periodSeconds: 45 + timeoutSeconds: 30 + successThreshold: 1 + failureThreshold: 6 + ## InfluxDB™ pods' readiness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param influxdb.readinessProbe.enabled Enable readinessProbe + ## @param influxdb.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param influxdb.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param influxdb.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param influxdb.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param influxdb.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 60 + periodSeconds: 45 + timeoutSeconds: 30 + successThreshold: 1 + failureThreshold: 6 + ## @param influxdb.customLivenessProbe Override default liveness probe + ## + customLivenessProbe: {} + ## @param influxdb.customReadinessProbe Override default readiness probe + ## + customReadinessProbe: {} + ## @param influxdb.containerPorts [object] Container ports + ## + containerPorts: + http: 8086 + rpc: 8088 + ## Service parameters + ## + service: + ## @param influxdb.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) + ## + type: ClusterIP + ## @param influxdb.service.port InfluxDB™ HTTP port + ## + port: 8086 + ## @param influxdb.service.rpcPort InfluxDB™ RPC port + ## + rpcPort: 8088 + ## @param influxdb.service.nodePorts [object] Specify the nodePort(s) value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePorts: + http: "" + rpc: "" + ## @param influxdb.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param influxdb.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + loadBalancerSourceRanges: [] + ## @param influxdb.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## e.g: + ## clusterIP: None + ## + clusterIP: "" + ## @param influxdb.service.annotations Annotations for InfluxDB™ service + ## + annotations: {} + ## @param influxdb.service.sessionAffinity Session affinity for the InfluxDB™ service + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-userspace + sessionAffinity: "" + ## @param influxdb.service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + sessionAffinityConfig: {} + +## @section InfluxDB Relay™ parameters + +relay: + ## Bitnami InfluxDB Relay™ image + ## ref: https://hub.docker.com/r/bitnami/influxdb-relay/tags/ + ## @param relay.image.registry InfluxDB Relay™ image registry + ## @param relay.image.repository InfluxDB Relay™ image repository + ## @param relay.image.tag InfluxDB Relay™ image tag (immutable tags are recommended) + ## @param relay.image.pullPolicy InfluxDB Relay™ image pull policy + ## @param relay.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/influxdb-relay + tag: 0.20200717.0-scratch-r12 + ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## @param relay.configuration [string] InfluxDB Relay™ Configuration. Specify content for relay.toml + ## Alternatively, you can put your relay.toml under the files/conf/ directory + ## + configuration: |- + [[http]] + # Name of the HTTP server, used for display purposes only. + name = "relay-server" + + # TCP address to bind to, for HTTP server. + bind-addr = "0.0.0.0:9096" + + # Array of InfluxDB™ instances to use as backends for Relay. + output = [ + {{- $influxdbReplicaCount := int .Values.influxdb.replicaCount }} + {{- $influxdbFullname := include "common.names.fullname" . }} + {{- $influxdbHeadlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }} + {{- $releaseName := .Release.Namespace }} + {{- $clusterDomain:= .Values.clusterDomain }} + {{- range $e, $i := until $influxdbReplicaCount }} + { name="{{ $influxdbFullname }}-{{ $i }}", location="http://{{ $influxdbFullname }}-{{ $i }}.{{ $influxdbHeadlessServiceName }}.{{ $releaseName }}.svc.{{ $clusterDomain }}:8086/write", timeout="10s"}, + {{- end }} + ] + ## @param relay.existingConfiguration Name of existing ConfigMap object with the InfluxDB Relay™ configuration (`relay.configuration` will be ignored) + ## NOTE: This will override relay.configuration + ## + existingConfiguration: "" + ## @param relay.replicaCount The number of InfluxDB Relay™ replicas to deploy + ## + replicaCount: 1 + ## @param relay.updateStrategy Update strategy, can be set to RollingUpdate or OnDelete by default. + ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets + ## + updateStrategy: RollingUpdate + ## @param relay.podAffinityPreset InfluxDB Relay™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param relay.podAntiAffinityPreset InfluxDB Relay™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param relay.nodeAffinityPreset.type InfluxDB Relay™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + type: "" + ## @param relay.nodeAffinityPreset.key InfluxDB Relay™ Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param relay.nodeAffinityPreset.values InfluxDB Relay™ Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param relay.affinity InfluxDB Relay™ Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param relay.nodeSelector InfluxDB Relay™ Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param relay.tolerations InfluxDB Relay™ Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param relay.extraVolumes Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts + ## + extraVolumes: [] + ## @param relay.extraVolumeMounts Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. + ## + extraVolumeMounts: [] + ## K8s Security Context for InfluxDB™ pods + ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## @param relay.securityContext.enabled Enable security context for InfluxDB Relay™ + ## @param relay.securityContext.fsGroup Group ID for the InfluxDB Relay™ filesystem + ## @param relay.securityContext.runAsUser User ID for the InfluxDB Relay™ container + ## + securityContext: + enabled: true + fsGroup: 1001 + runAsUser: 1001 + ## InfluxDB Relay™ pods' resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param relay.resources.limits The resources limits for the container + ## @param relay.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi + requests: {} + ## InfluxDB Relay™ pods' liveness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param relay.livenessProbe.enabled Enable livenessProbe + ## @param relay.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param relay.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param relay.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param relay.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param relay.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + ## InfluxDB Relay™ pods' readiness probe + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param relay.readinessProbe.enabled Enable readinessProbe + ## @param relay.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param relay.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param relay.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param relay.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param relay.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + ## @param relay.customLivenessProbe Override default liveness probe + ## + customLivenessProbe: {} + ## @param relay.customReadinessProbe Override default readiness probe + ## + customReadinessProbe: {} + ## @param relay.containerPorts [object] Container ports + ## + containerPorts: + http: 9096 + ## Service parameters + ## + service: + ## @param relay.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) + ## + type: ClusterIP + ## @param relay.service.port InfluxDB Relay™ HTTP port + ## + port: 9096 + ## @param relay.service.nodePort Kubernetes HTTP node port + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePort: "" + ## @param relay.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param relay.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + loadBalancerSourceRanges: [] + ## @param relay.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## e.g: + ## clusterIP: None + ## + clusterIP: "" + ## @param relay.service.annotations Annotations for InfluxDB Relay™ service + ## + annotations: {} + +## @section InfluxDB Collectd™ parameters + +collectd: + ## @param collectd.enabled InfluxDB Collectd™ service enable + ## + enabled: false + service: + ## @param collectd.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) + ## + type: ClusterIP + ## @param collectd.service.port InfluxDB Collectd™ UDP port (should match with corresponding port in influxdb.conf) + ## This requires corresponding configuration in influxdb.conf to enable + ## collectd block + ## + port: 25826 + ## @param collectd.service.nodePort Kubernetes HTTP node port + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePort: "" + ## @param collectd.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param collectd.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + loadBalancerSourceRanges: [] + ## @param collectd.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## e.g: + ## clusterIP: None + ## + clusterIP: "" + ## @param collectd.service.annotations Annotations for InfluxDB Collectd™ service + ## metallb.universe.tf/allow-shared-ip: "true" + ## + annotations: {} + +## @section Exposing parameters + +## Configure the ingress resource that allows you to access the +## influxdb installation. Set up the URL +## ref: http://kubernetes.io/docs/user-guide/ingress/ +## +ingress: + ## @param ingress.enabled Enable ingress controller resource + ## + enabled: false + ## @param ingress.tls Create TLS Secret + ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} + ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it + ## + tls: false + ## DEPRECATED: Use ingress.annotations instead of ingress.certManager + ## certManager: false + ## + + ## @param ingress.pathType Ingress path type + ## + pathType: ImplementationSpecific + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) + ## + apiVersion: "" + ## @param ingress.hostname Default host for the ingress resource + ## + hostname: influxdb.local + ## @param ingress.path Ingress path*' in order to use this + ## with ALB ingress controllers. + ## + path: / + ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md + ## Use this parameter to set the required annotations for cert-manager, see + ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations + ## + ## e.g: + ## annotations: + ## kubernetes.io/ingress.class: nginx + ## cert-manager.io/cluster-issuer: cluster-issuer-name + ## + annotations: {} + ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. + ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array + ## extraHosts: + ## - name: influxdb.local + ## path: / + ## + extraHosts: [] + ## @param ingress.extraPaths Additional arbitrary path/backend objects + ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. + ## extraPaths: + ## - path: /* + ## backend: + ## serviceName: ssl-redirect + ## servicePort: use-annotation + ## + extraPaths: [] + ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. + ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls + ## extraTls: + ## - hosts: + ## - influxdb.local + ## secretName: influxdb.local-tls + ## + extraTls: [] + ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets + ## key and certificate should start with -----BEGIN CERTIFICATE----- or + ## -----BEGIN RSA PRIVATE KEY----- + ## + ## name should line up with a tlsSecret set further up + ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set + ## + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + ## - name: influxdb.local-tls + ## key: + ## certificate: + ## + secrets: [] + +## @section Metrics parameters + +## Prometheus metrics +## ref: https://docs.influxdata.com/influxdb/v1.7/administration/server_monitoring/#influxdb-metrics-http-endpoint +## +metrics: + ## @param metrics.enabled Enable the export of Prometheus metrics + ## + enabled: false + service: + ## @param metrics.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) + ## + type: ClusterIP + ## @param metrics.service.port InfluxDB™ Prometheus port + ## + port: 9122 + ## @param metrics.service.nodePort Kubernetes HTTP node port + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePort: "" + ## @param metrics.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + loadBalancerIP: "" + ## @param metrics.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + loadBalancerSourceRanges: [] + ## @param metrics.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## e.g: + ## clusterIP: None + ## + clusterIP: "" + ## @param metrics.service.annotations [object] Annotations for the Prometheus metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.influxdb.service.port }}" + prometheus.io/path: "/metrics" + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) + ## + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## e.g: + ## namespace: monitoring + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s + ## + interval: "" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s + ## + scrapeTimeout: "" + ## @param metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## e.g: + ## selector: + ## prometheus: my-prometheus + ## + selector: {} +## NetworkPolicy parameters +## +networkPolicy: + ## @param networkPolicy.enabled Enable NetworkPolicy + ## + enabled: false + ## @param networkPolicy.allowExternal Don't require client label for connections + ## client labels will have network access to the ports InfluxDB™ is listening + ## on. When true, InfluxDB™ will accept connections from any source + ## (with the correct destination port). + ## + allowExternal: true +## Persistence parameters +## +persistence: + ## @param persistence.enabled Enable data persistence + ## + enabled: true + ## @param persistence.existingClaim Use a existing PVC which must be created manually before bound + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: "" + ## @param persistence.storageClass Specify the `storageClass` used to provision the volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param persistence.accessModes Access mode of data volume + ## + accessModes: + - ReadWriteOnce + ## @param persistence.size Size of data volume + ## + size: 8Gi + +## @section Volume permissions parameters + +## Init Container parameters +## Change the owner and group of the persistent volume mountpoint to 'runAsUser:fsGroup' +## values from the securityContext section. +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` + ## + enabled: false + ## @param volumePermissions.image.registry Init container volume-permissions image registry + ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.tag Init container volume-permissions image tag + ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy + ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/bitnami-shell + tag: 10-debian-10-r233 + ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container Security Context + ## Note: the chown of the data folder is done to securityContext.runAsUser + ## and not the below volumePermissions.securityContext.runAsUser + ## When runAsUser is set to special value "auto", init container will try to chwon the + ## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2` + ## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed). + ## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with + ## pod securityContext.enabled=false and shmVolume.chmod.enabled=false + ## @param volumePermissions.securityContext.runAsUser User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") + ## + securityContext: + runAsUser: 0 + +## @section InfluxDB™ backup parameters + +backup: + ## @param backup.enabled Enable InfluxDB™ backup + ## + enabled: false + ## @param backup.directory Directory where backups are stored + ## + directory: "/backups" + ## @param backup.retentionDays Retention time in days for backups (older backups are deleted) + ## + retentionDays: 10 + ## Cronjob configuration + ## This cronjob is used to create InfluxDB™ backups + ## + cronjob: + ## @param backup.cronjob.schedule Schedule in Cron format to save snapshots + ## See https://en.wikipedia.org/wiki/Cron + ## + schedule: "0 2 * * *" + ## @param backup.cronjob.historyLimit Number of successful finished jobs to retain + ## + historyLimit: 1 + ## @param backup.cronjob.podAnnotations Pod annotations + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## K8s Security Context for Backup Cronjob pods + ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## @param backup.cronjob.securityContext.enabled Enable security context for InfluxDB™ + ## @param backup.cronjob.securityContext.fsGroup Group ID for the InfluxDB™ filesystem + ## @param backup.cronjob.securityContext.runAsUser Group ID for the InfluxDB™ filesystem + ## + securityContext: + enabled: true + fsGroup: 1001 + runAsUser: 1001 + ## @param backup.podAffinityPreset Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param backup.podAntiAffinityPreset Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param backup.nodeAffinityPreset.type Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + type: "" + ## @param backup.nodeAffinityPreset.key Backup™ Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param backup.nodeAffinityPreset.values Backup™ Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param backup.affinity Backup™ Affinity for backup pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param backup.nodeSelector Backup™ Node labels for backup pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param backup.tolerations Backup™ Tolerations for backup pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## Storage providers where to upload backups + ## + uploadProviders: + ## Google Storage Bucket configuration + ## @param backup.uploadProviders.google.enabled enable upload to google storage bucket + ## @param backup.uploadProviders.google.secret json secret with serviceaccount data to access Google storage bucket + ## @param backup.uploadProviders.google.secretKey service account secret key name + ## @param backup.uploadProviders.google.existingSecret Name of existing secret object with Google serviceaccount json credentials + ## @param backup.uploadProviders.google.bucketName google storage bucket name name + ## + google: + enabled: false + secret: "" + secretKey: "key.json" + existingSecret: "" + bucketName: "gs://bucket/influxdb" + ## Bitnami Google Cloud SDK image + ## ref: https://hub.docker.com/r/bitnami/google-cloud-sdk/tags/ + ## @param backup.uploadProviders.google.image.registry Google Cloud SDK image registry + ## @param backup.uploadProviders.google.image.repository Google Cloud SDK image name + ## @param backup.uploadProviders.google.image.tag Google Cloud SDK image tag + ## @param backup.uploadProviders.google.image.pullPolicy Google Cloud SDK image pull policy + ## @param backup.uploadProviders.google.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/google-cloud-sdk + tag: 0.361.0-debian-10-r7 + ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Azure Storage Container configuration + ## + azure: + ## @param backup.uploadProviders.azure.enabled Enable upload to azure storage container + ## @param backup.uploadProviders.azure.secret Secret with credentials to access Azure storage + ## @param backup.uploadProviders.azure.secretKey Service account secret key name + ## @param backup.uploadProviders.azure.existingSecret Name of existing secret object + ## @param backup.uploadProviders.azure.containerName Destination container + enabled: false + secret: "" + secretKey: "connection-string" + existingSecret: "" + containerName: "influxdb-container" + ## Bitnami Azure CLI image + ## ref: https://hub.docker.com/r/bitnami/azure-cli/tags/ + ## @param backup.uploadProviders.azure.image.registry Azure CLI image registry + ## @param backup.uploadProviders.azure.image.repository Azure CLI image repository + ## @param backup.uploadProviders.azure.image.tag Azure CLI image tag (immutable tags are recommended) + ## @param backup.uploadProviders.azure.image.pullPolicy Azure CLI image pull policy + ## @param backup.uploadProviders.azure.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/azure-cli + tag: 2.29.1-debian-10-r5 + ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] diff --git a/values.yaml b/values.yaml index c2a3fa9..308cac3 100644 --- a/values.yaml +++ b/values.yaml @@ -4,7 +4,7 @@ # Declare variables to be passed into your templates. spark: - enabled: true + enabled: false Master: Name: spark-master WebUi: @@ -16,9 +16,9 @@ spark: Replicas: 0 superset: - enabled: true + enabled: false persistence: - enabled: true + enabled: false service: type: NodePort configFile: |- @@ -60,11 +60,11 @@ superset: AUTH_LDAP_UID_FIELD = "cn" postgresql: - enabled: true + enabled: false persistence: - enabled: true + enabled: false ldap: - enabled: true + enabled: false pgldapconfig: |- # Reference: https://github.com/larskanis/pg-ldap-sync/blob/master/config/sample-config.yaml # Connection parameters to LDAP server @@ -135,15 +135,15 @@ postgresql: psql -c "create database zabbix;" postgres admin minio: - enabled: true + enabled: false persistence: - enabled: true + enabled: false size: 50Gi service: type: NodePort grafana: - enabled: true + enabled: false service: type: NodePort grafana.ini: @@ -177,7 +177,7 @@ grafana: ## ref: http://docs.grafana.org/installation/configuration/#auth-ldap ## ref: http://docs.grafana.org/installation/ldap/#configuration ldap: - enabled: true + enabled: false # `existingSecret` is a reference to an existing secret containing the ldap configuration # for Grafana in a key `ldap-toml`. existingSecret: "" @@ -212,7 +212,7 @@ grafana: email = "email" jupyterhub: - enabled: true + enabled: false proxy: secretToken: 'af83775ec3bfaf0507ce596df51d491e7ed54450adc454038fa7405495465f19' db: @@ -259,7 +259,7 @@ jupyterhub: enabled: false nifi: - enabled: true + enabled: false service: type: NodePort postStart: /opt/nifi/psql; wget -P /opt/nifi/psql https://jdbc.postgresql.org/download/postgresql-42.2.6.jar @@ -287,9 +287,9 @@ nifi: hosts: [] openldap: - enabled: true + enabled: false persistence: - enabled: true + enabled: false env: LDAP_ORGANISATION: "Cetic" LDAP_DOMAIN: "ldap.cetic.be" @@ -306,7 +306,7 @@ openldap: phpldapadmin: - enabled: true + enabled: false service: type: NodePort env: @@ -386,7 +386,7 @@ swaggerui: description: "TSIMULUS API" adminer: - enabled: true + enabled: false config: design: "pepa-linha" service: @@ -444,3 +444,6 @@ airflow: password: password1 port: 5432 user: admin + +influxdb: + enabled: true \ No newline at end of file From fd1dd19e755323acabf1edab74095bb780b048cf Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Tue, 2 Nov 2021 23:59:06 +0100 Subject: [PATCH 2/8] Add influxdb config values in values.yaml file --- influxdb/.helmignore | 21 - influxdb/Chart.yaml | 27 - influxdb/README.md | 575 ---------- influxdb/charts/common/.helmignore | 22 - influxdb/charts/common/Chart.yaml | 23 - influxdb/charts/common/README.md | 328 ------ .../charts/common/templates/_affinities.tpl | 102 -- .../charts/common/templates/_capabilities.tpl | 128 --- influxdb/charts/common/templates/_errors.tpl | 23 - influxdb/charts/common/templates/_images.tpl | 75 -- influxdb/charts/common/templates/_ingress.tpl | 55 - influxdb/charts/common/templates/_labels.tpl | 18 - influxdb/charts/common/templates/_names.tpl | 52 - influxdb/charts/common/templates/_secrets.tpl | 129 --- influxdb/charts/common/templates/_storage.tpl | 23 - .../charts/common/templates/_tplvalues.tpl | 13 - influxdb/charts/common/templates/_utils.tpl | 62 - .../charts/common/templates/_warnings.tpl | 14 - .../templates/validations/_cassandra.tpl | 72 -- .../common/templates/validations/_mariadb.tpl | 103 -- .../common/templates/validations/_mongodb.tpl | 108 -- .../templates/validations/_postgresql.tpl | 131 --- .../common/templates/validations/_redis.tpl | 76 -- .../templates/validations/_validations.tpl | 46 - influxdb/charts/common/values.yaml | 5 - influxdb/files/conf/README.md | 6 - .../docker-entrypoint-initdb.d/README.md | 3 - influxdb/templates/NOTES.txt | 201 ---- influxdb/templates/_helpers.tpl | 153 --- influxdb/templates/extradeploy.yaml | 4 - .../templates/influxdb/configmap-backup.yaml | 78 -- .../influxdb/configmap-initdb-scripts.yaml | 17 - influxdb/templates/influxdb/configmap.yaml | 19 - .../templates/influxdb/cronjob-backup.yaml | 147 --- .../influxdb/deployment-standalone.yaml | 310 ----- influxdb/templates/influxdb/pvc-backup.yaml | 23 - influxdb/templates/influxdb/pvc.yaml | 23 - .../templates/influxdb/secrets-backup.yaml | 31 - influxdb/templates/influxdb/secrets.yaml | 27 - .../templates/influxdb/service-headless.yaml | 30 - .../templates/influxdb/service-metrics.yaml | 48 - influxdb/templates/influxdb/service.yaml | 61 - .../templates/influxdb/servicemonitor.yaml | 37 - .../statefulset-high-availability.yaml | 322 ------ influxdb/templates/ingress.yaml | 78 -- influxdb/templates/networkpolicy.yaml | 37 - influxdb/templates/relay/configmap.yaml | 18 - influxdb/templates/relay/deployment.yaml | 105 -- influxdb/templates/relay/service.yaml | 48 - influxdb/templates/service-collectd.yaml | 48 - influxdb/values.yaml | 1011 ----------------- values.yaml | 24 +- 52 files changed, 23 insertions(+), 5117 deletions(-) delete mode 100644 influxdb/.helmignore delete mode 100644 influxdb/Chart.yaml delete mode 100644 influxdb/README.md delete mode 100644 influxdb/charts/common/.helmignore delete mode 100644 influxdb/charts/common/Chart.yaml delete mode 100644 influxdb/charts/common/README.md delete mode 100644 influxdb/charts/common/templates/_affinities.tpl delete mode 100644 influxdb/charts/common/templates/_capabilities.tpl delete mode 100644 influxdb/charts/common/templates/_errors.tpl delete mode 100644 influxdb/charts/common/templates/_images.tpl delete mode 100644 influxdb/charts/common/templates/_ingress.tpl delete mode 100644 influxdb/charts/common/templates/_labels.tpl delete mode 100644 influxdb/charts/common/templates/_names.tpl delete mode 100644 influxdb/charts/common/templates/_secrets.tpl delete mode 100644 influxdb/charts/common/templates/_storage.tpl delete mode 100644 influxdb/charts/common/templates/_tplvalues.tpl delete mode 100644 influxdb/charts/common/templates/_utils.tpl delete mode 100644 influxdb/charts/common/templates/_warnings.tpl delete mode 100644 influxdb/charts/common/templates/validations/_cassandra.tpl delete mode 100644 influxdb/charts/common/templates/validations/_mariadb.tpl delete mode 100644 influxdb/charts/common/templates/validations/_mongodb.tpl delete mode 100644 influxdb/charts/common/templates/validations/_postgresql.tpl delete mode 100644 influxdb/charts/common/templates/validations/_redis.tpl delete mode 100644 influxdb/charts/common/templates/validations/_validations.tpl delete mode 100644 influxdb/charts/common/values.yaml delete mode 100644 influxdb/files/conf/README.md delete mode 100644 influxdb/files/docker-entrypoint-initdb.d/README.md delete mode 100644 influxdb/templates/NOTES.txt delete mode 100644 influxdb/templates/_helpers.tpl delete mode 100644 influxdb/templates/extradeploy.yaml delete mode 100644 influxdb/templates/influxdb/configmap-backup.yaml delete mode 100644 influxdb/templates/influxdb/configmap-initdb-scripts.yaml delete mode 100644 influxdb/templates/influxdb/configmap.yaml delete mode 100644 influxdb/templates/influxdb/cronjob-backup.yaml delete mode 100644 influxdb/templates/influxdb/deployment-standalone.yaml delete mode 100644 influxdb/templates/influxdb/pvc-backup.yaml delete mode 100644 influxdb/templates/influxdb/pvc.yaml delete mode 100644 influxdb/templates/influxdb/secrets-backup.yaml delete mode 100644 influxdb/templates/influxdb/secrets.yaml delete mode 100644 influxdb/templates/influxdb/service-headless.yaml delete mode 100644 influxdb/templates/influxdb/service-metrics.yaml delete mode 100644 influxdb/templates/influxdb/service.yaml delete mode 100644 influxdb/templates/influxdb/servicemonitor.yaml delete mode 100644 influxdb/templates/influxdb/statefulset-high-availability.yaml delete mode 100644 influxdb/templates/ingress.yaml delete mode 100644 influxdb/templates/networkpolicy.yaml delete mode 100644 influxdb/templates/relay/configmap.yaml delete mode 100644 influxdb/templates/relay/deployment.yaml delete mode 100644 influxdb/templates/relay/service.yaml delete mode 100644 influxdb/templates/service-collectd.yaml delete mode 100644 influxdb/values.yaml diff --git a/influxdb/.helmignore b/influxdb/.helmignore deleted file mode 100644 index f0c1319..0000000 --- a/influxdb/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/influxdb/Chart.yaml b/influxdb/Chart.yaml deleted file mode 100644 index 154ce7b..0000000 --- a/influxdb/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -annotations: - category: Database -apiVersion: v2 -appVersion: 2.0.9 -dependencies: -- name: common - repository: https://charts.bitnami.com/bitnami - tags: - - bitnami-common - version: 1.x.x -description: InfluxDB™ is an open source time-series database designed to handle - large write and read loads in real-time. -home: https://github.com/bitnami/charts/tree/master/bitnami/influxdb -icon: https://bitnami.com/assets/stacks/influxdb/img/influxdb-stack-220x234.png -keywords: -- influxdb -- tick -- database -- timeseries -maintainers: -- email: containers@bitnami.com - name: Bitnami -name: influxdb -sources: -- https://github.com/bitnami/bitnami-docker-influxdb -- https://www.influxdata.com/products/influxdb-overview/ -version: 2.3.18 diff --git a/influxdb/README.md b/influxdb/README.md deleted file mode 100644 index bf9f6dd..0000000 --- a/influxdb/README.md +++ /dev/null @@ -1,575 +0,0 @@ -# InfluxDB™ - -[InfluxDB™](https://www.influxdata.com/products/influxdb-overview/) is an open source time-series database designed to handle large write and read loads in real-time. - -Disclaimer: The respective trademarks mentioned in the offering are owned by the respective companies. We do not provide a commercial license for any of these products. This listing has an open-source license. InfluxDB™ and InfluxDB Relay™ are run and maintained by InfluxData, which is a completely separate project from Bitnami. - -## TL;DR - -```console -$ helm repo add bitnami https://charts.bitnami.com/bitnami -$ helm install my-release bitnami/influxdb -``` - -## Introduction - -This chart bootstraps a [influxdb](https://github.com/bitnami/bitnami-docker-influxdb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. - -## Prerequisites - -- Kubernetes 1.12+ -- Helm 3.1.0 -- PV provisioner support in the underlying infrastructure -- ReadWriteMany volumes for deployment scaling - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm repo add bitnami https://charts.bitnami.com/bitnami -$ helm install my-release bitnami/influxdb -``` - -These commands deploy influxdb on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Uninstalling the Chart - -To uninstall/delete the `my-release` statefulset: - -```console -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. Use the option `--purge` to delete all history too. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ------------------------- | ----------------------------------------------- | ----- | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.storageClass` | Global storage class for dynamic provisioning | `""` | - - -### Common parameters - -| Name | Description | Value | -| ------------------------ | ----------------------------------------------------------------------------------------------------- | --------------- | -| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` | -| `nameOverride` | String to partially override influxdb.fullname template with a string (will prepend the release name) | `""` | -| `fullnameOverride` | String to fully override influxdb.fullname template with a string | `""` | -| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | - - -### InfluxDB™ parameters - -| Name | Description | Value | -| --------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | InfluxDB™ image registry | `docker.io` | -| `image.repository` | InfluxDB™ image repository | `bitnami/influxdb` | -| `image.tag` | InfluxDB™ image tag (immutable tags are recommended) | `2.0.9-debian-10-r5` | -| `image.pullPolicy` | InfluxDB™ image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `architecture` | InfluxDB™ architecture (`standalone` or `high-availability`) | `standalone` | -| `auth.enabled` | Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) | `true` | -| `auth.usePasswordFiles` | Whether to use files to provide secrets instead of env vars. | `false` | -| `auth.admin.username` | InfluxDB™ admin user name | `admin` | -| `auth.admin.password` | InfluxDB™ admin user's password | `""` | -| `auth.admin.token` | InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 | `""` | -| `auth.admin.org` | InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 | `primary` | -| `auth.admin.bucket` | InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 | `primary` | -| `auth.createUserToken` | Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) | `false` | -| `auth.user.username` | Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` | `""` | -| `auth.user.password` | InfluxDB™ password for `user.name` user | `""` | -| `auth.user.org` | Org to be created on first run | `""` | -| `auth.user.bucket` | Bucket to be created on first run | `""` | -| `auth.readUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | -| `auth.readUser.password` | InfluxDB™ password for `auth.readUser.username` user | `""` | -| `auth.writeUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | -| `auth.writeUser.password` | InfluxDB™ password for `auth.writeUser.username` user | `""` | -| `auth.existingSecret` | Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) | `""` | -| `influxdb.configuration` | Specify content for influxdb.conf | `""` | -| `influxdb.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). | `""` | -| `influxdb.initdbScripts` | Dictionary of initdb scripts | `{}` | -| `influxdb.initdbScriptsCM` | Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). | `""` | -| `influxdb.initdbScriptsSecret` | Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) | `""` | -| `influxdb.extraEnvVars` | Array containing extra env vars to configure InfluxDB™ | `[]` | -| `influxdb.replicaCount` | The number of InfluxDB™ replicas to deploy | `1` | -| `influxdb.updateStrategy` | Update strategy, can be set to RollingUpdate or OnDelete by default. | `RollingUpdate` | -| `influxdb.podManagementPolicy` | Pod Management Policy [`OrderedReady` or `Parallel`] | `OrderedReady` | -| `influxdb.podAffinityPreset` | InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `influxdb.podAntiAffinityPreset` | InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `influxdb.nodeAffinityPreset.type` | InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `influxdb.nodeAffinityPreset.key` | InfluxDB™ Node label key to match Ignored if `affinity` is set. | `""` | -| `influxdb.nodeAffinityPreset.values` | InfluxDB™ Node label values to match. Ignored if `affinity` is set. | `[]` | -| `influxdb.affinity` | InfluxDB™ Affinity for pod assignment | `{}` | -| `influxdb.nodeSelector` | InfluxDB™ Node labels for pod assignment | `{}` | -| `influxdb.tolerations` | InfluxDB™ Tolerations for pod assignment | `[]` | -| `influxdb.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | -| `influxdb.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | -| `influxdb.securityContext.enabled` | Enable security context for InfluxDB™ | `true` | -| `influxdb.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | -| `influxdb.securityContext.runAsUser` | User ID for the InfluxDB™ container | `1001` | -| `influxdb.resources.limits` | The resources limits for the container | `{}` | -| `influxdb.resources.requests` | The requested resources for the container | `{}` | -| `influxdb.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `influxdb.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `influxdb.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `45` | -| `influxdb.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | -| `influxdb.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `influxdb.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `influxdb.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `influxdb.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | -| `influxdb.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `45` | -| `influxdb.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | -| `influxdb.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `influxdb.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `influxdb.customLivenessProbe` | Override default liveness probe | `{}` | -| `influxdb.customReadinessProbe` | Override default readiness probe | `{}` | -| `influxdb.containerPorts` | Container ports | `{}` | -| `influxdb.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `influxdb.service.port` | InfluxDB™ HTTP port | `8086` | -| `influxdb.service.rpcPort` | InfluxDB™ RPC port | `8088` | -| `influxdb.service.nodePorts` | Specify the nodePort(s) value for the LoadBalancer and NodePort service types. | `{}` | -| `influxdb.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `influxdb.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `influxdb.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `influxdb.service.annotations` | Annotations for InfluxDB™ service | `{}` | -| `influxdb.service.sessionAffinity` | Session affinity for the InfluxDB™ service | `""` | -| `influxdb.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | - - -### InfluxDB Relay™ parameters - -| Name | Description | Value | -| ------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `relay.image.registry` | InfluxDB Relay™ image registry | `docker.io` | -| `relay.image.repository` | InfluxDB Relay™ image repository | `bitnami/influxdb-relay` | -| `relay.image.tag` | InfluxDB Relay™ image tag (immutable tags are recommended) | `0.20200717.0-scratch-r12` | -| `relay.image.pullPolicy` | InfluxDB Relay™ image pull policy | `IfNotPresent` | -| `relay.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `relay.configuration` | InfluxDB Relay™ Configuration. Specify content for relay.toml | `""` | -| `relay.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB Relay™ configuration (`relay.configuration` will be ignored) | `""` | -| `relay.replicaCount` | The number of InfluxDB Relay™ replicas to deploy | `1` | -| `relay.updateStrategy` | Update strategy, can be set to RollingUpdate or OnDelete by default. | `RollingUpdate` | -| `relay.podAffinityPreset` | InfluxDB Relay™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `relay.podAntiAffinityPreset` | InfluxDB Relay™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `relay.nodeAffinityPreset.type` | InfluxDB Relay™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `relay.nodeAffinityPreset.key` | InfluxDB Relay™ Node label key to match Ignored if `affinity` is set. | `""` | -| `relay.nodeAffinityPreset.values` | InfluxDB Relay™ Node label values to match. Ignored if `affinity` is set. | `[]` | -| `relay.affinity` | InfluxDB Relay™ Affinity for pod assignment | `{}` | -| `relay.nodeSelector` | InfluxDB Relay™ Node labels for pod assignment | `{}` | -| `relay.tolerations` | InfluxDB Relay™ Tolerations for pod assignment | `[]` | -| `relay.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | -| `relay.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | -| `relay.securityContext.enabled` | Enable security context for InfluxDB Relay™ | `true` | -| `relay.securityContext.fsGroup` | Group ID for the InfluxDB Relay™ filesystem | `1001` | -| `relay.securityContext.runAsUser` | User ID for the InfluxDB Relay™ container | `1001` | -| `relay.resources.limits` | The resources limits for the container | `{}` | -| `relay.resources.requests` | The requested resources for the container | `{}` | -| `relay.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `relay.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `relay.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `relay.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `relay.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `relay.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `relay.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `relay.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `relay.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `relay.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `relay.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `relay.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `relay.customLivenessProbe` | Override default liveness probe | `{}` | -| `relay.customReadinessProbe` | Override default readiness probe | `{}` | -| `relay.containerPorts` | Container ports | `{}` | -| `relay.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `relay.service.port` | InfluxDB Relay™ HTTP port | `9096` | -| `relay.service.nodePort` | Kubernetes HTTP node port | `""` | -| `relay.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `relay.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `relay.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `relay.service.annotations` | Annotations for InfluxDB Relay™ service | `{}` | - - -### InfluxDB Collectd™ parameters - -| Name | Description | Value | -| ------------------------------------------- | ----------------------------------------------------------------------------------------- | ----------- | -| `collectd.enabled` | InfluxDB Collectd™ service enable | `false` | -| `collectd.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `collectd.service.port` | InfluxDB Collectd™ UDP port (should match with corresponding port in influxdb.conf) | `25826` | -| `collectd.service.nodePort` | Kubernetes HTTP node port | `""` | -| `collectd.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `collectd.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `collectd.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `collectd.service.annotations` | Annotations for InfluxDB Collectd™ service | `{}` | - - -### Exposing parameters - -| Name | Description | Value | -| --------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.tls` | Create TLS Secret | `false` | -| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | -| `ingress.hostname` | Default host for the ingress resource | `influxdb.local` | -| `ingress.path` | Ingress path*' in order to use this | `/` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | - - -### Metrics parameters - -| Name | Description | Value | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | ------------------- | -| `metrics.enabled` | Enable the export of Prometheus metrics | `false` | -| `metrics.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `metrics.service.port` | InfluxDB™ Prometheus port | `9122` | -| `metrics.service.nodePort` | Kubernetes HTTP node port | `""` | -| `metrics.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `metrics.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `persistence.enabled` | Enable data persistence | `true` | -| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `persistence.storageClass` | Specify the `storageClass` used to provision the volume | `""` | -| `persistence.accessModes` | Access mode of data volume | `["ReadWriteOnce"]` | -| `persistence.size` | Size of data volume | `8Gi` | - - -### Volume permissions parameters - -| Name | Description | Value | -| --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `10-debian-10-r212` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.securityContext.runAsUser` | User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") | `0` | - - -### InfluxDB™ backup parameters - -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | -------------------------- | -| `backup.enabled` | Enable InfluxDB™ backup | `false` | -| `backup.directory` | Directory where backups are stored | `/backups` | -| `backup.retentionDays` | Retention time in days for backups (older backups are deleted) | `10` | -| `backup.cronjob.schedule` | Schedule in Cron format to save snapshots | `0 2 * * *` | -| `backup.cronjob.historyLimit` | Number of successful finished jobs to retain | `1` | -| `backup.cronjob.podAnnotations` | Pod annotations | `{}` | -| `backup.cronjob.securityContext.enabled` | Enable security context for InfluxDB™ | `true` | -| `backup.cronjob.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | -| `backup.cronjob.securityContext.runAsUser` | Group ID for the InfluxDB™ filesystem | `1001` | -| `backup.podAffinityPreset` | Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `backup.podAntiAffinityPreset` | Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `backup.nodeAffinityPreset.type` | Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `backup.nodeAffinityPreset.key` | Backup™ Node label key to match Ignored if `affinity` is set. | `""` | -| `backup.nodeAffinityPreset.values` | Backup™ Node label values to match. Ignored if `affinity` is set. | `[]` | -| `backup.affinity` | Backup™ Affinity for backup pod assignment | `{}` | -| `backup.nodeSelector` | Backup™ Node labels for backup pod assignment | `{}` | -| `backup.tolerations` | Backup™ Tolerations for backup pod assignment | `[]` | -| `backup.uploadProviders.google.enabled` | enable upload to google storage bucket | `false` | -| `backup.uploadProviders.google.secret` | json secret with serviceaccount data to access Google storage bucket | `""` | -| `backup.uploadProviders.google.secretKey` | service account secret key name | `key.json` | -| `backup.uploadProviders.google.existingSecret` | Name of existing secret object with Google serviceaccount json credentials | `""` | -| `backup.uploadProviders.google.bucketName` | google storage bucket name name | `gs://bucket/influxdb` | -| `backup.uploadProviders.google.image.registry` | Google Cloud SDK image registry | `docker.io` | -| `backup.uploadProviders.google.image.repository` | Google Cloud SDK image name | `bitnami/google-cloud-sdk` | -| `backup.uploadProviders.google.image.tag` | Google Cloud SDK image tag | `0.359.0-debian-10-r6` | -| `backup.uploadProviders.google.image.pullPolicy` | Google Cloud SDK image pull policy | `IfNotPresent` | -| `backup.uploadProviders.google.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `backup.uploadProviders.azure.enabled` | Enable upload to azure storage container | `false` | -| `backup.uploadProviders.azure.secret` | Secret with credentials to access Azure storage | `""` | -| `backup.uploadProviders.azure.secretKey` | Service account secret key name | `connection-string` | -| `backup.uploadProviders.azure.existingSecret` | Name of existing secret object | `""` | -| `backup.uploadProviders.azure.containerName` | Destination container | `influxdb-container` | -| `backup.uploadProviders.azure.image.registry` | Azure CLI image registry | `docker.io` | -| `backup.uploadProviders.azure.image.repository` | Azure CLI image repository | `bitnami/azure-cli` | -| `backup.uploadProviders.azure.image.tag` | Azure CLI image tag (immutable tags are recommended) | `2.28.1-debian-10-r25` | -| `backup.uploadProviders.azure.image.pullPolicy` | Azure CLI image pull policy | `IfNotPresent` | -| `backup.uploadProviders.azure.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | - - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -$ helm install my-release \ - --set auth.admin.username=admin-user bitnami/influxdb -``` - -The above command sets the InfluxDB™ admin user to `admin-user`. - -> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -$ helm install my-release -f values.yaml bitnami/influxdb -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - -## Configuration and installation details - -### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -## Standalone vs High Availability architecture - -You can install the InfluxDB™ chart with two different architecture setups: "standalone" or "high-availability", you can use the `architecture` parameter: - -```console -architecture="standalone" -architecture="high-availability" -``` - -The standalone architecture installs a deployment with one InfluxDB™ server (it cannot be scaled): - -``` - ┌──────────────────┐ - │ Ingress │ - │ Controller │ - └────────┬─────────┘ - | - │ /query - │ /write - ▼ - ┌────────────────┐ - │ InfluxDB(TM) │ - | svc │ - └───────┬────────┘ - │ - ▼ - ┌──────────────┐ - │ InfluxDB(TM) │ - │ Server │ - │ Pod │ - └──────────────┘ -``` - -The high availability install a statefulset with N InfluxDB™ servers and M InfluxDB Relay™ instances: - -``` - ┌──────────────────┐ - │ Ingress │ - │ Controller │ - └───────┬─┬────────┘ - │ │ - │ │ - ┌────────────┘ └─────────────┐ - │ │ - │ /write /query │ - ▼ ▼ - ┌────────────────────┐ ┌────────────────────┐ - │ InfluxDB Relay(TM) │ │ InfluxDB(TM) │ - │ svc │ │ svc │ - └───────────┬─┬──────┘ └─────┬─────┬────────┘ - ┌────────── │─|───────────────|─────│───────┐ - | │ | | │ ▼ -┌─────┴────────┐ │ | | │ ┌──────────────┐ -│ InfluxDB │ │ | | │ │ InfluxDB(TM) │ -│ Relay(TM) │◀─┘ | | └─▶│ Server │ -│ Pod │ │ │ │ Pod │ -└─────┬────────┘ │ │ └──────────────┘ - | │ │ ▲ - └─────────────│───────────────│───────┐ | - │ │ | | - ┌──────────────── │───────────────│───────────┘ - | │ │ | - | │ │ ▼ -┌─┴─────────────┐ │ │ ┌──────────────┐ -│ InfluxDB │ │ │ │ InfluxDB(TM) │ -│ Relay(TM) │◀──┘ └──▶│ Server │ -│ Pod │ │ Pod │ -└─────┬─────────┘ └──────────────┘ - | ▲ - └───────────────────────────────────┘ -``` - -When using the high-availability architecture, it is recommended to configure sticky sessions using `--set influxdb.service.sessionAffinity="ClientIP"` or configuring the IngressController accordingly. - -### Configure the way how to expose InfluxDB™ - -- **Ingress**: The ingress controller must be installed in the Kubernetes cluster. Set `ingress.enabled=true` to expose InfluxDB™ through Ingress. -- **ClusterIP**: Exposes the service on a cluster-internal IP. Choosing this value makes the service only reachable from within the cluster. Set `influxdb.service.type=ClusterIP` to choose this service type. -- **NodePort**: Exposes the service on each Node's IP at a static port (the NodePort). You’ll be able to contact the NodePort service, from outside the cluster, by requesting `NodeIP:NodePort`. Set `influxdb.service.type=NodePort` to choose this service type. -- **LoadBalancer**: Exposes the service externally using a cloud provider's load balancer. Set `influxdb.service.type=LoadBalancer` to choose this service type. - -### Using custom configuration - -This helm chart supports to customize the whole configuration file. - -Add your custom configuration file to "files/conf" in your working directory. This file will be mounted as a configMap to the containers and it will be used for configuring InfluxDB™. - -Alternatively, you can specify the InfluxDB™ configuration using the `influxdb.configuration` parameter. - -In addition to these options, you can also set an external ConfigMap with all the configuration files. This is done by setting the `influxdb.existingConfiguration` parameter. Note that this will override the two previous options. - -### Adding extra environment variables - -In case you want to add extra environment variables, you can use the `influxdb.extraEnvVars` property. - -```yaml -extraEnvVars: - - name: INFLUXDB_DATA_QUERY_LOG_ENABLED - value: "true" -``` - -### Initialize a fresh instance - -The [Bitnami InfluxDB™](https://github.com/bitnami/bitnami-docker-influxdb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap. - -Alternatively, you can specify custom scripts using the `influxdb.initdbScripts` parameter. - -In addition to these options, you can also set an external ConfigMap with all the initialization scripts. This is done by setting the `influxdb.initdbScriptsCM` parameter. Note that this will override the two previous options. parameter. - -The allowed extensions are `.sh`, and `.txt`. - -### Setting Pod's affinity - -This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). - -As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters. - -## Persistence - -The data is persisted by default using PVC(s). You can disable the persistence setting the `persistence.enabled` parameter to `false`. -A default `StorageClass` is needed in the Kubernetes cluster to dynamically provision the volumes. Specify another StorageClass in the `persistence.storageClass` or set `persistence.existingClaim` if you have already existing persistent volumes to use. - -### Adjust permissions of persistent volume mountpoint - -As the images run as non-root by default, it is necessary to adjust the ownership of the persistent volumes so that the containers can write data into it. - -By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. -As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. - -You can enable this **initContainer** by setting `volumePermissions.enabled` to `true`. -There are K8s distribution, such as OpenShift, where you can dynamically define the UID to run this **initContainer**. To do so, set the `volumePermissions.securityContext.runAsUser` to `auto`. - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami’s Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrade - -It's necessary to specify the existing passwords while performing an upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `auth.admin.password`, `user.pwd`, ` auth.readUser.password` and `auth.writeUser.password` parameters when upgrading the chart: - -```bash -$ helm upgrade my-release bitnami/influxdb \ - --set auth.admin.password=[ADMIN_USER_PASSWORD] \ - --set auth.user.password=[USER_PASSWORD] \ - --set auth.readUser.password=[READ_USER_PASSWORD] \ - --set auth.writeUser.password=[WRITE_USER_PASSWORD] -``` - -> Note: you need to substitute the placeholders _[ADMIN_USER_PASSWORD]_, _[USER_PASSWORD]_, _[READ_USER_PASSWORD]_, and _[WRITE_USER_PASSWORD]_ with the values obtained from instructions in the installation notes. - -## Upgrading - -### To 2.0.0 - -This version adds support to InfluxDB™ +2.0, since this version the chart is only verified to work with InfluxDB™ +2.0 bitnami images. -However, you can use images for versions ~1.x.x taking into account the chart may need some modification to run with them. - -#### Installing InfluxDB™ v1 in chart v2. - -``` -$ helm install bitnami/influxdb --set image.tag=1.8.3-debian-10-r88 -``` - -As a consecuece some breaking changes have been included in this version. - -- Authentication values has been moved to `auth....`. -- We keep `auth.readUser` and `auth.writeUser` user options in order to be compatible with InfluxDB™ v1. If you are using InfluxDB™ 2.0, please, use the CLI to create user and tokens through initDb scripts at `influxdb.initdbScripts` or the UI due to we are not able to automacally provide a token for them to be used. See more [InfluxDB™ 2.0 auth](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) -- InfluxDB™ 2.0 has removed database concept, now it is called Bucket so the property `database` has been also moved to `auth.user.bucket`. -- Removed support for `files/docker-entrypoint-initdb.d/*.{sh,txt}`, please use `.influxdb.initdbScripts` or `.Values.influxdb.initdbScriptsCM` instead. -- Removed support for `files/conf/influxdb.conf`, please use `.influxdb.configuration` or `.influxdb.existingConfiguration` instead. -- Removed support for `files/conf/relay.toml`, please use `.Values.relay.configuration` or `.Values.relay.existingConfiguration` instead. -- `ingress.hosts` parameter has been replaced by `ingress.hostname` and `ingress.extraHosts` that may give us a bit more flexibility. - -#### Migrating form InfluxDB™ v1 to v2 - -Since this release could mean lot of concepts changes, we strongly recommend to not do it direcly using the chart upgrade. Please, read more info in their [upgrade guide](https://docs.influxdata.com/influxdb/v2.0/upgrade/v1-to-v2/). - -We actually recommend to backup all the data form a previous helm release, install new release using latest version of the chart and images and then restore data following their guides. - -#### Upgrading the chart form 1.x.x to 2.x.x using InfluxDB™ v1 images. - -> NOTE: Please, create a backup of your database before running any of those actions. - -Having an already existing chart release called `influxdb` and deployed like - -```console -$ helm install influxdb bitnami/influxdb -``` - -##### Export secrets and required values to update - -```console -$ export INFLUXDB_ADMIN_PASSWORD=$(kubectl get secret --namespace default influxdb -o jsonpath="{.data.admin-user-password}" | base64 --decode) -``` - -##### Upgrade the chart release - -> NOTE: Please remember to migrate all the values to its new path following the above notes, e.g: `adminUser.pwd` -> `auth.admin.password`. - -```console -$ helm upgrade influxdb bitnami/influxdb --set image.tag=1.8.3-debian-10-r99 \ - --set auth.admin.password=${INFLUXDB_ADMIN_PASSWORD} -``` - -### To 1.1.0 - -This version introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. - -### To 1.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -**What changes were introduced in this major version?** - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- The different fields present in the _Chart.yaml_ file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts - -**Considerations when upgrading to this version** - -- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 - -**Useful links** - -- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/ -- https://helm.sh/docs/topics/v2_v3_migration/ -- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/ diff --git a/influxdb/charts/common/.helmignore b/influxdb/charts/common/.helmignore deleted file mode 100644 index 50af031..0000000 --- a/influxdb/charts/common/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/influxdb/charts/common/Chart.yaml b/influxdb/charts/common/Chart.yaml deleted file mode 100644 index 243bc6c..0000000 --- a/influxdb/charts/common/Chart.yaml +++ /dev/null @@ -1,23 +0,0 @@ -annotations: - category: Infrastructure -apiVersion: v2 -appVersion: 1.10.0 -description: A Library Helm Chart for grouping common logic between bitnami charts. - This chart is not deployable by itself. -home: https://github.com/bitnami/charts/tree/master/bitnami/common -icon: https://bitnami.com/downloads/logos/bitnami-mark.png -keywords: -- common -- helper -- template -- function -- bitnami -maintainers: -- email: containers@bitnami.com - name: Bitnami -name: common -sources: -- https://github.com/bitnami/charts -- http://www.bitnami.com/ -type: library -version: 1.10.0 diff --git a/influxdb/charts/common/README.md b/influxdb/charts/common/README.md deleted file mode 100644 index cbbc31d..0000000 --- a/influxdb/charts/common/README.md +++ /dev/null @@ -1,328 +0,0 @@ -# Bitnami Common Library Chart - -A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts. - -## TL;DR - -```yaml -dependencies: - - name: common - version: 0.x.x - repository: https://charts.bitnami.com/bitnami -``` - -```bash -$ helm dependency update -``` - -```yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }} -data: - myvalue: "Hello World" -``` - -## Introduction - -This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications. - -## Prerequisites - -- Kubernetes 1.12+ -- Helm 3.1.0 - -## Parameters - -The following table lists the helpers available in the library which are scoped in different sections. - -### Affinities - -| Helper identifier | Description | Expected Input | -|-------------------------------|------------------------------------------------------|------------------------------------------------| -| `common.affinities.node.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.node.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.pod.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | -| `common.affinities.pod.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | - -### Capabilities - -| Helper identifier | Description | Expected Input | -|------------------------------------------------|------------------------------------------------------------------------------------------------|-------------------| -| `common.capabilities.kubeVersion` | Return the target Kubernetes version (using client default if .Values.kubeVersion is not set). | `.` Chart context | -| `common.capabilities.cronjob.apiVersion` | Return the appropriate apiVersion for cronjob. | `.` Chart context | -| `common.capabilities.deployment.apiVersion` | Return the appropriate apiVersion for deployment. | `.` Chart context | -| `common.capabilities.statefulset.apiVersion` | Return the appropriate apiVersion for statefulset. | `.` Chart context | -| `common.capabilities.ingress.apiVersion` | Return the appropriate apiVersion for ingress. | `.` Chart context | -| `common.capabilities.rbac.apiVersion` | Return the appropriate apiVersion for RBAC resources. | `.` Chart context | -| `common.capabilities.crd.apiVersion` | Return the appropriate apiVersion for CRDs. | `.` Chart context | -| `common.capabilities.policy.apiVersion` | Return the appropriate apiVersion for podsecuritypolicy. | `.` Chart context | -| `common.capabilities.networkPolicy.apiVersion` | Return the appropriate apiVersion for networkpolicy. | `.` Chart context | -| `common.capabilities.supportsHelmVersion` | Returns true if the used Helm version is 3.3+ | `.` Chart context | - -### Errors - -| Helper identifier | Description | Expected Input | -|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------| -| `common.errors.upgrade.passwords.empty` | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01) "context" $` | - -### Images - -| Helper identifier | Description | Expected Input | -|-----------------------------|------------------------------------------------------|---------------------------------------------------------------------------------------------------------| -| `common.images.image` | Return the proper and full image name | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure. | -| `common.images.pullSecrets` | Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global` | -| `common.images.renderPullSecrets` | Return the proper Docker Image Registry Secret Names (evaluates values as templates) | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $` | - -### Ingress - -| Helper identifier | Description | Expected Input | -|-------------------------------------------|----------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.ingress.backend` | Generate a proper Ingress backend entry depending on the API version | `dict "serviceName" "foo" "servicePort" "bar"`, see the [Ingress deprecation notice](https://kubernetes.io/blog/2019/07/18/api-deprecations-in-1-16/) for the syntax differences | -| `common.ingress.supportsPathType` | Prints "true" if the pathType field is supported | `.` Chart context | -| `common.ingress.supportsIngressClassname` | Prints "true" if the ingressClassname field is supported | `.` Chart context | - -### Labels - -| Helper identifier | Description | Expected Input | -|-----------------------------|------------------------------------------------------|-------------------| -| `common.labels.standard` | Return Kubernetes standard labels | `.` Chart context | -| `common.labels.matchLabels` | Return the proper Docker Image Registry Secret Names | `.` Chart context | - -### Names - -| Helper identifier | Description | Expected Input | -|-------------------------|------------------------------------------------------------|-------------------| -| `common.names.name` | Expand the name of the chart or use `.Values.nameOverride` | `.` Chart context | -| `common.names.fullname` | Create a default fully qualified app name. | `.` Chart context | -| `common.names.chart` | Chart name plus version | `.` Chart context | - -### Secrets - -| Helper identifier | Description | Expected Input | -|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | -| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | -| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | -| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | - -### Storage - -| Helper identifier | Description | Expected Input | -|-------------------------------|---------------------------------------|---------------------------------------------------------------------------------------------------------------------| -| `common.storage.class` | Return the proper Storage Class | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure. | - -### TplValues - -| Helper identifier | Description | Expected Input | -|---------------------------|----------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.tplvalues.render` | Renders a value that contains template | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frequently is the chart context `$` or `.` | - -### Utils - -| Helper identifier | Description | Expected Input | -|--------------------------------|------------------------------------------------------------------------------------------|------------------------------------------------------------------------| -| `common.utils.fieldToEnvVar` | Build environment variable name given a field. | `dict "field" "my-password"` | -| `common.utils.secret.getvalue` | Print instructions to get a secret value. | `dict "secret" "secret-name" "field" "secret-value-field" "context" $` | -| `common.utils.getValueFromKey` | Gets a value from `.Values` object given its key path | `dict "key" "path.to.key" "context" $` | -| `common.utils.getKeyFromList` | Returns first `.Values` key with a defined value or first of the list if all non-defined | `dict "keys" (list "path.to.key1" "path.to.key2") "context" $` | - -### Validations - -| Helper identifier | Description | Expected Input | -|--------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.validations.values.single.empty` | Validate a value must not be empty. | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "subchart" "subchart" "context" $` secret, field and subchart are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) | -| `common.validations.values.multiple.empty` | Validate a multiple values must not be empty. It returns a shared error for all the values. | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue) | -| `common.validations.values.mariadb.passwords` | This helper will ensure required password for MariaDB are not empty. It returns a shared error for all the values. | `dict "secret" "mariadb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mariadb chart and the helper. | -| `common.validations.values.postgresql.passwords` | This helper will ensure required password for PostgreSQL are not empty. It returns a shared error for all the values. | `dict "secret" "postgresql-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper. | -| `common.validations.values.redis.passwords` | This helper will ensure required password for Redis™ are not empty. It returns a shared error for all the values. | `dict "secret" "redis-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use redis chart and the helper. | -| `common.validations.values.cassandra.passwords` | This helper will ensure required password for Cassandra are not empty. It returns a shared error for all the values. | `dict "secret" "cassandra-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use cassandra chart and the helper. | -| `common.validations.values.mongodb.passwords` | This helper will ensure required password for MongoDB® are not empty. It returns a shared error for all the values. | `dict "secret" "mongodb-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use mongodb chart and the helper. | - -### Warnings - -| Helper identifier | Description | Expected Input | -|------------------------------|----------------------------------|------------------------------------------------------------| -| `common.warnings.rollingTag` | Warning about using rolling tag. | `ImageRoot` see [ImageRoot](#imageroot) for the structure. | - -## Special input schemas - -### ImageRoot - -```yaml -registry: - type: string - description: Docker registry where the image is located - example: docker.io - -repository: - type: string - description: Repository and image name - example: bitnami/nginx - -tag: - type: string - description: image tag - example: 1.16.1-debian-10-r63 - -pullPolicy: - type: string - description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - -pullSecrets: - type: array - items: - type: string - description: Optionally specify an array of imagePullSecrets (evaluated as templates). - -debug: - type: boolean - description: Set to true if you would like to see extra information on logs - example: false - -## An instance would be: -# registry: docker.io -# repository: bitnami/nginx -# tag: 1.16.1-debian-10-r63 -# pullPolicy: IfNotPresent -# debug: false -``` - -### Persistence - -```yaml -enabled: - type: boolean - description: Whether enable persistence. - example: true - -storageClass: - type: string - description: Ghost data Persistent Volume Storage Class, If set to "-", storageClassName: "" which disables dynamic provisioning. - example: "-" - -accessMode: - type: string - description: Access mode for the Persistent Volume Storage. - example: ReadWriteOnce - -size: - type: string - description: Size the Persistent Volume Storage. - example: 8Gi - -path: - type: string - description: Path to be persisted. - example: /bitnami - -## An instance would be: -# enabled: true -# storageClass: "-" -# accessMode: ReadWriteOnce -# size: 8Gi -# path: /bitnami -``` - -### ExistingSecret - -```yaml -name: - type: string - description: Name of the existing secret. - example: mySecret -keyMapping: - description: Mapping between the expected key name and the name of the key in the existing secret. - type: object - -## An instance would be: -# name: mySecret -# keyMapping: -# password: myPasswordKey -``` - -#### Example of use - -When we store sensitive data for a deployment in a secret, some times we want to give to users the possibility of using theirs existing secrets. - -```yaml -# templates/secret.yaml ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - labels: - app: {{ include "common.names.fullname" . }} -type: Opaque -data: - password: {{ .Values.password | b64enc | quote }} - -# templates/dpl.yaml ---- -... - env: - - name: PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }} - key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "password") }} -... - -# values.yaml ---- -name: mySecret -keyMapping: - password: myPasswordKey -``` - -### ValidateValue - -#### NOTES.txt - -```console -{{- $validateValueConf00 := (dict "valueKey" "path.to.value00" "secret" "secretName" "field" "password-00") -}} -{{- $validateValueConf01 := (dict "valueKey" "path.to.value01" "secret" "secretName" "field" "password-01") -}} - -{{ include "common.validations.values.multiple.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }} -``` - -If we force those values to be empty we will see some alerts - -```console -$ helm install test mychart --set path.to.value00="",path.to.value01="" - 'path.to.value00' must not be empty, please add '--set path.to.value00=$PASSWORD_00' to the command. To get the current value: - - export PASSWORD_00=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-00}" | base64 --decode) - - 'path.to.value01' must not be empty, please add '--set path.to.value01=$PASSWORD_01' to the command. To get the current value: - - export PASSWORD_01=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-01}" | base64 --decode) -``` - -## Upgrading - -### To 1.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -**What changes were introduced in this major version?** - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- Use `type: library`. [Here](https://v3.helm.sh/docs/faq/#library-chart-support) you can find more information. -- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts - -**Considerations when upgrading to this version** - -- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 - -**Useful links** - -- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/ -- https://helm.sh/docs/topics/v2_v3_migration/ -- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/ diff --git a/influxdb/charts/common/templates/_affinities.tpl b/influxdb/charts/common/templates/_affinities.tpl deleted file mode 100644 index 189ea40..0000000 --- a/influxdb/charts/common/templates/_affinities.tpl +++ /dev/null @@ -1,102 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Return a soft nodeAffinity definition -{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} -*/}} -{{- define "common.affinities.nodes.soft" -}} -preferredDuringSchedulingIgnoredDuringExecution: - - preference: - matchExpressions: - - key: {{ .key }} - operator: In - values: - {{- range .values }} - - {{ . | quote }} - {{- end }} - weight: 1 -{{- end -}} - -{{/* -Return a hard nodeAffinity definition -{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} -*/}} -{{- define "common.affinities.nodes.hard" -}} -requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: {{ .key }} - operator: In - values: - {{- range .values }} - - {{ . | quote }} - {{- end }} -{{- end -}} - -{{/* -Return a nodeAffinity definition -{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} -*/}} -{{- define "common.affinities.nodes" -}} - {{- if eq .type "soft" }} - {{- include "common.affinities.nodes.soft" . -}} - {{- else if eq .type "hard" }} - {{- include "common.affinities.nodes.hard" . -}} - {{- end -}} -{{- end -}} - -{{/* -Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} -*/}} -{{- define "common.affinities.pods.soft" -}} -{{- $component := default "" .component -}} -{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} -preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 10 }} - {{- if not (empty $component) }} - {{ printf "app.kubernetes.io/component: %s" $component }} - {{- end }} - {{- range $key, $value := $extraMatchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - namespaces: - - {{ .context.Release.Namespace | quote }} - topologyKey: kubernetes.io/hostname - weight: 1 -{{- end -}} - -{{/* -Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} -*/}} -{{- define "common.affinities.pods.hard" -}} -{{- $component := default "" .component -}} -{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} -requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchLabels: {{- (include "common.labels.matchLabels" .context) | nindent 8 }} - {{- if not (empty $component) }} - {{ printf "app.kubernetes.io/component: %s" $component }} - {{- end }} - {{- range $key, $value := $extraMatchLabels }} - {{ $key }}: {{ $value | quote }} - {{- end }} - namespaces: - - {{ .context.Release.Namespace | quote }} - topologyKey: kubernetes.io/hostname -{{- end -}} - -{{/* -Return a podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} -*/}} -{{- define "common.affinities.pods" -}} - {{- if eq .type "soft" }} - {{- include "common.affinities.pods.soft" . -}} - {{- else if eq .type "hard" }} - {{- include "common.affinities.pods.hard" . -}} - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_capabilities.tpl b/influxdb/charts/common/templates/_capabilities.tpl deleted file mode 100644 index 26a4ef8..0000000 --- a/influxdb/charts/common/templates/_capabilities.tpl +++ /dev/null @@ -1,128 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Return the target Kubernetes version -*/}} -{{- define "common.capabilities.kubeVersion" -}} -{{- if .Values.global }} - {{- if .Values.global.kubeVersion }} - {{- .Values.global.kubeVersion -}} - {{- else }} - {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} - {{- end -}} -{{- else }} -{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for podsecuritypolicy. -*/}} -{{- define "common.capabilities.policy.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "common.capabilities.networkPolicy.apiVersion" -}} -{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for cronjob. -*/}} -{{- define "common.capabilities.cronjob.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "batch/v1beta1" -}} -{{- else -}} -{{- print "batch/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "common.capabilities.deployment.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for statefulset. -*/}} -{{- define "common.capabilities.statefulset.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "apps/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "common.capabilities.ingress.apiVersion" -}} -{{- if .Values.ingress -}} -{{- if .Values.ingress.apiVersion -}} -{{- .Values.ingress.apiVersion -}} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end }} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for RBAC resources. -*/}} -{{- define "common.capabilities.rbac.apiVersion" -}} -{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "rbac.authorization.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "rbac.authorization.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for CRDs. -*/}} -{{- define "common.capabilities.crd.apiVersion" -}} -{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "apiextensions.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "apiextensions.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Returns true if the used Helm version is 3.3+. -A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure. -This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error. -**To be removed when the catalog's minimun Helm version is 3.3** -*/}} -{{- define "common.capabilities.supportsHelmVersion" -}} -{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }} - {{- true -}} -{{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_errors.tpl b/influxdb/charts/common/templates/_errors.tpl deleted file mode 100644 index a79cc2e..0000000 --- a/influxdb/charts/common/templates/_errors.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Through error when upgrading using empty passwords values that must not be empty. - -Usage: -{{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}} -{{- $validationError01 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password01" "secret" "secretName" "field" "password-01") -}} -{{ include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $validationError00 $validationError01) "context" $) }} - -Required password params: - - validationErrors - String - Required. List of validation strings to be return, if it is empty it won't throw error. - - context - Context - Required. Parent context. -*/}} -{{- define "common.errors.upgrade.passwords.empty" -}} - {{- $validationErrors := join "" .validationErrors -}} - {{- if and $validationErrors .context.Release.IsUpgrade -}} - {{- $errorString := "\nPASSWORDS ERROR: You must provide your current passwords when upgrading the release." -}} - {{- $errorString = print $errorString "\n Note that even after reinstallation, old credentials may be needed as they may be kept in persistent volume claims." -}} - {{- $errorString = print $errorString "\n Further information can be obtained at https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases" -}} - {{- $errorString = print $errorString "\n%s" -}} - {{- printf $errorString $validationErrors | fail -}} - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_images.tpl b/influxdb/charts/common/templates/_images.tpl deleted file mode 100644 index 42ffbc7..0000000 --- a/influxdb/charts/common/templates/_images.tpl +++ /dev/null @@ -1,75 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Return the proper image name -{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }} -*/}} -{{- define "common.images.image" -}} -{{- $registryName := .imageRoot.registry -}} -{{- $repositoryName := .imageRoot.repository -}} -{{- $tag := .imageRoot.tag | toString -}} -{{- if .global }} - {{- if .global.imageRegistry }} - {{- $registryName = .global.imageRegistry -}} - {{- end -}} -{{- end -}} -{{- if $registryName }} -{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- else -}} -{{- printf "%s:%s" $repositoryName $tag -}} -{{- end -}} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) -{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }} -*/}} -{{- define "common.images.pullSecrets" -}} - {{- $pullSecrets := list }} - - {{- if .global }} - {{- range .global.imagePullSecrets -}} - {{- $pullSecrets = append $pullSecrets . -}} - {{- end -}} - {{- end -}} - - {{- range .images -}} - {{- range .pullSecrets -}} - {{- $pullSecrets = append $pullSecrets . -}} - {{- end -}} - {{- end -}} - - {{- if (not (empty $pullSecrets)) }} -imagePullSecrets: - {{- range $pullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names evaluating values as templates -{{ include "common.images.renderPullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "context" $) }} -*/}} -{{- define "common.images.renderPullSecrets" -}} - {{- $pullSecrets := list }} - {{- $context := .context }} - - {{- if $context.Values.global }} - {{- range $context.Values.global.imagePullSecrets -}} - {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} - {{- end -}} - {{- end -}} - - {{- range .images -}} - {{- range .pullSecrets -}} - {{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}} - {{- end -}} - {{- end -}} - - {{- if (not (empty $pullSecrets)) }} -imagePullSecrets: - {{- range $pullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} -{{- end -}} diff --git a/influxdb/charts/common/templates/_ingress.tpl b/influxdb/charts/common/templates/_ingress.tpl deleted file mode 100644 index f905f20..0000000 --- a/influxdb/charts/common/templates/_ingress.tpl +++ /dev/null @@ -1,55 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Generate backend entry that is compatible with all Kubernetes API versions. - -Usage: -{{ include "common.ingress.backend" (dict "serviceName" "backendName" "servicePort" "backendPort" "context" $) }} - -Params: - - serviceName - String. Name of an existing service backend - - servicePort - String/Int. Port name (or number) of the service. It will be translated to different yaml depending if it is a string or an integer. - - context - Dict - Required. The context for the template evaluation. -*/}} -{{- define "common.ingress.backend" -}} -{{- $apiVersion := (include "common.capabilities.ingress.apiVersion" .context) -}} -{{- if or (eq $apiVersion "extensions/v1beta1") (eq $apiVersion "networking.k8s.io/v1beta1") -}} -serviceName: {{ .serviceName }} -servicePort: {{ .servicePort }} -{{- else -}} -service: - name: {{ .serviceName }} - port: - {{- if typeIs "string" .servicePort }} - name: {{ .servicePort }} - {{- else if or (typeIs "int" .servicePort) (typeIs "float64" .servicePort) }} - number: {{ .servicePort | int }} - {{- end }} -{{- end -}} -{{- end -}} - -{{/* -Print "true" if the API pathType field is supported -Usage: -{{ include "common.ingress.supportsPathType" . }} -*/}} -{{- define "common.ingress.supportsPathType" -}} -{{- if (semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .)) -}} -{{- print "false" -}} -{{- else -}} -{{- print "true" -}} -{{- end -}} -{{- end -}} - -{{/* -Returns true if the ingressClassname field is supported -Usage: -{{ include "common.ingress.supportsIngressClassname" . }} -*/}} -{{- define "common.ingress.supportsIngressClassname" -}} -{{- if semverCompare "<1.18-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "false" -}} -{{- else -}} -{{- print "true" -}} -{{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_labels.tpl b/influxdb/charts/common/templates/_labels.tpl deleted file mode 100644 index 252066c..0000000 --- a/influxdb/charts/common/templates/_labels.tpl +++ /dev/null @@ -1,18 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Kubernetes standard labels -*/}} -{{- define "common.labels.standard" -}} -app.kubernetes.io/name: {{ include "common.names.name" . }} -helm.sh/chart: {{ include "common.names.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} - -{{/* -Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector -*/}} -{{- define "common.labels.matchLabels" -}} -app.kubernetes.io/name: {{ include "common.names.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} diff --git a/influxdb/charts/common/templates/_names.tpl b/influxdb/charts/common/templates/_names.tpl deleted file mode 100644 index cf03231..0000000 --- a/influxdb/charts/common/templates/_names.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "common.names.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "common.names.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "common.names.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified dependency name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -Usage: -{{ include "common.names.dependency.fullname" (dict "chartName" "dependency-chart-name" "chartValues" .Values.dependency-chart "context" $) }} -*/}} -{{- define "common.names.dependency.fullname" -}} -{{- if .chartValues.fullnameOverride -}} -{{- .chartValues.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .chartName .chartValues.nameOverride -}} -{{- if contains $name .context.Release.Name -}} -{{- .context.Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .context.Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_secrets.tpl b/influxdb/charts/common/templates/_secrets.tpl deleted file mode 100644 index 60b84a7..0000000 --- a/influxdb/charts/common/templates/_secrets.tpl +++ /dev/null @@ -1,129 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Generate secret name. - -Usage: -{{ include "common.secrets.name" (dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $) }} - -Params: - - existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user - to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility. - +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret - - defaultNameSuffix - String - Optional. It is used only if we have several secrets in the same deployment. - - context - Dict - Required. The context for the template evaluation. -*/}} -{{- define "common.secrets.name" -}} -{{- $name := (include "common.names.fullname" .context) -}} - -{{- if .defaultNameSuffix -}} -{{- $name = printf "%s-%s" $name .defaultNameSuffix | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- with .existingSecret -}} -{{- if not (typeIs "string" .) -}} -{{- with .name -}} -{{- $name = . -}} -{{- end -}} -{{- else -}} -{{- $name = . -}} -{{- end -}} -{{- end -}} - -{{- printf "%s" $name -}} -{{- end -}} - -{{/* -Generate secret key. - -Usage: -{{ include "common.secrets.key" (dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName") }} - -Params: - - existingSecret - ExistingSecret/String - Optional. The path to the existing secrets in the values.yaml given by the user - to be used instead of the default one. Allows for it to be of type String (just the secret name) for backwards compatibility. - +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret - - key - String - Required. Name of the key in the secret. -*/}} -{{- define "common.secrets.key" -}} -{{- $key := .key -}} - -{{- if .existingSecret -}} - {{- if not (typeIs "string" .existingSecret) -}} - {{- if .existingSecret.keyMapping -}} - {{- $key = index .existingSecret.keyMapping $.key -}} - {{- end -}} - {{- end }} -{{- end -}} - -{{- printf "%s" $key -}} -{{- end -}} - -{{/* -Generate secret password or retrieve one if already created. - -Usage: -{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $) }} - -Params: - - secret - String - Required - Name of the 'Secret' resource where the password is stored. - - key - String - Required - Name of the key in the secret. - - providedValues - List - Required - The path to the validating value in the values.yaml, e.g: "mysql.password". Will pick first parameter with a defined value. - - length - int - Optional - Length of the generated random password. - - strong - Boolean - Optional - Whether to add symbols to the generated random password. - - chartName - String - Optional - Name of the chart used when said chart is deployed as a subchart. - - context - Context - Required - Parent context. -*/}} -{{- define "common.secrets.passwords.manage" -}} - -{{- $password := "" }} -{{- $subchart := "" }} -{{- $chartName := default "" .chartName }} -{{- $passwordLength := default 10 .length }} -{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }} -{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }} -{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }} -{{- if $secret }} - {{- if index $secret.data .key }} - {{- $password = index $secret.data .key }} - {{- end -}} -{{- else if $providedPasswordValue }} - {{- $password = $providedPasswordValue | toString | b64enc | quote }} -{{- else }} - - {{- if .context.Values.enabled }} - {{- $subchart = $chartName }} - {{- end -}} - - {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}} - {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}} - {{- $passwordValidationErrors := list $requiredPasswordError -}} - {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}} - - {{- if .strong }} - {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }} - {{- $password = randAscii $passwordLength }} - {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }} - {{- $password = printf "%s%s" $subStr $password | toString | shuffle | b64enc | quote }} - {{- else }} - {{- $password = randAlphaNum $passwordLength | b64enc | quote }} - {{- end }} -{{- end -}} -{{- printf "%s" $password -}} -{{- end -}} - -{{/* -Returns whether a previous generated secret already exists - -Usage: -{{ include "common.secrets.exists" (dict "secret" "secret-name" "context" $) }} - -Params: - - secret - String - Required - Name of the 'Secret' resource where the password is stored. - - context - Context - Required - Parent context. -*/}} -{{- define "common.secrets.exists" -}} -{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }} -{{- if $secret }} - {{- true -}} -{{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_storage.tpl b/influxdb/charts/common/templates/_storage.tpl deleted file mode 100644 index 60e2a84..0000000 --- a/influxdb/charts/common/templates/_storage.tpl +++ /dev/null @@ -1,23 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Return the proper Storage Class -{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }} -*/}} -{{- define "common.storage.class" -}} - -{{- $storageClass := .persistence.storageClass -}} -{{- if .global -}} - {{- if .global.storageClass -}} - {{- $storageClass = .global.storageClass -}} - {{- end -}} -{{- end -}} - -{{- if $storageClass -}} - {{- if (eq "-" $storageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" $storageClass -}} - {{- end -}} -{{- end -}} - -{{- end -}} diff --git a/influxdb/charts/common/templates/_tplvalues.tpl b/influxdb/charts/common/templates/_tplvalues.tpl deleted file mode 100644 index 2db1668..0000000 --- a/influxdb/charts/common/templates/_tplvalues.tpl +++ /dev/null @@ -1,13 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Renders a value that contains template. -Usage: -{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }} -*/}} -{{- define "common.tplvalues.render" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} diff --git a/influxdb/charts/common/templates/_utils.tpl b/influxdb/charts/common/templates/_utils.tpl deleted file mode 100644 index ea083a2..0000000 --- a/influxdb/charts/common/templates/_utils.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Print instructions to get a secret value. -Usage: -{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }} -*/}} -{{- define "common.utils.secret.getvalue" -}} -{{- $varname := include "common.utils.fieldToEnvVar" . -}} -export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 --decode) -{{- end -}} - -{{/* -Build env var name given a field -Usage: -{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }} -*/}} -{{- define "common.utils.fieldToEnvVar" -}} - {{- $fieldNameSplit := splitList "-" .field -}} - {{- $upperCaseFieldNameSplit := list -}} - - {{- range $fieldNameSplit -}} - {{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}} - {{- end -}} - - {{ join "_" $upperCaseFieldNameSplit }} -{{- end -}} - -{{/* -Gets a value from .Values given -Usage: -{{ include "common.utils.getValueFromKey" (dict "key" "path.to.key" "context" $) }} -*/}} -{{- define "common.utils.getValueFromKey" -}} -{{- $splitKey := splitList "." .key -}} -{{- $value := "" -}} -{{- $latestObj := $.context.Values -}} -{{- range $splitKey -}} - {{- if not $latestObj -}} - {{- printf "please review the entire path of '%s' exists in values" $.key | fail -}} - {{- end -}} - {{- $value = ( index $latestObj . ) -}} - {{- $latestObj = $value -}} -{{- end -}} -{{- printf "%v" (default "" $value) -}} -{{- end -}} - -{{/* -Returns first .Values key with a defined value or first of the list if all non-defined -Usage: -{{ include "common.utils.getKeyFromList" (dict "keys" (list "path.to.key1" "path.to.key2") "context" $) }} -*/}} -{{- define "common.utils.getKeyFromList" -}} -{{- $key := first .keys -}} -{{- $reverseKeys := reverse .keys }} -{{- range $reverseKeys }} - {{- $value := include "common.utils.getValueFromKey" (dict "key" . "context" $.context ) }} - {{- if $value -}} - {{- $key = . }} - {{- end -}} -{{- end -}} -{{- printf "%s" $key -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/_warnings.tpl b/influxdb/charts/common/templates/_warnings.tpl deleted file mode 100644 index ae10fa4..0000000 --- a/influxdb/charts/common/templates/_warnings.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Warning about using rolling tag. -Usage: -{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }} -*/}} -{{- define "common.warnings.rollingTag" -}} - -{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }} -WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. -+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ -{{- end }} - -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_cassandra.tpl b/influxdb/charts/common/templates/validations/_cassandra.tpl deleted file mode 100644 index 8679ddf..0000000 --- a/influxdb/charts/common/templates/validations/_cassandra.tpl +++ /dev/null @@ -1,72 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Validate Cassandra required passwords are not empty. - -Usage: -{{ include "common.validations.values.cassandra.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} -Params: - - secret - String - Required. Name of the secret where Cassandra values are stored, e.g: "cassandra-passwords-secret" - - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false -*/}} -{{- define "common.validations.values.cassandra.passwords" -}} - {{- $existingSecret := include "common.cassandra.values.existingSecret" . -}} - {{- $enabled := include "common.cassandra.values.enabled" . -}} - {{- $dbUserPrefix := include "common.cassandra.values.key.dbUser" . -}} - {{- $valueKeyPassword := printf "%s.password" $dbUserPrefix -}} - - {{- if and (not $existingSecret) (eq $enabled "true") -}} - {{- $requiredPasswords := list -}} - - {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "cassandra-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} - - {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} - - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for existingSecret. - -Usage: -{{ include "common.cassandra.values.existingSecret" (dict "context" $) }} -Params: - - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false -*/}} -{{- define "common.cassandra.values.existingSecret" -}} - {{- if .subchart -}} - {{- .context.Values.cassandra.dbUser.existingSecret | quote -}} - {{- else -}} - {{- .context.Values.dbUser.existingSecret | quote -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled cassandra. - -Usage: -{{ include "common.cassandra.values.enabled" (dict "context" $) }} -*/}} -{{- define "common.cassandra.values.enabled" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.cassandra.enabled -}} - {{- else -}} - {{- printf "%v" (not .context.Values.enabled) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for the key dbUser - -Usage: -{{ include "common.cassandra.values.key.dbUser" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether Cassandra is used as subchart or not. Default: false -*/}} -{{- define "common.cassandra.values.key.dbUser" -}} - {{- if .subchart -}} - cassandra.dbUser - {{- else -}} - dbUser - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_mariadb.tpl b/influxdb/charts/common/templates/validations/_mariadb.tpl deleted file mode 100644 index bb5ed72..0000000 --- a/influxdb/charts/common/templates/validations/_mariadb.tpl +++ /dev/null @@ -1,103 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Validate MariaDB required passwords are not empty. - -Usage: -{{ include "common.validations.values.mariadb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} -Params: - - secret - String - Required. Name of the secret where MariaDB values are stored, e.g: "mysql-passwords-secret" - - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false -*/}} -{{- define "common.validations.values.mariadb.passwords" -}} - {{- $existingSecret := include "common.mariadb.values.auth.existingSecret" . -}} - {{- $enabled := include "common.mariadb.values.enabled" . -}} - {{- $architecture := include "common.mariadb.values.architecture" . -}} - {{- $authPrefix := include "common.mariadb.values.key.auth" . -}} - {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}} - {{- $valueKeyUsername := printf "%s.username" $authPrefix -}} - {{- $valueKeyPassword := printf "%s.password" $authPrefix -}} - {{- $valueKeyReplicationPassword := printf "%s.replicationPassword" $authPrefix -}} - - {{- if and (not $existingSecret) (eq $enabled "true") -}} - {{- $requiredPasswords := list -}} - - {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mariadb-root-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}} - - {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }} - {{- if not (empty $valueUsername) -}} - {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mariadb-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} - {{- end -}} - - {{- if (eq $architecture "replication") -}} - {{- $requiredReplicationPassword := dict "valueKey" $valueKeyReplicationPassword "secret" .secret "field" "mariadb-replication-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}} - {{- end -}} - - {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} - - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for existingSecret. - -Usage: -{{ include "common.mariadb.values.auth.existingSecret" (dict "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false -*/}} -{{- define "common.mariadb.values.auth.existingSecret" -}} - {{- if .subchart -}} - {{- .context.Values.mariadb.auth.existingSecret | quote -}} - {{- else -}} - {{- .context.Values.auth.existingSecret | quote -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled mariadb. - -Usage: -{{ include "common.mariadb.values.enabled" (dict "context" $) }} -*/}} -{{- define "common.mariadb.values.enabled" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.mariadb.enabled -}} - {{- else -}} - {{- printf "%v" (not .context.Values.enabled) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for architecture - -Usage: -{{ include "common.mariadb.values.architecture" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false -*/}} -{{- define "common.mariadb.values.architecture" -}} - {{- if .subchart -}} - {{- .context.Values.mariadb.architecture -}} - {{- else -}} - {{- .context.Values.architecture -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for the key auth - -Usage: -{{ include "common.mariadb.values.key.auth" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false -*/}} -{{- define "common.mariadb.values.key.auth" -}} - {{- if .subchart -}} - mariadb.auth - {{- else -}} - auth - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_mongodb.tpl b/influxdb/charts/common/templates/validations/_mongodb.tpl deleted file mode 100644 index 1e5bba9..0000000 --- a/influxdb/charts/common/templates/validations/_mongodb.tpl +++ /dev/null @@ -1,108 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Validate MongoDB® required passwords are not empty. - -Usage: -{{ include "common.validations.values.mongodb.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} -Params: - - secret - String - Required. Name of the secret where MongoDB® values are stored, e.g: "mongodb-passwords-secret" - - subchart - Boolean - Optional. Whether MongoDB® is used as subchart or not. Default: false -*/}} -{{- define "common.validations.values.mongodb.passwords" -}} - {{- $existingSecret := include "common.mongodb.values.auth.existingSecret" . -}} - {{- $enabled := include "common.mongodb.values.enabled" . -}} - {{- $authPrefix := include "common.mongodb.values.key.auth" . -}} - {{- $architecture := include "common.mongodb.values.architecture" . -}} - {{- $valueKeyRootPassword := printf "%s.rootPassword" $authPrefix -}} - {{- $valueKeyUsername := printf "%s.username" $authPrefix -}} - {{- $valueKeyDatabase := printf "%s.database" $authPrefix -}} - {{- $valueKeyPassword := printf "%s.password" $authPrefix -}} - {{- $valueKeyReplicaSetKey := printf "%s.replicaSetKey" $authPrefix -}} - {{- $valueKeyAuthEnabled := printf "%s.enabled" $authPrefix -}} - - {{- $authEnabled := include "common.utils.getValueFromKey" (dict "key" $valueKeyAuthEnabled "context" .context) -}} - - {{- if and (not $existingSecret) (eq $enabled "true") (eq $authEnabled "true") -}} - {{- $requiredPasswords := list -}} - - {{- $requiredRootPassword := dict "valueKey" $valueKeyRootPassword "secret" .secret "field" "mongodb-root-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredRootPassword -}} - - {{- $valueUsername := include "common.utils.getValueFromKey" (dict "key" $valueKeyUsername "context" .context) }} - {{- $valueDatabase := include "common.utils.getValueFromKey" (dict "key" $valueKeyDatabase "context" .context) }} - {{- if and $valueUsername $valueDatabase -}} - {{- $requiredPassword := dict "valueKey" $valueKeyPassword "secret" .secret "field" "mongodb-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredPassword -}} - {{- end -}} - - {{- if (eq $architecture "replicaset") -}} - {{- $requiredReplicaSetKey := dict "valueKey" $valueKeyReplicaSetKey "secret" .secret "field" "mongodb-replica-set-key" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredReplicaSetKey -}} - {{- end -}} - - {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} - - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for existingSecret. - -Usage: -{{ include "common.mongodb.values.auth.existingSecret" (dict "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MongoDb is used as subchart or not. Default: false -*/}} -{{- define "common.mongodb.values.auth.existingSecret" -}} - {{- if .subchart -}} - {{- .context.Values.mongodb.auth.existingSecret | quote -}} - {{- else -}} - {{- .context.Values.auth.existingSecret | quote -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled mongodb. - -Usage: -{{ include "common.mongodb.values.enabled" (dict "context" $) }} -*/}} -{{- define "common.mongodb.values.enabled" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.mongodb.enabled -}} - {{- else -}} - {{- printf "%v" (not .context.Values.enabled) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for the key auth - -Usage: -{{ include "common.mongodb.values.key.auth" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MongoDB® is used as subchart or not. Default: false -*/}} -{{- define "common.mongodb.values.key.auth" -}} - {{- if .subchart -}} - mongodb.auth - {{- else -}} - auth - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for architecture - -Usage: -{{ include "common.mongodb.values.architecture" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether MariaDB is used as subchart or not. Default: false -*/}} -{{- define "common.mongodb.values.architecture" -}} - {{- if .subchart -}} - {{- .context.Values.mongodb.architecture -}} - {{- else -}} - {{- .context.Values.architecture -}} - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_postgresql.tpl b/influxdb/charts/common/templates/validations/_postgresql.tpl deleted file mode 100644 index 992bcd3..0000000 --- a/influxdb/charts/common/templates/validations/_postgresql.tpl +++ /dev/null @@ -1,131 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Validate PostgreSQL required passwords are not empty. - -Usage: -{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} -Params: - - secret - String - Required. Name of the secret where postgresql values are stored, e.g: "postgresql-passwords-secret" - - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false -*/}} -{{- define "common.validations.values.postgresql.passwords" -}} - {{- $existingSecret := include "common.postgresql.values.existingSecret" . -}} - {{- $enabled := include "common.postgresql.values.enabled" . -}} - {{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}} - {{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}} - - {{- if and (not $existingSecret) (eq $enabled "true") -}} - {{- $requiredPasswords := list -}} - - {{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}} - - {{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}} - {{- if (eq $enabledReplication "true") -}} - {{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}} - {{- end -}} - - {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to decide whether evaluate global values. - -Usage: -{{ include "common.postgresql.values.use.global" (dict "key" "key-of-global" "context" $) }} -Params: - - key - String - Required. Field to be evaluated within global, e.g: "existingSecret" -*/}} -{{- define "common.postgresql.values.use.global" -}} - {{- if .context.Values.global -}} - {{- if .context.Values.global.postgresql -}} - {{- index .context.Values.global.postgresql .key | quote -}} - {{- end -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for existingSecret. - -Usage: -{{ include "common.postgresql.values.existingSecret" (dict "context" $) }} -*/}} -{{- define "common.postgresql.values.existingSecret" -}} - {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "existingSecret" "context" .context) -}} - - {{- if .subchart -}} - {{- default (.context.Values.postgresql.existingSecret | quote) $globalValue -}} - {{- else -}} - {{- default (.context.Values.existingSecret | quote) $globalValue -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled postgresql. - -Usage: -{{ include "common.postgresql.values.enabled" (dict "context" $) }} -*/}} -{{- define "common.postgresql.values.enabled" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.postgresql.enabled -}} - {{- else -}} - {{- printf "%v" (not .context.Values.enabled) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for the key postgressPassword. - -Usage: -{{ include "common.postgresql.values.key.postgressPassword" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false -*/}} -{{- define "common.postgresql.values.key.postgressPassword" -}} - {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "postgresqlUsername" "context" .context) -}} - - {{- if not $globalValue -}} - {{- if .subchart -}} - postgresql.postgresqlPassword - {{- else -}} - postgresqlPassword - {{- end -}} - {{- else -}} - global.postgresql.postgresqlPassword - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled.replication. - -Usage: -{{ include "common.postgresql.values.enabled.replication" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false -*/}} -{{- define "common.postgresql.values.enabled.replication" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.postgresql.replication.enabled -}} - {{- else -}} - {{- printf "%v" .context.Values.replication.enabled -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for the key replication.password. - -Usage: -{{ include "common.postgresql.values.key.replicationPassword" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false -*/}} -{{- define "common.postgresql.values.key.replicationPassword" -}} - {{- if .subchart -}} - postgresql.replication.password - {{- else -}} - replication.password - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_redis.tpl b/influxdb/charts/common/templates/validations/_redis.tpl deleted file mode 100644 index 18d9813..0000000 --- a/influxdb/charts/common/templates/validations/_redis.tpl +++ /dev/null @@ -1,76 +0,0 @@ - -{{/* vim: set filetype=mustache: */}} -{{/* -Validate Redis™ required passwords are not empty. - -Usage: -{{ include "common.validations.values.redis.passwords" (dict "secret" "secretName" "subchart" false "context" $) }} -Params: - - secret - String - Required. Name of the secret where redis values are stored, e.g: "redis-passwords-secret" - - subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false -*/}} -{{- define "common.validations.values.redis.passwords" -}} - {{- $enabled := include "common.redis.values.enabled" . -}} - {{- $valueKeyPrefix := include "common.redis.values.keys.prefix" . -}} - {{- $standarizedVersion := include "common.redis.values.standarized.version" . }} - - {{- $existingSecret := ternary (printf "%s%s" $valueKeyPrefix "auth.existingSecret") (printf "%s%s" $valueKeyPrefix "existingSecret") (eq $standarizedVersion "true") }} - {{- $existingSecretValue := include "common.utils.getValueFromKey" (dict "key" $existingSecret "context" .context) }} - - {{- $valueKeyRedisPassword := ternary (printf "%s%s" $valueKeyPrefix "auth.password") (printf "%s%s" $valueKeyPrefix "password") (eq $standarizedVersion "true") }} - {{- $valueKeyRedisUseAuth := ternary (printf "%s%s" $valueKeyPrefix "auth.enabled") (printf "%s%s" $valueKeyPrefix "usePassword") (eq $standarizedVersion "true") }} - - {{- if and (not $existingSecretValue) (eq $enabled "true") -}} - {{- $requiredPasswords := list -}} - - {{- $useAuth := include "common.utils.getValueFromKey" (dict "key" $valueKeyRedisUseAuth "context" .context) -}} - {{- if eq $useAuth "true" -}} - {{- $requiredRedisPassword := dict "valueKey" $valueKeyRedisPassword "secret" .secret "field" "redis-password" -}} - {{- $requiredPasswords = append $requiredPasswords $requiredRedisPassword -}} - {{- end -}} - - {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right value for enabled redis. - -Usage: -{{ include "common.redis.values.enabled" (dict "context" $) }} -*/}} -{{- define "common.redis.values.enabled" -}} - {{- if .subchart -}} - {{- printf "%v" .context.Values.redis.enabled -}} - {{- else -}} - {{- printf "%v" (not .context.Values.enabled) -}} - {{- end -}} -{{- end -}} - -{{/* -Auxiliary function to get the right prefix path for the values - -Usage: -{{ include "common.redis.values.key.prefix" (dict "subchart" "true" "context" $) }} -Params: - - subchart - Boolean - Optional. Whether redis is used as subchart or not. Default: false -*/}} -{{- define "common.redis.values.keys.prefix" -}} - {{- if .subchart -}}redis.{{- else -}}{{- end -}} -{{- end -}} - -{{/* -Checks whether the redis chart's includes the standarizations (version >= 14) - -Usage: -{{ include "common.redis.values.standarized.version" (dict "context" $) }} -*/}} -{{- define "common.redis.values.standarized.version" -}} - - {{- $standarizedAuth := printf "%s%s" (include "common.redis.values.keys.prefix" .) "auth" -}} - {{- $standarizedAuthValues := include "common.utils.getValueFromKey" (dict "key" $standarizedAuth "context" .context) }} - - {{- if $standarizedAuthValues -}} - {{- true -}} - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/templates/validations/_validations.tpl b/influxdb/charts/common/templates/validations/_validations.tpl deleted file mode 100644 index 9a814cf..0000000 --- a/influxdb/charts/common/templates/validations/_validations.tpl +++ /dev/null @@ -1,46 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Validate values must not be empty. - -Usage: -{{- $validateValueConf00 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-00") -}} -{{- $validateValueConf01 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-01") -}} -{{ include "common.validations.values.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }} - -Validate value params: - - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password" - - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret" - - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password" -*/}} -{{- define "common.validations.values.multiple.empty" -}} - {{- range .required -}} - {{- include "common.validations.values.single.empty" (dict "valueKey" .valueKey "secret" .secret "field" .field "context" $.context) -}} - {{- end -}} -{{- end -}} - -{{/* -Validate a value must not be empty. - -Usage: -{{ include "common.validations.value.empty" (dict "valueKey" "mariadb.password" "secret" "secretName" "field" "my-password" "subchart" "subchart" "context" $) }} - -Validate value params: - - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password" - - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret" - - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password" - - subchart - String - Optional - Name of the subchart that the validated password is part of. -*/}} -{{- define "common.validations.values.single.empty" -}} - {{- $value := include "common.utils.getValueFromKey" (dict "key" .valueKey "context" .context) }} - {{- $subchart := ternary "" (printf "%s." .subchart) (empty .subchart) }} - - {{- if not $value -}} - {{- $varname := "my-value" -}} - {{- $getCurrentValue := "" -}} - {{- if and .secret .field -}} - {{- $varname = include "common.utils.fieldToEnvVar" . -}} - {{- $getCurrentValue = printf " To get the current value:\n\n %s\n" (include "common.utils.secret.getvalue" .) -}} - {{- end -}} - {{- printf "\n '%s' must not be empty, please add '--set %s%s=$%s' to the command.%s" .valueKey $subchart .valueKey $varname $getCurrentValue -}} - {{- end -}} -{{- end -}} diff --git a/influxdb/charts/common/values.yaml b/influxdb/charts/common/values.yaml deleted file mode 100644 index f2df68e..0000000 --- a/influxdb/charts/common/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -## bitnami/common -## It is required by CI/CD tools and processes. -## @skip exampleValue -## -exampleValue: common-chart diff --git a/influxdb/files/conf/README.md b/influxdb/files/conf/README.md deleted file mode 100644 index 11f633a..0000000 --- a/influxdb/files/conf/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Place your InfluxDB™ and InfluxDB Relay™ configuration files here. These will not be used in case the values *existingConfiguration*, *relay.existingConfiguration* are used. - -More information can be found in the links below: - -- [InfluxDB™ Configuration File](https://github.com/bitnami/bitnami-docker-influxdb#configuration-file) -- [InfluxDB Relay™ Configuration File](https://github.com/bitnami/bitnami-docker-influxdb-relay#configuration) diff --git a/influxdb/files/docker-entrypoint-initdb.d/README.md b/influxdb/files/docker-entrypoint-initdb.d/README.md deleted file mode 100644 index 00c283d..0000000 --- a/influxdb/files/docker-entrypoint-initdb.d/README.md +++ /dev/null @@ -1,3 +0,0 @@ -You can copy here your custom `.sh` or `.txt` files so they are executed during the first boot of the image. - -More info in the [bitnami-docker-influxdb](https://github.com/bitnami/bitnami-docker-influxdb#initializing-a-new-instance) repository. diff --git a/influxdb/templates/NOTES.txt b/influxdb/templates/NOTES.txt deleted file mode 100644 index 55680c3..0000000 --- a/influxdb/templates/NOTES.txt +++ /dev/null @@ -1,201 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -** Please be patient while the chart is being deployed ** - -{{- if .Values.diagnosticMode.enabled }} -The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: - - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} - -Get the list of pods by executing: - - kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} - -Access the pod you want to debug by executing - - kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash - -In order to replicate the container startup scripts execute this command: - - /opt/bitnami/scripts/influxdb/entrypoint.sh /opt/bitnami/scripts/influxdb/run.sh - -{{- else }} - -InfluxDB™ can be accessed through following DNS names from within your cluster: - - {{- if eq .Values.architecture "high-availability" }} - InfluxDB Relay™ (write operations): {{ include "common.names.fullname" . }}-relay.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.relay.service.port }}) - InfluxDB™ servers (read operations): {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.influxdb.service.port }}) - {{- else }} - InfluxDB™: {{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.influxdb.service.port }}) - {{- end }} - {{- if .Values.metrics.enabled }} - InfluxDB™ Prometheus Metrics: {{ include "common.names.fullname" . }}-metrics.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.metrics.service.port }}) - {{- end }} - -{{- if .Values.authEnabled }} - -To get the password for the {{ .Values.auth.admin.username }} user, run: - - export ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.admin-user-password}" | base64 --decode) - -{{- if .Values.auth.user.username }} - -To get the password for the {{ .Values.auth.user.username }} user, run: - - export USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.user-password}" | base64 --decode) - -{{- end }} -{{- if .Values.readUser.name }} - -To get the password for the {{ .Values.readUser.name }} user, run: - - export READ_USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.read-user-password}" | base64 --decode) - -{{- end }} -{{- if .Values.writeUser.name }} - -To get the password for the {{ .Values.writeUser.name }} user, run: - - export WRITE_USER_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "influxdb.secretName" . }} -o jsonpath="{.data.write-user-password}" | base64 --decode) - -{{- end }} -{{- end }} - -To connect to your database run the following commands: - - {{- if eq .Values.architecture "high-availability" }} - - (write operations): - - kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} {{ if .Values.authEnabled }}--env="INFLUX_USERNAME={{ .Values.auth.admin.username }}" --env="INFLUX_PASSWORD=$ADMIN_PASSWORD"{{ end }} \ - {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ include "common.names.fullname" . }}-client=true" {{ end }}--image {{ include "influxdb.image" . }} \ - --command -- influx -host {{ include "common.names.fullname" . }}-relay -port {{ .Values.relay.service.port }} - - (read operations): - - {{- end }} - - kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} {{ if .Values.authEnabled }}--env="INFLUX_USERNAME={{ .Values.auth.admin.username }}" --env="INFLUX_PASSWORD=$ADMIN_PASSWORD"{{ end }} \ - {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ include "common.names.fullname" . }}-client=true" {{ end }}--image {{ include "influxdb.image" . }} \ - --command -- influx -host {{ include "common.names.fullname" . }} -port {{ .Values.influxdb.service.port }} - -{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} - -Note: Since NetworkPolicy is enabled, only pods with label "{{ include "common.names.fullname" . }}-client=true" will be able to connect to InfluxDB™ server(s). - -{{- end }} - -To connect to your database from outside the cluster execute the following commands: - -{{- if .Values.ingress.enabled }} -{{- $ingressHost := .Values.ingress.hostname }} - {{- if .Values.ingress.extraHosts }} - You should be able to access your new InfluxDB™ server(s) through: - {{- end }} - {{- range .Values.ingress.extraHosts }} - {{ if .tls }}https{{- else }}http{{ end }}://{{ .name }} - {{- end }} - - e.g.: - - {{ if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{ end }} influx -host {{ $ingressHost }} -port 80 - -{{- else if contains "NodePort" .Values.influxdb.service.type }} - - {{- if eq .Values.architecture "high-availability" }} - - (write operations): - - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}-relay) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $NODE_IP -port $NODE_PORT - - (read operations): - - {{- end }} - - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $NODE_IP -port $NODE_PORT - -{{- else if contains "LoadBalancer" .Values.influxdb.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "common.names.fullname" . }}-relay' - - {{- if eq .Values.architecture "high-availability" }} - - (write operations): - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }}-relay -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $SERVICE_IP -port {{ .Values.relay.service.port }} - - (read operations): - - {{- end }} - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host $SERVICE_IP -port {{ .Values.influxdb.service.port }} - -{{- else if contains "ClusterIP" .Values.influxdb.service.type }} - - {{- if eq .Values.architecture "high-availability" }} - - (write operations): - - kubectl port-forward svc/{{ include "common.names.fullname" . }}-relay 9096:{{ .Values.relay.service.port }} & - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host 127.0.0.1 -port 9096 - - (read operations): - - {{- end }} - - kubectl port-forward svc/{{ include "common.names.fullname" . }} 8086:{{ .Values.influxdb.service.port }} & - {{- if .Values.authEnabled }}INFLUX_USERNAME="{{ .Values.auth.admin.username }}" INFLUX_PASSWORD="$ADMIN_PASSWORD"{{- end }} influx -host 127.0.0.1 -port 8086 - -{{- end }} - -{{- if and (eq .Values.architecture "high-availability") (not .Values.influxdb.service.sessionAffinity) (not .Values.ingress.enabled) }} - -NOTE: When using "high-availability" it is recommended to configure 'influxdb.service.sessionAffinity' to prevent client connections from switching pods when connecting to InfluxDB UI. -{{- end }} - -{{- include "influxdb.validateValues" . }} - -{{- include "common.warnings.rollingTag" .Values.image }} -{{- include "common.warnings.rollingTag" .Values.relay.image }} -{{- include "common.warnings.rollingTag" .Values.backup.uploadProviders.google.image }} -{{- include "common.warnings.rollingTag" .Values.backup.uploadProviders.azure.image }} -{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} - -{{- $passwordValueConfigs := list -}} -{{- if not .Values.auth.existingSecret -}} - {{- $secretName := include "influxdb.secretName" . -}} - - {{- $adminPasswordConfig := dict "valueKey" "auth.admin.password" "secret" $secretName "field" "admin-user-password" "context" $ -}} - {{- $passwordValueConfigs = append $passwordValueConfigs $adminPasswordConfig -}} - {{- $adminTokenConfig := dict "valueKey" "auth.admin.token" "secret" $secretName "field" "admin-user-token" "context" $ -}} - {{- $passwordValueConfigs = append $passwordValueConfigs $adminTokenConfig -}} - - {{- if .Values.auth.user.username }} - {{- $userPasswordConfig := dict "valueKey" "auth.user.password" "secret" $secretName "field" "user-password" "context" $ -}} - {{- $passwordValueConfigs = append $passwordValueConfigs $userPasswordConfig -}} - {{- end }} - {{- if .Values.auth.readUser.username }} - {{- $readUserPasswordConfig := dict "valueKey" "auth.readUser.password" "secret" $secretName "field" "read-user-password" "context" $ -}} - {{- $passwordValueConfigs = append $passwordValueConfigs $readUserPasswordConfig -}} - {{- end }} - {{- if .Values.auth.writeUser.username }} - {{- $writeUserPasswordConfig := dict "valueKey" "auth.writeUser.password" "secret" $secretName "field" "write-user-password" "context" $ -}} - {{- $passwordValueConfigs = append $passwordValueConfigs $writeUserPasswordConfig -}} - {{- end }} -{{- end -}} - -{{- $passwordValidationErrors := include "common.validations.values.multiple.empty" (dict "required" $passwordValueConfigs "context" $) -}} -{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} - -{{- end }} diff --git a/influxdb/templates/_helpers.tpl b/influxdb/templates/_helpers.tpl deleted file mode 100644 index 304f761..0000000 --- a/influxdb/templates/_helpers.tpl +++ /dev/null @@ -1,153 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - - -{{/* -Return the proper InfluxDB™ image name -*/}} -{{- define "influxdb.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper InfluxDB Relay™ image name -*/}} -{{- define "influxdb.relay.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.relay.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper init container volume-permissions image name -*/}} -{{- define "influxdb.volumePermissions.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper gcloud-sdk image name -*/}} -{{- define "gcloudSdk.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.backup.uploadProviders.google.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper azure-cli image name -*/}} -{{- define "azureCli.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.backup.uploadProviders.azure.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "influxdb.imagePullSecrets" -}} -{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.relay.image .Values.volumePermissions.image .Values.backup.uploadProviders.google.image .Values.backup.uploadProviders.azure.image) "global" .Values.global) }} -{{- end -}} - -{{/* -Return the InfluxDB™ credentials secret. -*/}} -{{- define "influxdb.secretName" -}} -{{- if .Values.auth.existingSecret -}} - {{- printf "%s" (tpl .Values.auth.existingSecret $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the InfluxDB™ configuration configmap. -*/}} -{{- define "influxdb.configmapName" -}} -{{- if .Values.influxdb.existingConfiguration -}} - {{- printf "%s" (tpl .Values.influxdb.existingConfiguration $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the InfluxDB™ PVC name. -*/}} -{{- define "influxdb.claimName" -}} -{{- if .Values.persistence.existingClaim }} - {{- printf "%s" (tpl .Values.persistence.existingClaim $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the InfluxDB™ initialization scripts configmap. -*/}} -{{- define "influxdb.initdbScriptsConfigmapName" -}} -{{- if .Values.influxdb.initdbScriptsCM -}} - {{- printf "%s" (tpl .Values.influxdb.initdbScriptsCM $) -}} -{{- else -}} - {{- printf "%s-initdb-scripts" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the InfluxDB™ initialization scripts secret. -*/}} -{{- define "influxdb.initdbScriptsSecret" -}} -{{- printf "%s" (tpl .Values.influxdb.initdbScriptsSecret $) -}} -{{- end -}} - -{{/* -Return the InfluxDB™ configuration configmap. -*/}} -{{- define "influxdb.relay.configmapName" -}} -{{- if .Values.relay.existingConfiguration -}} - {{- printf "%s" (tpl .Values.relay.existingConfiguration $) -}} -{{- else -}} - {{- printf "%s-relay" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - - -{{/* -Return the appropriate apiVersion for networkPolicy -*/}} -{{- define "influxdb.networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} -"extensions/v1beta1" -{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.GitVersion -}} -"networking.k8s.io/v1" -{{- end -}} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "influxdb.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "influxdb.validateValues.architecture" .) -}} -{{- $messages := append $messages (include "influxdb.validateValues.replicaCount" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* Validate values of InfluxDB™ - must provide a valid architecture */}} -{{- define "influxdb.validateValues.architecture" -}} -{{- if and (ne .Values.architecture "standalone") (ne .Values.architecture "high-availability") -}} -influxdb: architecture - Invalid architecture selected. Valid values are "standalone" and - "high-availability". Please set a valid architecture (--set architecture="xxxx") -{{- end -}} -{{- end -}} - -{{/* Validate values of InfluxDB™ - number of replicas */}} -{{- define "influxdb.validateValues.replicaCount" -}} -{{- $replicaCount := int .Values.influxdb.replicaCount }} -{{- if and (eq .Values.architecture "standalone") (gt $replicaCount 1) -}} -influxdb: replicaCount - The standalone architecture doesn't allow to run more than 1 replica. - Please set a valid number of replicas (--set influxdb.replicaCount=1) or - use the "high-availability" architecture (--set architecture="high-availability") -{{- end -}} -{{- end -}} diff --git a/influxdb/templates/extradeploy.yaml b/influxdb/templates/extradeploy.yaml deleted file mode 100644 index 9ac65f9..0000000 --- a/influxdb/templates/extradeploy.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/influxdb/templates/influxdb/configmap-backup.yaml b/influxdb/templates/influxdb/configmap-backup.yaml deleted file mode 100644 index a79220a..0000000 --- a/influxdb/templates/influxdb/configmap-backup.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- if .Values.backup.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }}-backup - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - backup.sh: |- - #!/bin/bash - - set -e - - . /opt/bitnami/scripts/libinfluxdb.sh - - DATE="$(date +%Y%m%d_%H%M%S)" - BRANCH="$(influxdb_branch)" - - host="{{ include "common.names.fullname" . }}.{{ .Release.Namespace }}.svc" - - get_orgs() { - INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" org list 2> /dev/null | grep -v 'ID' | awk -F '\t' 'BEGIN{ORS=" "} {print $2}' - } - - get_databases() { - local org_name="${1:-}" - if [[ "${BRANCH}" = "1" ]]; then - influx -username "{{ .Values.auth.admin.username }}" -password "${INFLUXDB_ADMIN_USER_PASSWORD}" -host "${host}" -port {{ .Values.influxdb.service.port }} -execute 'SHOW DATABASES' | sed -e '1,3d' - else - INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" bucket list --org "${org_name}" 2> /dev/null | grep -v 'ID' | awk -F '\t' 'BEGIN{ORS=" "} {print $2}' - fi - } - - if [[ "${BRANCH}" = "1" ]]; then - for DATABASE in $(get_databases); do - echo "backuping ${DATABASE} db to {{ .Values.backup.directory }}/${DATABASE}" - mkdir -p {{ .Values.backup.directory }}/${DATABASE} - - influxd backup -host "${host}" -port {{ .Values.influxdb.service.port }} -portable -db ${DATABASE} {{ .Values.backup.directory }}/"${DATABASE}/${DATE}" - done - - echo "deleting old backups" - find {{ .Values.backup.directory }} -mindepth 2 -maxdepth 2 -not -name ".snapshot" -not -name "lost+found" -type d -mtime +{{ .Values.backup.retentionDays }} -exec rm -r {} \; - else - for ORG in $(get_orgs); do - for BUCKET in $(get_databases "${ORG}"); do - backup_dir="{{ .Values.backup.directory }}/${ORG}/${BUCKET}" - echo "backuping ${BUCKET} bucket to ${backup_dir}" - mkdir -p "${backup_dir}" - - INFLUX_TOKEN="${INFLUXDB_ADMIN_USER_TOKEN}" influx --host "http://${host}:{{ .Values.influxdb.service.port }}" backup --bucket "${BUCKET}" "${backup_dir}/${DATE}" - done - done - - echo "deleting old backups" - find {{ .Values.backup.directory }} -mindepth 3 -maxdepth 3 -not -name ".snapshot" -not -name "lost+found" -type d -mtime +{{ .Values.backup.retentionDays }} -exec rm -r {} \; - fi - upload-google.sh: |- - #!/bin/sh - - set -e - - gcloud auth activate-service-account --key-file /var/secrets/google/{{ .Values.backup.uploadProviders.google.secretKey }} - gsutil -m rsync -r -d {{ .Values.backup.directory }}/ {{ .Values.backup.uploadProviders.google.bucketName }} - upload-azure.sh: |- - #!/bin/sh - - set -e - - az storage blob sync --source {{ .Values.backup.directory }} --container {{ .Values.backup.uploadProviders.azure.containerName }} -{{ end }} diff --git a/influxdb/templates/influxdb/configmap-initdb-scripts.yaml b/influxdb/templates/influxdb/configmap-initdb-scripts.yaml deleted file mode 100644 index 222d629..0000000 --- a/influxdb/templates/influxdb/configmap-initdb-scripts.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and (.Values.influxdb.initdbScripts) (not .Values.influxdb.initdbScriptsCM) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }}-initdb-scripts - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - {{ include "common.tplvalues.render" (dict "value" .Values.influxdb.initdbScripts "context" $) | nindent 2 }} -{{- end }} diff --git a/influxdb/templates/influxdb/configmap.yaml b/influxdb/templates/influxdb/configmap.yaml deleted file mode 100644 index a13da4d..0000000 --- a/influxdb/templates/influxdb/configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and .Values.influxdb.configuration (not .Values.influxdb.existingConfiguration) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - influxdb.conf: |- - # User-supplied configuration: - {{ include "common.tplvalues.render" (dict "value" .Values.influxdb.configuration "context" $) | nindent 4 }} -{{- end }} diff --git a/influxdb/templates/influxdb/cronjob-backup.yaml b/influxdb/templates/influxdb/cronjob-backup.yaml deleted file mode 100644 index ea4295c..0000000 --- a/influxdb/templates/influxdb/cronjob-backup.yaml +++ /dev/null @@ -1,147 +0,0 @@ -{{- if .Values.backup.enabled }} -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: "{{ template "common.names.fullname" . }}-backup" - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - schedule: {{.Values.backup.cronjob.schedule | quote }} - concurrencyPolicy: Forbid - successfulJobsHistoryLimit: {{ .Values.backup.cronjob.historyLimit }} - failedJobsHistoryLimit: {{ .Values.backup.cronjob.historyLimit }} - jobTemplate: - spec: - template: - metadata: - labels: - {{- include "common.labels.matchLabels" . | nindent 12 }} - annotations: - {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.podAnnotations "context" $) | nindent 12 }} - spec: - {{- if .Values.backup.cronjob.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.backup.cronjob.securityContext.fsGroup }} - runAsUser: {{ .Values.backup.cronjob.securityContext.runAsUser }} - {{- end }} - restartPolicy: OnFailure - volumes: - - name: backup-scripts - configMap: - name: {{ include "common.names.fullname" . }}-backup - defaultMode: 0755 - {{- if .Values.backup.uploadProviders.google.enabled }} - - name: google-cloud-key - secret: - {{- if .Values.backup.uploadProviders.google.existingSecret }} - secretName: {{ .Values.backup.uploadProviders.google.existingSecret | quote }} - {{- else }} - secretName: {{ include "common.names.fullname" . }}-backup-gcloud - {{- end }} - {{- end }} - - name: {{ include "common.names.fullname" . }}-backups - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "common.names.fullname" . }}-backups - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.backup.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.backup.affinity "context" $) | nindent 12 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.backup.podAffinityPreset "component" "influxdb" "context" $) | nindent 14 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.backup.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 14 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.backup.nodeAffinityPreset.type "key" .Values.backup.nodeAffinityPreset.key "values" .Values.backup.nodeAffinityPreset.values) | nindent 14 }} - {{- end }} - {{- if .Values.backup.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.backup.nodeSelector "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.backup.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.backup.tolerations "context" $) | nindent 10 }} - {{- end }} - initContainers: - - name: influxdb-backup - image: {{ include "influxdb.image" . | quote }} - env: - - name: INFLUXDB_ADMIN_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-password - - name: INFLUXDB_ADMIN_USER_TOKEN - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-token - command: - - "/tmp/backup.sh" - volumeMounts: - - name: {{ include "common.names.fullname" . }}-backups - mountPath: {{ .Values.backup.directory | quote }} - - name: backup-scripts - mountPath: /tmp/backup.sh - subPath: backup.sh - containers: - - name: influxdb-backup-dummy-container - image: {{ include "influxdb.image" . | quote }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} - {{- else }} - command: - - "/bin/true" - {{- end }} - {{- if .Values.backup.uploadProviders.google.enabled }} - - name: gsutil-cp - image: {{ include "gcloudSdk.image" . }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} - {{- else }} - command: - - "/tmp/upload-google.sh" - {{- end }} - volumeMounts: - - name: {{ include "common.names.fullname" . }}-backups - mountPath: {{ .Values.backup.directory | quote }} - - name: backup-scripts - mountPath: /tmp/upload-google.sh - subPath: upload-google.sh - - name: google-cloud-key - mountPath: /var/secrets/google/ - {{- end }} - {{- if .Values.backup.uploadProviders.azure.enabled }} - - name: azure-cli - image: {{ include "azureCli.image" . }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 16 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 16 }} - {{- else }} - command: - - "/tmp/upload-azure.sh" - {{- end }} - env: - - name: AZURE_STORAGE_CONNECTION_STRING - valueFrom: - secretKeyRef: - {{- if .Values.backup.uploadProviders.azure.existingSecret }} - name: {{ .Values.backup.uploadProviders.azure.existingSecret | quote }} - {{- else }} - name: {{ include "common.names.fullname" . }}-backup-azure - {{- end }} - key: {{ .Values.backup.uploadProviders.azure.secretKey }} - volumeMounts: - - name: {{ include "common.names.fullname" . }}-backups - mountPath: {{ .Values.backup.directory | quote }} - - name: backup-scripts - mountPath: /tmp/upload-azure.sh - subPath: upload-azure.sh - {{- end }} -{{- end }} diff --git a/influxdb/templates/influxdb/deployment-standalone.yaml b/influxdb/templates/influxdb/deployment-standalone.yaml deleted file mode 100644 index b76887f..0000000 --- a/influxdb/templates/influxdb/deployment-standalone.yaml +++ /dev/null @@ -1,310 +0,0 @@ -{{- if eq .Values.architecture "standalone" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - replicas: 1 - strategy: - type: {{ .Values.influxdb.updateStrategy }} - {{- if (eq "Recreate" .Values.influxdb.updateStrategy) }} - rollingUpdate: null - {{- end }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - app.kubernetes.io/component: influxdb - template: - metadata: - labels: - {{- include "common.labels.standard" . | nindent 8 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }} - {{- end }} - spec: - {{- include "influxdb.imagePullSecrets" . | nindent 6 }} - {{- if .Values.influxdb.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.influxdb.nodeAffinityPreset.type "key" .Values.influxdb.nodeAffinityPreset.key "values" .Values.influxdb.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.influxdb.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.influxdb.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.influxdb.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.influxdb.securityContext.fsGroup }} - {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - initContainers: - - name: init-chmod-data - image: {{ include "influxdb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -c - - | - mkdir -p /bitnami/influxdb/{data,meta,wal} - chmod 700 /bitnami/influxdb/{data,meta,wal} - find /bitnami/influxdb/{data,meta,wal} -mindepth 0 -maxdepth 1 | \ - {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} - xargs chown -R `id -u`:`id -G | cut -d " " -f2` - {{- else }} - xargs chown -R {{ .Values.influxdb.securityContext.runAsUser }}:{{ .Values.influxdb.securityContext.fsGroup }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} - securityContext: - {{- else }} - securityContext: - runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/influxdb - {{- end }} - containers: - - name: influxdb - image: {{ include "influxdb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.influxdb.securityContext.enabled }} - securityContext: - runAsUser: {{ .Values.influxdb.securityContext.runAsUser }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: INFLUXDB_HTTP_AUTH_ENABLED - value: {{ .Values.auth.enabled | quote }} - - name: INFLUXDB_CREATE_USER_TOKEN - value: {{ ternary "yes" "no" .Values.auth.createUserToken | quote }} - {{- if .Values.auth.admin.username }} - - name: INFLUXDB_ADMIN_USER - value: {{ .Values.auth.admin.username | quote }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_ADMIN_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/admin-user-password" - {{- else }} - - name: INFLUXDB_ADMIN_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-password - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_ADMIN_USER_TOKEN_FILE - value: "/opt/bitnami/influxdb/secrets/admin-user-token" - {{- else }} - - name: INFLUXDB_ADMIN_USER_TOKEN - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-token - {{- end }} - - name: INFLUXDB_ADMIN_BUCKET - value: {{ .Values.auth.admin.bucket | quote }} - - name: INFLUXDB_ADMIN_ORG - value: {{ .Values.auth.admin.org | quote }} - {{- if .Values.auth.user.username }} - - name: INFLUXDB_USER - value: {{ .Values.auth.user.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/user-password" - {{- else }} - - name: INFLUXDB_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: user-password - {{- end }} - {{- end }} - {{- if .Values.auth.user.bucket }} - - name: INFLUXDB_USER_BUCKET - value: {{ .Values.auth.user.bucket | quote }} - {{- end }} - {{- if .Values.auth.user.org }} - - name: INFLUXDB_USER_ORG - value: {{ .Values.auth.user.org | quote }} - {{- end }} - {{- if .Values.auth.readUser.username }} - - name: INFLUXDB_READ_USER - value: {{ .Values.auth.readUser.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_READ_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/read-user-password" - {{- else }} - - name: INFLUXDB_READ_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: read-user-password - {{- end }} - {{- end }} - {{- if .Values.auth.writeUser.username }} - - name: INFLUXDB_WRITE_USER - value: {{ .Values.auth.writeUser.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_WRITE_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/write-user-password" - {{- else }} - - name: INFLUXDB_WRITE_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: write-user-password - {{- end }} - {{- end }} - {{- if .Values.auth.user.bucket }} - - name: INFLUXDB_DB - value: {{ .Values.auth.user.bucket | quote }} - {{- end }} - {{- if .Values.influxdb.extraEnvVars }} - {{- tpl (toYaml .Values.influxdb.extraEnvVars) $ | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.influxdb.containerPorts.http }} - protocol: TCP - - name: rpc - containerPort: {{ .Values.influxdb.containerPorts.rpc }} - protocol: TCP - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.influxdb.livenessProbe.enabled }} - {{- $livenessTimeout := sub (int .Values.influxdb.livenessProbe.timeoutSeconds) 1 }} - livenessProbe: {{- omit .Values.influxdb.livenessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - bash - - -c - - | - . /opt/bitnami/scripts/libinfluxdb.sh - - influxdb_env - - {{- if .Values.auth.enabled }} - export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" - export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" - {{- end }} - - branch=$(influxdb_branch) - - if [[ "$branch" = "2" ]]; then - timeout {{ $livenessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping - else - timeout {{ $livenessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" - fi - {{- else if .Values.influxdb.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customLivenessProbe "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.influxdb.readinessProbe.enabled }} - {{- $readinessTimeout := sub (int .Values.influxdb.readinessProbe.timeoutSeconds) 1 }} - readinessProbe: {{- omit .Values.influxdb.readinessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - bash - - -c - - | - . /opt/bitnami/scripts/libinfluxdb.sh - - influxdb_env - - {{- if .Values.auth.enabled }} - export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" - export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" - {{- end }} - - branch=$(influxdb_branch) - - if [[ "$branch" = "2" ]]; then - timeout {{ $readinessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping - else - timeout {{ $readinessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" - fi - {{- else if .Values.influxdb.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customReadinessProbe "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.influxdb.resources }} - resources: {{- toYaml .Values.influxdb.resources | nindent 12 }} - {{- end }} - volumeMounts: - {{- if or .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} - - name: influxdb-config - mountPath: /opt/bitnami/influxdb/etc - {{- end }} - {{- if or .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d/ - {{- end }} - {{- if .Values.influxdb.initdbScriptsSecret }} - - name: custom-init-scripts-secret - mountPath: /docker-entrypoint-initdb.d/secret - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: influxdb-credentials - mountPath: /opt/bitnami/influxdb/secrets/ - {{- end }} - {{- if .Values.persistence.enabled }} - - name: data - mountPath: /bitnami/influxdb - {{- end }} - {{- if .Values.influxdb.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - volumes: - {{- if or .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} - - name: influxdb-config - configMap: - name: {{ include "influxdb.configmapName" . }} - {{- end }} - {{- if or .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} - - name: custom-init-scripts - configMap: - name: {{ include "influxdb.initdbScriptsConfigmapName" . }} - {{- end }} - {{- if .Values.influxdb.initdbScriptsSecret }} - - name: custom-init-scripts-secret - secret: - secretName: {{ template "influxdb.initdbScriptsSecret" . }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: influxdb-credentials - secret: - secretName: {{ include "influxdb.secretName" . }} - {{- end }} - - name: data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "influxdb.claimName" . }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.influxdb.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumes "context" $) | nindent 8 }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/influxdb/pvc-backup.yaml b/influxdb/templates/influxdb/pvc-backup.yaml deleted file mode 100644 index c639444..0000000 --- a/influxdb/templates/influxdb/pvc-backup.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if and .Values.backup.enabled .Values.persistence.enabled (not .Values.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.names.fullname" . }}-backups - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 2 }} -{{- end }} diff --git a/influxdb/templates/influxdb/pvc.yaml b/influxdb/templates/influxdb/pvc.yaml deleted file mode 100644 index 43e8f04..0000000 --- a/influxdb/templates/influxdb/pvc.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if and (eq .Values.architecture "standalone") .Values.persistence.enabled (not .Values.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 2 }} -{{- end }} diff --git a/influxdb/templates/influxdb/secrets-backup.yaml b/influxdb/templates/influxdb/secrets-backup.yaml deleted file mode 100644 index e09f97e..0000000 --- a/influxdb/templates/influxdb/secrets-backup.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.backup.enabled }} -{{- if and (.Values.backup.uploadProviders.google.enabled) (not .Values.backup.uploadProviders.google.existingSecret) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-backup-gcloud - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{ .Values.backup.uploadProviders.google.secretKey }}: {{ .Values.backup.uploadProviders.google.secret | b64enc | quote }} -{{- end }} ---- -{{ if and (.Values.backup.uploadProviders.azure.enabled) (not .Values.backup.uploadProviders.azure.existingSecret) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-backup-azure - labels: - {{- include "common.labels.standard" . | nindent 4 }} -type: Opaque -data: - {{ .Values.backup.uploadProviders.azure.secretKey }}: {{ .Values.backup.uploadProviders.azure.secret | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/influxdb/templates/influxdb/secrets.yaml b/influxdb/templates/influxdb/secrets.yaml deleted file mode 100644 index f8a186e..0000000 --- a/influxdb/templates/influxdb/secrets.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if (not .Values.auth.existingSecret) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - admin-user-password: {{ ternary (randAlphaNum 10) .Values.auth.admin.password (empty .Values.auth.admin.password) | b64enc | quote }} - admin-user-token: {{ ternary (randAlphaNum 20) .Values.auth.admin.token (empty .Values.auth.admin.token) | b64enc | quote }} - {{- if .Values.auth.user.username }} - user-password: {{ ternary (randAlphaNum 10) .Values.auth.user.password (empty .Values.auth.user.password) | b64enc | quote }} - {{- end }} - {{- if .Values.auth.readUser.username }} - read-user-password: {{ ternary (randAlphaNum 10) .Values.auth.readUser.password (empty .Values.auth.readUser.password) | b64enc | quote }} - {{- end }} - {{- if .Values.auth.writeUser.username }} - write-user-password: {{ ternary (randAlphaNum 10) .Values.auth.writeUser.password (empty .Values.auth.writeUser.password) | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/influxdb/service-headless.yaml b/influxdb/templates/influxdb/service-headless.yaml deleted file mode 100644 index fad4554..0000000 --- a/influxdb/templates/influxdb/service-headless.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if eq .Values.architecture "high-availability" }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }}-headless - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - clusterIP: None - ports: - - port: {{ .Values.influxdb.service.port }} - targetPort: http - protocol: TCP - name: http - - port: {{ .Values.influxdb.service.rpcPort }} - targetPort: rpc - protocol: TCP - name: rpc - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: influxdb -{{- end }} diff --git a/influxdb/templates/influxdb/service-metrics.yaml b/influxdb/templates/influxdb/service-metrics.yaml deleted file mode 100644 index 726228d..0000000 --- a/influxdb/templates/influxdb/service-metrics.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }}-metrics - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.metrics.service.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: {{ .Values.metrics.service.type }} - {{- if and .Values.metrics.service.loadBalancerIP (eq .Values.metrics.service.type "LoadBalancer") }} - loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- with .Values.metrics.service.loadBalancerSourceRanges }} -{{ toYaml . | nindent 4 }} - {{- end }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "ClusterIP") .Values.metrics.service.clusterIP }} - clusterIP: {{ .Values.metrics.service.clusterIP }} - {{- end }} - ports: - - port: {{ .Values.metrics.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if (and (or (eq .Values.metrics.service.type "NodePort") (eq .Values.metrics.service.type "LoadBalancer")) (not (empty .Values.metrics.service.nodePort)))}} - nodePort: {{ .Values.metrics.service.nodePort }} - {{- else if eq .Values.metrics.service.type "ClusterIP" }} - nodePort: null - {{- end }} - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: influxdb -{{- end }} diff --git a/influxdb/templates/influxdb/service.yaml b/influxdb/templates/influxdb/service.yaml deleted file mode 100644 index 9ecbc9d..0000000 --- a/influxdb/templates/influxdb/service.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.influxdb.service.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.influxdb.service.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.influxdb.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: {{ .Values.influxdb.service.type }} - {{- if and .Values.influxdb.service.loadBalancerIP (eq .Values.influxdb.service.type "LoadBalancer") }} - loadBalancerIP: {{ .Values.influxdb.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.influxdb.service.type "LoadBalancer") .Values.influxdb.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- with .Values.influxdb.service.loadBalancerSourceRanges }} -{{ toYaml . | nindent 4 }} - {{- end }} - {{- end }} - {{- if and (eq .Values.influxdb.service.type "ClusterIP") .Values.influxdb.service.clusterIP }} - clusterIP: {{ .Values.influxdb.service.clusterIP }} - {{- end }} - {{- if .Values.influxdb.service.sessionAffinity }} - sessionAffinity: {{ .Values.influxdb.service.sessionAffinity }} - {{- if .Values.influxdb.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - {{- end }} - ports: - - port: {{ .Values.influxdb.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if (and (or (eq .Values.influxdb.service.type "NodePort") (eq .Values.influxdb.service.type "LoadBalancer")) (not (empty .Values.influxdb.service.nodePorts.http)))}} - nodePort: {{ .Values.influxdb.service.nodePorts.http }} - {{- else if eq .Values.influxdb.service.type "ClusterIP" }} - nodePort: null - {{- end }} - - port: {{ .Values.influxdb.service.rpcPort }} - targetPort: rpc - protocol: TCP - name: rpc - {{- if (and (or (eq .Values.influxdb.service.type "NodePort") (eq .Values.influxdb.service.type "LoadBalancer")) (not (empty .Values.influxdb.service.nodePorts.rpc)))}} - nodePort: {{ .Values.influxdb.service.nodePorts.rpc }} - {{- else if eq .Values.influxdb.service.type "ClusterIP" }} - nodePort: null - {{- end }} - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: influxdb diff --git a/influxdb/templates/influxdb/servicemonitor.yaml b/influxdb/templates/influxdb/servicemonitor.yaml deleted file mode 100644 index cab7597..0000000 --- a/influxdb/templates/influxdb/servicemonitor.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }} - {{- if .Values.metrics.serviceMonitor.selector }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} - {{- end }} - app.kubernetes.io/component: influxdb - endpoints: - - port: http - path: "/metrics" - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} -{{- end }} diff --git a/influxdb/templates/influxdb/statefulset-high-availability.yaml b/influxdb/templates/influxdb/statefulset-high-availability.yaml deleted file mode 100644 index 69a38ee..0000000 --- a/influxdb/templates/influxdb/statefulset-high-availability.yaml +++ /dev/null @@ -1,322 +0,0 @@ -{{- if eq .Values.architecture "high-availability" }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - serviceName: {{ include "common.names.fullname" . }}-headless - podManagementPolicy: {{ .Values.influxdb.podManagementPolicy }} - replicas: {{ .Values.influxdb.replicaCount }} - updateStrategy: - type: {{ .Values.influxdb.updateStrategy }} - {{- if (eq "OnDelete" .Values.influxdb.updateStrategy) }} - rollingUpdate: null - {{- end }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - app.kubernetes.io/component: influxdb - template: - metadata: - labels: - {{ include "common.labels.standard" . | nindent 8 }} - app.kubernetes.io/component: influxdb - spec: - {{- include "influxdb.imagePullSecrets" . | nindent 6 }} - {{- if .Values.influxdb.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.influxdb.podAntiAffinityPreset "component" "influxdb" "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.influxdb.nodeAffinityPreset.type "key" .Values.influxdb.nodeAffinityPreset.key "values" .Values.influxdb.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.influxdb.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.influxdb.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.influxdb.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.influxdb.securityContext.fsGroup }} - {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - initContainers: - - name: init-chmod-data - image: {{ include "influxdb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -c - - | - mkdir -p /bitnami/influxdb/{data,meta,wal} - chmod 700 /bitnami/influxdb/{data,meta,wal} - {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G` /bitnami/influxdb/{data,meta,wal} - {{- else }} - chown -R {{ .Values.influxdb.securityContext.runAsUser }}:{{ .Values.influxdb.securityContext.fsGroup }} /bitnami/influxdb/{data,meta,wal} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }} - securityContext: - {{- else }} - securityContext: - runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/influxdb - {{- end }} - containers: - - name: influxdb - image: {{ include "influxdb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.influxdb.securityContext.enabled }} - securityContext: - runAsUser: {{ .Values.influxdb.securityContext.runAsUser }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: INFLUXDB_HTTP_AUTH_ENABLED - value: {{ .Values.auth.enabled | quote }} - - name: INFLUXDB_CREATE_USER_TOKEN - value: {{ ternary "yes" "no" .Values.auth.createUserToken | quote }} - {{- if .Values.auth.admin.username }} - - name: INFLUXDB_ADMIN_USER - value: {{ .Values.auth.admin.username | quote }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_ADMIN_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/admin-user-password" - {{- else }} - - name: INFLUXDB_ADMIN_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-password - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_ADMIN_USER_TOKEN_FILE - value: "/opt/bitnami/influxdb/secrets/admin-user-token" - {{- else }} - - name: INFLUXDB_ADMIN_USER_TOKEN - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: admin-user-token - {{- end }} - - name: INFLUXDB_ADMIN_BUCKET - value: {{ .Values.auth.admin.bucket | quote }} - - name: INFLUXDB_ADMIN_ORG - value: {{ .Values.auth.admin.org | quote }} - {{- if .Values.auth.user.username }} - - name: INFLUXDB_USER - value: {{ .Values.auth.user.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/user-password" - {{- else }} - - name: INFLUXDB_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: user-password - {{- end }} - {{- end }} - {{- if .Values.auth.user.bucket }} - - name: INFLUXDB_USER_BUCKET - value: {{ .Values.auth.user.bucket | quote }} - {{- end }} - {{- if .Values.auth.user.org }} - - name: INFLUXDB_USER_ORG - value: {{ .Values.auth.user.org | quote }} - {{- end }} - {{- if .Values.auth.readUser.username }} - - name: INFLUXDB_READ_USER - value: {{ .Values.auth.readUser.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_READ_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/read-user-password" - {{- else }} - - name: INFLUXDB_READ_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: read-user-password - {{- end }} - {{- end }} - {{- if .Values.auth.writeUser.username }} - - name: INFLUXDB_WRITE_USER - value: {{ .Values.auth.writeUser.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: INFLUXDB_WRITE_USER_PASSWORD_FILE - value: "/opt/bitnami/influxdb/secrets/write-user-password" - {{- else }} - - name: INFLUXDB_WRITE_USER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "influxdb.secretName" . }} - key: write-user-password - {{- end }} - {{- end }} - {{- if .Values.auth.user.bucket }} - - name: INFLUXDB_DB - value: {{ .Values.auth.user.bucket | quote }} - {{- end }} - {{- if .Values.influxdb.extraEnvVars }} - {{- tpl (toYaml .Values.influxdb.extraEnvVars) $ | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.influxdb.containerPorts.http }} - protocol: TCP - - name: rpc - containerPort: {{ .Values.influxdb.containerPorts.rpc }} - protocol: TCP - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.influxdb.livenessProbe.enabled }} - {{- $livenessTimeout := sub (int .Values.influxdb.livenessProbe.timeoutSeconds) 1 }} - livenessProbe: {{- omit .Values.influxdb.livenessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - bash - - -c - - | - . /opt/bitnami/scripts/libinfluxdb.sh - - influxdb_env - - {{- if .Values.auth.enabled }} - export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" - export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" - {{- end }} - - branch=$(influxdb_branch) - - if [[ "$branch" = "2" ]]; then - timeout {{ $livenessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping - else - timeout {{ $livenessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" - fi - {{- else if .Values.influxdb.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customLivenessProbe "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.influxdb.readinessProbe.enabled }} - {{- $readinessTimeout := sub (int .Values.influxdb.readinessProbe.timeoutSeconds) 1 }} - readinessProbe: {{- omit .Values.influxdb.readinessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - bash - - -c - - | - . /opt/bitnami/scripts/libinfluxdb.sh - - influxdb_env - - {{- if .Values.auth.enabled }} - export INFLUX_USERNAME="$INFLUXDB_ADMIN_USER" - export INFLUX_PASSWORD="$INFLUXDB_ADMIN_USER_PASSWORD" - {{- end }} - - branch=$(influxdb_branch) - - if [[ "$branch" = "2" ]]; then - timeout {{ $readinessTimeout }}s influx --host http://$POD_IP:{{ .Values.influxdb.containerPorts.http }} ping - else - timeout {{ $readinessTimeout }}s influx -host $POD_IP -port {{ .Values.influxdb.containerPorts.http }} -execute "SHOW DATABASES" - fi - {{- else if .Values.influxdb.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.customReadinessProbe "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.influxdb.resources }} - resources: {{- toYaml .Values.influxdb.resources | nindent 12 }} - {{- end }} - volumeMounts: - {{- if or (.Files.Glob "files/conf/influxdb.conf") .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} - - name: influxdb-config - mountPath: /opt/bitnami/influxdb/etc - {{- end }} - {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,txt}") .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d/ - {{- end }} - {{- if .Values.influxdb.initdbScriptsSecret }} - - name: custom-init-scripts-secret - mountPath: /docker-entrypoint-initdb.d/secret - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: influxdb-credentials - mountPath: /opt/bitnami/influxdb/secrets/ - {{- end }} - {{- if .Values.persistence.enabled }} - - name: data - mountPath: /bitnami/influxdb - {{- end }} - {{- if .Values.influxdb.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - volumes: - {{- if or (.Files.Glob "files/conf/influxdb.conf") .Values.influxdb.configuration .Values.influxdb.existingConfiguration }} - - name: influxdb-config - configMap: - name: {{ include "influxdb.configmapName" . }} - {{- end }} - {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*.{sh,txt}") .Values.influxdb.initdbScripts .Values.influxdb.initdbScriptsCM }} - - name: custom-init-scripts - configMap: - name: {{ include "influxdb.initdbScriptsConfigmapName" . }} - {{- end }} - {{- if .Values.influxdb.initdbScriptsSecret }} - - name: custom-init-scripts-secret - secret: - secretName: {{ template "influxdb.initdbScriptsSecret" . }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: influxdb-credentials - secret: - secretName: {{ include "influxdb.secretName" . }} - {{- end }} - {{- if .Values.influxdb.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.influxdb.extraVolumes "context" $) | nindent 8 }} - {{- end }} - {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - - name: data - persistentVolumeClaim: - claimName: {{ .Values.persistence.existingClaim }} - {{- else if not .Values.persistence.enabled }} - - name: data - emptyDir: {} - {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- include "common.storage.class" ( dict "persistence" .Values.persistence "global" $) | nindent 8 }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/ingress.yaml b/influxdb/templates/ingress.yaml deleted file mode 100644 index 84b6054..0000000 --- a/influxdb/templates/ingress.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $architecture := .Values.architecture }} -apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ template "common.names.fullname" . }} - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.ingress.annotations .Values.commonAnnotations .Values.ingress.certManager }} - annotations: - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.ingress.certManager }} - kubernetes.io/tls-acme: "true" - {{- end }} - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ include "common.tplvalues.render" ( dict "value" $value "context" $ ) | quote }} - {{- end }} - {{- end }} -spec: - rules: - {{- if .Values.ingress.hostname }} - - host: {{ .Values.ingress.hostname }} - http: - paths: - {{- if .Values.ingress.extraPaths }} - {{- toYaml .Values.ingress.extraPaths | nindent 10 }} - {{- end }} - {{- if eq $architecture "high-availability" }} - - path: /write - {{- if eq "true" (include "common.ingress.supportsPathType" .) }} - pathType: {{ .Values.ingress.pathType }} - {{- end }} - {{- $relayServiceName := printf "%s-%s" (include "common.names.fullname" .) "relay" }} - backend: {{- include "common.ingress.backend" (dict "serviceName" $relayServiceName "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - - path: {{ default "/" .Values.ingress.path }} - {{- if eq "true" (include "common.ingress.supportsPathType" .) }} - pathType: {{ .Values.ingress.pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - {{- range .Values.ingress.extraHosts }} - - host: {{ .name | quote }} - http: - paths: - {{- if $.Values.ingress.extraPaths }} - {{- toYaml $.Values.ingress.extraPaths | nindent 10 }} - {{- end }} - {{- if eq $architecture "high-availability" }} - - path: /write - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ $.Values.ingress.pathType }} - {{- end }} - {{- $relayServiceName := printf "%s-%s" (include "common.names.fullname" $) "relay" }} - backend: {{- include "common.ingress.backend" (dict "serviceName" $relayServiceName "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - - path: {{ default "/" .path }} - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ default "ImplementationSpecific" .pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - {{- if or .Values.ingress.tls .Values.ingress.extraTls }} - tls: - {{- if .Values.ingress.tls }} - - hosts: - - {{ .Values.ingress.hostname }} - secretName: {{ printf "%s-tls" .Values.ingress.hostname }} - {{- end }} - {{- if .Values.ingress.extraTls }} - {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/networkpolicy.yaml b/influxdb/templates/networkpolicy.yaml deleted file mode 100644 index f4bcd9b..0000000 --- a/influxdb/templates/networkpolicy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ template "influxdb.networkPolicy.apiVersion" . }} -metadata: - name: {{ include "common.names.fullname" . }} - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - podSelector: - matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }} - app.kubernetes.io/component: influxdb - policyTypes: - - Ingress - ingress: - # Allow inbound connections - - ports: - - port: {{ .Values.influxdb.containerPorts.http }} - protocol: TCP - - port: {{ .Values.influxdb.containerPorts.rpc }} - protocol: TCP - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - {{- if eq .Values.architecture "high-availability" }} - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" . | nindent 14 }} - app.kubernetes.io/component: relay - {{- end }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/relay/configmap.yaml b/influxdb/templates/relay/configmap.yaml deleted file mode 100644 index c61a383..0000000 --- a/influxdb/templates/relay/configmap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if and (eq .Values.architecture "high-availability") .Values.relay.configuration (not .Values.relay.existingConfiguration) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }}-relay - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: relay - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - relay.toml: |- - {{ include "common.tplvalues.render" (dict "value" .Values.relay.configuration "context" $) | nindent 4 }} -{{- end }} diff --git a/influxdb/templates/relay/deployment.yaml b/influxdb/templates/relay/deployment.yaml deleted file mode 100644 index 7417c96..0000000 --- a/influxdb/templates/relay/deployment.yaml +++ /dev/null @@ -1,105 +0,0 @@ -{{- if eq .Values.architecture "high-availability" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.names.fullname" . }}-relay - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: relay - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.relay.replicaCount }} - strategy: - type: {{ .Values.relay.updateStrategy }} - {{- if (eq "Recreate" .Values.relay.updateStrategy) }} - rollingUpdate: null - {{- end }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - app.kubernetes.io/component: relay - template: - metadata: - labels: - {{- include "common.labels.standard" . | nindent 8 }} - app.kubernetes.io/component: relay - spec: - {{- include "influxdb.imagePullSecrets" . | nindent 6 }} - {{- if .Values.relay.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.relay.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.relay.podAffinityPreset "component" "relay" "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.relay.podAntiAffinityPreset "component" "relay" "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.relay.nodeAffinityPreset.type "key" .Values.relay.nodeAffinityPreset.key "values" .Values.relay.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.relay.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.relay.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.relay.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.relay.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.relay.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.relay.securityContext.fsGroup }} - {{- end }} - containers: - - name: relay - image: {{ include "influxdb.relay.image" . }} - imagePullPolicy: {{ .Values.relay.image.pullPolicy | quote }} - {{- if .Values.relay.securityContext.enabled }} - securityContext: - runAsUser: {{ .Values.relay.securityContext.runAsUser }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else }} - command: - - /influxdb-relay - args: - - -config - - /conf/relay.toml - {{- end }} - ports: - - name: http - containerPort: {{ .Values.relay.containerPorts.http }} - protocol: TCP - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.relay.livenessProbe.enabled }} - livenessProbe: {{- omit .Values.relay.livenessProbe "enabled" | toYaml | nindent 12 }} - tcpSocket: - port: http - {{- else if .Values.relay.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.relay.customLivenessProbe "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.relay.readinessProbe.enabled }} - readinessProbe: {{- omit .Values.relay.readinessProbe "enabled" | toYaml | nindent 12 }} - tcpSocket: - port: http - {{- else if .Values.relay.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.relay.customReadinessProbe "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.relay.resources }} - resources: {{- toYaml .Values.relay.resources | nindent 12 }} - {{- end }} - volumeMounts: - - name: relay-config - mountPath: /conf - {{- if .Values.relay.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.relay.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - volumes: - - name: relay-config - configMap: - name: {{ include "influxdb.relay.configmapName" . }} - {{- if .Values.relay.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.relay.extraVolumes "context" $) | nindent 8 }} - {{- end }} -{{- end }} diff --git a/influxdb/templates/relay/service.yaml b/influxdb/templates/relay/service.yaml deleted file mode 100644 index 60f71f7..0000000 --- a/influxdb/templates/relay/service.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if eq .Values.architecture "high-availability" }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }}-relay - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: relay - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.relay.service.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.relay.service.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.relay.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: {{ .Values.relay.service.type }} - {{- if and .Values.relay.service.loadBalancerIP (eq .Values.relay.service.type "LoadBalancer") }} - loadBalancerIP: {{ .Values.relay.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.relay.service.type "LoadBalancer") .Values.relay.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{ with .Values.relay.service.loadBalancerSourceRanges }} -{{ toYaml . | indent 4 }} - {{- end }} - {{- end }} - {{- if and (eq .Values.relay.service.type "ClusterIP") .Values.relay.service.clusterIP }} - clusterIP: {{ .Values.relay.service.clusterIP }} - {{- end }} - ports: - - port: {{ .Values.relay.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if (and (or (eq .Values.relay.service.type "NodePort") (eq .Values.relay.service.type "LoadBalancer")) (not (empty .Values.relay.service.nodePort)))}} - nodePort: {{ .Values.relay.service.nodePort }} - {{- else if eq .Values.relay.service.type "ClusterIP" }} - nodePort: null - {{- end }} - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: relay -{{- end }} diff --git a/influxdb/templates/service-collectd.yaml b/influxdb/templates/service-collectd.yaml deleted file mode 100644 index 50ee93f..0000000 --- a/influxdb/templates/service-collectd.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if .Values.collectd.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }}-collectd - labels: - {{- include "common.labels.standard" . | nindent 4 }} - app.kubernetes.io/component: influxdb - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if or .Values.collectd.service.annotations .Values.commonAnnotations }} - annotations: - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.collectd.service.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.collectd.service.annotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: {{ .Values.collectd.service.type }} - {{- if and .Values.collectd.service.loadBalancerIP (eq .Values.collectd.service.type "LoadBalancer") }} - loadBalancerIP: {{ .Values.collectd.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.collectd.service.type "LoadBalancer") .Values.collectd.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- with .Values.collectd.service.loadBalancerSourceRanges }} -{{ toYaml . | nindent 4 }} - {{- end }} - {{- end }} - {{- if and (eq .Values.collectd.service.type "ClusterIP") .Values.collectd.service.clusterIP }} - clusterIP: {{ .Values.collectd.service.clusterIP }} - {{- end }} - ports: - - port: {{ .Values.collectd.service.port }} - targetPort: {{ .Values.collectd.service.port }} - protocol: UDP - name: udp - {{- if (and (or (eq .Values.collectd.service.type "NodePort") (eq .Values.collectd.service.type "LoadBalancer")) (not (empty .Values.collectd.service.nodePort)))}} - nodePort: {{ .Values.collectd.service.nodePort }} - {{- else if eq .Values.collectd.service.type "ClusterIP" }} - nodePort: null - {{- end }} - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - app.kubernetes.io/component: influxdb -{{- end }} diff --git a/influxdb/values.yaml b/influxdb/values.yaml deleted file mode 100644 index ba4e6dc..0000000 --- a/influxdb/values.yaml +++ /dev/null @@ -1,1011 +0,0 @@ -## @section Global parameters -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass - -## @param global.imageRegistry Global Docker image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array -## @param global.storageClass Global storage class for dynamic provisioning -## -global: - imageRegistry: "" - ## E.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - storageClass: "" - -## @section Common parameters - -## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) -## -kubeVersion: "" -## @param nameOverride String to partially override influxdb.fullname template with a string (will prepend the release name) -## -nameOverride: "" -## @param fullnameOverride String to fully override influxdb.fullname template with a string -## -fullnameOverride: "" -## @param clusterDomain Default Kubernetes cluster domain -## -clusterDomain: cluster.local -## @param commonAnnotations Annotations to add to all deployed objects -## -commonAnnotations: {} -## @param commonLabels Labels to add to all deployed objects -## -commonLabels: {} -## @param extraDeploy Array of extra objects to deploy with the release -## -extraDeploy: [] - -## Enable diagnostic mode in the deployment -## -diagnosticMode: - ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) - ## - enabled: false - ## @param diagnosticMode.command Command to override all containers in the deployment - ## - command: - - sleep - ## @param diagnosticMode.args Args to override all containers in the deployment - ## - args: - - infinity - -## @section InfluxDB™ parameters - -## Bitnami InfluxDB™ image -## ref: https://hub.docker.com/r/bitnami/influxdb/tags/ -## @param image.registry InfluxDB™ image registry -## @param image.repository InfluxDB™ image repository -## @param image.tag InfluxDB™ image tag (immutable tags are recommended) -## @param image.pullPolicy InfluxDB™ image pull policy -## @param image.pullSecrets Specify docker-registry secret names as an array -## @param image.debug Specify if debug logs should be enabled -## -image: - registry: docker.io - repository: bitnami/influxdb - tag: 2.0.9-debian-10-r25 - ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## - debug: false -## @param architecture InfluxDB™ architecture (`standalone` or `high-availability`) -## -architecture: standalone -## Authentication parameters -## -auth: - ## @param auth.enabled Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) - ## - enabled: true - ## @param auth.usePasswordFiles Whether to use files to provide secrets instead of env vars. - ## - usePasswordFiles: false - ## InfluxDB™ admin credentials - ## - admin: - ## @param auth.admin.username InfluxDB™ admin user name - ## - username: admin - ## @param auth.admin.password InfluxDB™ admin user's password - ## - password: "" - ## @param auth.admin.token InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 - ## - token: "" - ## @param auth.admin.org InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 - ## - org: primary - ## @param auth.admin.bucket InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 - ## - bucket: primary - ## @param auth.createUserToken Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) - ## You should take into account these tokens are going to be created by CLI - ## so it is not possible to get them by k8s secrets nor to provide them though - ## values - ## See more influxdb 2.0 auth ref: https://docs.influxdata.com/influxdb/v2.0/security/tokens/ - ## - createUserToken: false - ## InfluxDB™ credentials for user with 'admin' privileges on the db specified at 'database' parameter - ## - user: - ## @param auth.user.username Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` - ## - username: "" - ## @param auth.user.password InfluxDB™ password for `user.name` user - ## - password: "" - ## @param auth.user.org Org to be created on first run - ## - org: "" - ## @param auth.user.bucket Bucket to be created on first run - ## already create. If it is not null a new bucket will be created. - ## - bucket: "" - ## InfluxDB™ credentials for user with 'read' privileges on the db specified at 'database' parameter - ## @param auth.readUser.username Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` - ## @param auth.readUser.password InfluxDB™ password for `auth.readUser.username` user - ## - readUser: - username: "" - password: "" - ## InfluxDB™ credentials for user with 'write' privileges on the db specified at 'database' parameter - ## @param auth.writeUser.username Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` - ## @param auth.writeUser.password InfluxDB™ password for `auth.writeUser.username` user - ## - writeUser: - username: "" - password: "" - ## @param auth.existingSecret Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) - ## - existingSecret: "" -## InfluxDB™ backend parameters -## -influxdb: - ## @param influxdb.configuration Specify content for influxdb.conf - ## Alternatively, you can put your influxdb.conf under the files/conf/ directory - ## - ## configuration: |- - ## reporting-disabled = false - ## bind-address = "127.0.0.1:8088" - ## [meta] - ## dir = "/bitnami/influxdb/meta" - ## ... - ## - configuration: "" - ## @param influxdb.existingConfiguration Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). - ## - existingConfiguration: "" - ## @param influxdb.initdbScripts Dictionary of initdb scripts - ## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory - ## - ## initdbScripts: - ## my_init_script.sh: | - ## #!/bin/sh - ## echo "Do something." - initdbScripts: {} - ## @param influxdb.initdbScriptsCM Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). - ## - initdbScriptsCM: "" - ## @param influxdb.initdbScriptsSecret Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) - ## - initdbScriptsSecret: "" - ## @param influxdb.extraEnvVars Array containing extra env vars to configure InfluxDB™ - ## For example: - ## extraEnvVars: - ## - name: INFLUXDB_DATA_QUERY_LOG_ENABLED - ## value: "true" - ## - extraEnvVars: [] - ## @param influxdb.replicaCount The number of InfluxDB™ replicas to deploy - ## - replicaCount: 1 - ## @param influxdb.updateStrategy Update strategy, can be set to RollingUpdate or OnDelete by default. - ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets - ## - updateStrategy: RollingUpdate - ## @param influxdb.podManagementPolicy Pod Management Policy [`OrderedReady` or `Parallel`] - ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#parallel-pod-management - ## - podManagementPolicy: OrderedReady - ## @param influxdb.podAffinityPreset InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param influxdb.podAntiAffinityPreset InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Node affinity preset - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param influxdb.nodeAffinityPreset.type InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - type: "" - ## @param influxdb.nodeAffinityPreset.key InfluxDB™ Node label key to match Ignored if `affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param influxdb.nodeAffinityPreset.values InfluxDB™ Node label values to match. Ignored if `affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param influxdb.affinity InfluxDB™ Affinity for pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param influxdb.nodeSelector InfluxDB™ Node labels for pod assignment - ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - ## @param influxdb.tolerations InfluxDB™ Tolerations for pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param influxdb.extraVolumes Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts - ## - extraVolumes: [] - ## @param influxdb.extraVolumeMounts Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. - ## - extraVolumeMounts: [] - ## K8s Security Context for InfluxDB™ pods - ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param influxdb.securityContext.enabled Enable security context for InfluxDB™ - ## @param influxdb.securityContext.fsGroup Group ID for the InfluxDB™ filesystem - ## @param influxdb.securityContext.runAsUser User ID for the InfluxDB™ container - ## - securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - ## InfluxDB™ pods' resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param influxdb.resources.limits The resources limits for the container - ## @param influxdb.resources.requests The requested resources for the container - ## - resources: - ## Example: - ## limits: - ## cpu: 100m - ## memory: 128Mi - limits: {} - ## Examples: - ## requests: - ## cpu: 100m - ## memory: 128Mi - requests: {} - ## InfluxDB™ pods' liveness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param influxdb.livenessProbe.enabled Enable livenessProbe - ## @param influxdb.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param influxdb.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param influxdb.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param influxdb.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param influxdb.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 180 - periodSeconds: 45 - timeoutSeconds: 30 - successThreshold: 1 - failureThreshold: 6 - ## InfluxDB™ pods' readiness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param influxdb.readinessProbe.enabled Enable readinessProbe - ## @param influxdb.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param influxdb.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param influxdb.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param influxdb.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param influxdb.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 60 - periodSeconds: 45 - timeoutSeconds: 30 - successThreshold: 1 - failureThreshold: 6 - ## @param influxdb.customLivenessProbe Override default liveness probe - ## - customLivenessProbe: {} - ## @param influxdb.customReadinessProbe Override default readiness probe - ## - customReadinessProbe: {} - ## @param influxdb.containerPorts [object] Container ports - ## - containerPorts: - http: 8086 - rpc: 8088 - ## Service parameters - ## - service: - ## @param influxdb.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) - ## - type: ClusterIP - ## @param influxdb.service.port InfluxDB™ HTTP port - ## - port: 8086 - ## @param influxdb.service.rpcPort InfluxDB™ RPC port - ## - rpcPort: 8088 - ## @param influxdb.service.nodePorts [object] Specify the nodePort(s) value for the LoadBalancer and NodePort service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - http: "" - rpc: "" - ## @param influxdb.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param influxdb.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - loadBalancerSourceRanges: [] - ## @param influxdb.service.clusterIP Static clusterIP or None for headless services - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param influxdb.service.annotations Annotations for InfluxDB™ service - ## - annotations: {} - ## @param influxdb.service.sessionAffinity Session affinity for the InfluxDB™ service - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#proxy-mode-userspace - sessionAffinity: "" - ## @param influxdb.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - sessionAffinityConfig: {} - -## @section InfluxDB Relay™ parameters - -relay: - ## Bitnami InfluxDB Relay™ image - ## ref: https://hub.docker.com/r/bitnami/influxdb-relay/tags/ - ## @param relay.image.registry InfluxDB Relay™ image registry - ## @param relay.image.repository InfluxDB Relay™ image repository - ## @param relay.image.tag InfluxDB Relay™ image tag (immutable tags are recommended) - ## @param relay.image.pullPolicy InfluxDB Relay™ image pull policy - ## @param relay.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/influxdb-relay - tag: 0.20200717.0-scratch-r12 - ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param relay.configuration [string] InfluxDB Relay™ Configuration. Specify content for relay.toml - ## Alternatively, you can put your relay.toml under the files/conf/ directory - ## - configuration: |- - [[http]] - # Name of the HTTP server, used for display purposes only. - name = "relay-server" - - # TCP address to bind to, for HTTP server. - bind-addr = "0.0.0.0:9096" - - # Array of InfluxDB™ instances to use as backends for Relay. - output = [ - {{- $influxdbReplicaCount := int .Values.influxdb.replicaCount }} - {{- $influxdbFullname := include "common.names.fullname" . }} - {{- $influxdbHeadlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }} - {{- $releaseName := .Release.Namespace }} - {{- $clusterDomain:= .Values.clusterDomain }} - {{- range $e, $i := until $influxdbReplicaCount }} - { name="{{ $influxdbFullname }}-{{ $i }}", location="http://{{ $influxdbFullname }}-{{ $i }}.{{ $influxdbHeadlessServiceName }}.{{ $releaseName }}.svc.{{ $clusterDomain }}:8086/write", timeout="10s"}, - {{- end }} - ] - ## @param relay.existingConfiguration Name of existing ConfigMap object with the InfluxDB Relay™ configuration (`relay.configuration` will be ignored) - ## NOTE: This will override relay.configuration - ## - existingConfiguration: "" - ## @param relay.replicaCount The number of InfluxDB Relay™ replicas to deploy - ## - replicaCount: 1 - ## @param relay.updateStrategy Update strategy, can be set to RollingUpdate or OnDelete by default. - ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets - ## - updateStrategy: RollingUpdate - ## @param relay.podAffinityPreset InfluxDB Relay™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param relay.podAntiAffinityPreset InfluxDB Relay™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Node affinity preset - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param relay.nodeAffinityPreset.type InfluxDB Relay™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - type: "" - ## @param relay.nodeAffinityPreset.key InfluxDB Relay™ Node label key to match Ignored if `affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param relay.nodeAffinityPreset.values InfluxDB Relay™ Node label values to match. Ignored if `affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param relay.affinity InfluxDB Relay™ Affinity for pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param relay.nodeSelector InfluxDB Relay™ Node labels for pod assignment - ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - ## @param relay.tolerations InfluxDB Relay™ Tolerations for pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param relay.extraVolumes Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts - ## - extraVolumes: [] - ## @param relay.extraVolumeMounts Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. - ## - extraVolumeMounts: [] - ## K8s Security Context for InfluxDB™ pods - ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param relay.securityContext.enabled Enable security context for InfluxDB Relay™ - ## @param relay.securityContext.fsGroup Group ID for the InfluxDB Relay™ filesystem - ## @param relay.securityContext.runAsUser User ID for the InfluxDB Relay™ container - ## - securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - ## InfluxDB Relay™ pods' resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param relay.resources.limits The resources limits for the container - ## @param relay.resources.requests The requested resources for the container - ## - resources: - ## Example: - ## limits: - ## cpu: 100m - ## memory: 128Mi - limits: {} - ## Examples: - ## requests: - ## cpu: 100m - ## memory: 128Mi - requests: {} - ## InfluxDB Relay™ pods' liveness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param relay.livenessProbe.enabled Enable livenessProbe - ## @param relay.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param relay.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param relay.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param relay.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param relay.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 6 - ## InfluxDB Relay™ pods' readiness probe - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## @param relay.readinessProbe.enabled Enable readinessProbe - ## @param relay.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param relay.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param relay.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param relay.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param relay.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 6 - ## @param relay.customLivenessProbe Override default liveness probe - ## - customLivenessProbe: {} - ## @param relay.customReadinessProbe Override default readiness probe - ## - customReadinessProbe: {} - ## @param relay.containerPorts [object] Container ports - ## - containerPorts: - http: 9096 - ## Service parameters - ## - service: - ## @param relay.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) - ## - type: ClusterIP - ## @param relay.service.port InfluxDB Relay™ HTTP port - ## - port: 9096 - ## @param relay.service.nodePort Kubernetes HTTP node port - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePort: "" - ## @param relay.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param relay.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - loadBalancerSourceRanges: [] - ## @param relay.service.clusterIP Static clusterIP or None for headless services - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param relay.service.annotations Annotations for InfluxDB Relay™ service - ## - annotations: {} - -## @section InfluxDB Collectd™ parameters - -collectd: - ## @param collectd.enabled InfluxDB Collectd™ service enable - ## - enabled: false - service: - ## @param collectd.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) - ## - type: ClusterIP - ## @param collectd.service.port InfluxDB Collectd™ UDP port (should match with corresponding port in influxdb.conf) - ## This requires corresponding configuration in influxdb.conf to enable - ## collectd block - ## - port: 25826 - ## @param collectd.service.nodePort Kubernetes HTTP node port - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePort: "" - ## @param collectd.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param collectd.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - loadBalancerSourceRanges: [] - ## @param collectd.service.clusterIP Static clusterIP or None for headless services - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param collectd.service.annotations Annotations for InfluxDB Collectd™ service - ## metallb.universe.tf/allow-shared-ip: "true" - ## - annotations: {} - -## @section Exposing parameters - -## Configure the ingress resource that allows you to access the -## influxdb installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## @param ingress.enabled Enable ingress controller resource - ## - enabled: false - ## @param ingress.tls Create TLS Secret - ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} - ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it - ## - tls: false - ## DEPRECATED: Use ingress.annotations instead of ingress.certManager - ## certManager: false - ## - - ## @param ingress.pathType Ingress path type - ## - pathType: ImplementationSpecific - ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) - ## - apiVersion: "" - ## @param ingress.hostname Default host for the ingress resource - ## - hostname: influxdb.local - ## @param ingress.path Ingress path*' in order to use this - ## with ALB ingress controllers. - ## - path: / - ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - ## Use this parameter to set the required annotations for cert-manager, see - ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations - ## - ## e.g: - ## annotations: - ## kubernetes.io/ingress.class: nginx - ## cert-manager.io/cluster-issuer: cluster-issuer-name - ## - annotations: {} - ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. - ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array - ## extraHosts: - ## - name: influxdb.local - ## path: / - ## - extraHosts: [] - ## @param ingress.extraPaths Additional arbitrary path/backend objects - ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. - ## extraPaths: - ## - path: /* - ## backend: - ## serviceName: ssl-redirect - ## servicePort: use-annotation - ## - extraPaths: [] - ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - ## extraTls: - ## - hosts: - ## - influxdb.local - ## secretName: influxdb.local-tls - ## - extraTls: [] - ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - ## - name: influxdb.local-tls - ## key: - ## certificate: - ## - secrets: [] - -## @section Metrics parameters - -## Prometheus metrics -## ref: https://docs.influxdata.com/influxdb/v1.7/administration/server_monitoring/#influxdb-metrics-http-endpoint -## -metrics: - ## @param metrics.enabled Enable the export of Prometheus metrics - ## - enabled: false - service: - ## @param metrics.service.type Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) - ## - type: ClusterIP - ## @param metrics.service.port InfluxDB™ Prometheus port - ## - port: 9122 - ## @param metrics.service.nodePort Kubernetes HTTP node port - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePort: "" - ## @param metrics.service.loadBalancerIP loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param metrics.service.loadBalancerSourceRanges Address that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - loadBalancerSourceRanges: [] - ## @param metrics.service.clusterIP Static clusterIP or None for headless services - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param metrics.service.annotations [object] Annotations for the Prometheus metrics service - ## - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "{{ .Values.influxdb.service.port }}" - prometheus.io/path: "/metrics" - ## Prometheus Operator ServiceMonitor configuration - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) - ## - enabled: false - ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running - ## e.g: - ## namespace: monitoring - ## - namespace: "" - ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## e.g: - ## interval: 10s - ## - interval: "" - ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## e.g: - ## scrapeTimeout: 10s - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.selector Prometheus instance selector labels - ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration - ## e.g: - ## selector: - ## prometheus: my-prometheus - ## - selector: {} -## NetworkPolicy parameters -## -networkPolicy: - ## @param networkPolicy.enabled Enable NetworkPolicy - ## - enabled: false - ## @param networkPolicy.allowExternal Don't require client label for connections - ## client labels will have network access to the ports InfluxDB™ is listening - ## on. When true, InfluxDB™ will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true -## Persistence parameters -## -persistence: - ## @param persistence.enabled Enable data persistence - ## - enabled: true - ## @param persistence.existingClaim Use a existing PVC which must be created manually before bound - ## If defined, PVC must be created manually before volume will be bound - ## The value is evaluated as a template - ## - existingClaim: "" - ## @param persistence.storageClass Specify the `storageClass` used to provision the volume - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. - ## - storageClass: "" - ## @param persistence.accessModes Access mode of data volume - ## - accessModes: - - ReadWriteOnce - ## @param persistence.size Size of data volume - ## - size: 8Gi - -## @section Volume permissions parameters - -## Init Container parameters -## Change the owner and group of the persistent volume mountpoint to 'runAsUser:fsGroup' -## values from the securityContext section. -## -volumePermissions: - ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` - ## - enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name - ## @param volumePermissions.image.tag Init container volume-permissions image tag - ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy - ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/bitnami-shell - tag: 10-debian-10-r233 - ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Init container Security Context - ## Note: the chown of the data folder is done to securityContext.runAsUser - ## and not the below volumePermissions.securityContext.runAsUser - ## When runAsUser is set to special value "auto", init container will try to chwon the - ## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2` - ## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed). - ## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with - ## pod securityContext.enabled=false and shmVolume.chmod.enabled=false - ## @param volumePermissions.securityContext.runAsUser User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") - ## - securityContext: - runAsUser: 0 - -## @section InfluxDB™ backup parameters - -backup: - ## @param backup.enabled Enable InfluxDB™ backup - ## - enabled: false - ## @param backup.directory Directory where backups are stored - ## - directory: "/backups" - ## @param backup.retentionDays Retention time in days for backups (older backups are deleted) - ## - retentionDays: 10 - ## Cronjob configuration - ## This cronjob is used to create InfluxDB™ backups - ## - cronjob: - ## @param backup.cronjob.schedule Schedule in Cron format to save snapshots - ## See https://en.wikipedia.org/wiki/Cron - ## - schedule: "0 2 * * *" - ## @param backup.cronjob.historyLimit Number of successful finished jobs to retain - ## - historyLimit: 1 - ## @param backup.cronjob.podAnnotations Pod annotations - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: {} - ## K8s Security Context for Backup Cronjob pods - ## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param backup.cronjob.securityContext.enabled Enable security context for InfluxDB™ - ## @param backup.cronjob.securityContext.fsGroup Group ID for the InfluxDB™ filesystem - ## @param backup.cronjob.securityContext.runAsUser Group ID for the InfluxDB™ filesystem - ## - securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - ## @param backup.podAffinityPreset Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param backup.podAntiAffinityPreset Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Node affinity preset - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param backup.nodeAffinityPreset.type Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - type: "" - ## @param backup.nodeAffinityPreset.key Backup™ Node label key to match Ignored if `affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param backup.nodeAffinityPreset.values Backup™ Node label values to match. Ignored if `affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param backup.affinity Backup™ Affinity for backup pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param backup.nodeSelector Backup™ Node labels for backup pod assignment - ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - ## @param backup.tolerations Backup™ Tolerations for backup pod assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## Storage providers where to upload backups - ## - uploadProviders: - ## Google Storage Bucket configuration - ## @param backup.uploadProviders.google.enabled enable upload to google storage bucket - ## @param backup.uploadProviders.google.secret json secret with serviceaccount data to access Google storage bucket - ## @param backup.uploadProviders.google.secretKey service account secret key name - ## @param backup.uploadProviders.google.existingSecret Name of existing secret object with Google serviceaccount json credentials - ## @param backup.uploadProviders.google.bucketName google storage bucket name name - ## - google: - enabled: false - secret: "" - secretKey: "key.json" - existingSecret: "" - bucketName: "gs://bucket/influxdb" - ## Bitnami Google Cloud SDK image - ## ref: https://hub.docker.com/r/bitnami/google-cloud-sdk/tags/ - ## @param backup.uploadProviders.google.image.registry Google Cloud SDK image registry - ## @param backup.uploadProviders.google.image.repository Google Cloud SDK image name - ## @param backup.uploadProviders.google.image.tag Google Cloud SDK image tag - ## @param backup.uploadProviders.google.image.pullPolicy Google Cloud SDK image pull policy - ## @param backup.uploadProviders.google.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/google-cloud-sdk - tag: 0.361.0-debian-10-r7 - ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Azure Storage Container configuration - ## - azure: - ## @param backup.uploadProviders.azure.enabled Enable upload to azure storage container - ## @param backup.uploadProviders.azure.secret Secret with credentials to access Azure storage - ## @param backup.uploadProviders.azure.secretKey Service account secret key name - ## @param backup.uploadProviders.azure.existingSecret Name of existing secret object - ## @param backup.uploadProviders.azure.containerName Destination container - enabled: false - secret: "" - secretKey: "connection-string" - existingSecret: "" - containerName: "influxdb-container" - ## Bitnami Azure CLI image - ## ref: https://hub.docker.com/r/bitnami/azure-cli/tags/ - ## @param backup.uploadProviders.azure.image.registry Azure CLI image registry - ## @param backup.uploadProviders.azure.image.repository Azure CLI image repository - ## @param backup.uploadProviders.azure.image.tag Azure CLI image tag (immutable tags are recommended) - ## @param backup.uploadProviders.azure.image.pullPolicy Azure CLI image pull policy - ## @param backup.uploadProviders.azure.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/azure-cli - tag: 2.29.1-debian-10-r5 - ## Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] diff --git a/values.yaml b/values.yaml index 308cac3..222555c 100644 --- a/values.yaml +++ b/values.yaml @@ -446,4 +446,26 @@ airflow: user: admin influxdb: - enabled: true \ No newline at end of file + enabled: true + auth: + admin: + username: admin + password: "" + user: + username: "" + password: "" + bucket: "" + influxdb: + replicaCount: 1 + service: ClusterIP + port: 8086 + rpcPort: 8088 + ingress: + enabled: false + hostname: + + + + + + From 3fa01105967a122302f1d61a02683b94b233e21f Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Thu, 11 Nov 2021 15:56:00 +0100 Subject: [PATCH 3/8] fixed bugs for influxdb in vlaues.yaml file --- values.yaml | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/values.yaml b/values.yaml index 222555c..5d1cedf 100644 --- a/values.yaml +++ b/values.yaml @@ -457,15 +457,10 @@ influxdb: bucket: "" influxdb: replicaCount: 1 - service: ClusterIP - port: 8086 - rpcPort: 8088 + service: + type: ClusterIP + port: 8086 + rpcPort: 8088 ingress: enabled: false - hostname: - - - - - - + hostname: \ No newline at end of file From 5f86a02416b8b7be18f2d881097535afac9f005c Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Fri, 12 Nov 2021 14:19:24 +0100 Subject: [PATCH 4/8] Update README.md and values.yaml files --- README.md | 1 + values.yaml | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index f11e0cc..c773fcf 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,7 @@ Each requirement is configured with the options provided by that Chart. Please c | `zabbix.enabled` | Enable [Zabbix](https://github.com/cetic/helm-zabbix) | `false` | | `drupal.enabled` | Enable [drupal](https://github.com/cetic/helm-drupal) | `false` | | `airflow.enabled` | Enable [airflow](https://artifacthub.io/packages/helm/bitnami/airflow) | `false` | +| `influxdb.enabled` | Enable [influxdb](https://github.com/bitnami/charts/tree/master/bitnami/influxdb) | `false` | ## Contributing diff --git a/values.yaml b/values.yaml index 5d1cedf..f19f2e1 100644 --- a/values.yaml +++ b/values.yaml @@ -4,7 +4,7 @@ # Declare variables to be passed into your templates. spark: - enabled: false + enabled: true Master: Name: spark-master WebUi: @@ -16,7 +16,7 @@ spark: Replicas: 0 superset: - enabled: false + enabled: true persistence: enabled: false service: @@ -60,7 +60,7 @@ superset: AUTH_LDAP_UID_FIELD = "cn" postgresql: - enabled: false + enabled: true persistence: enabled: false ldap: @@ -135,7 +135,7 @@ postgresql: psql -c "create database zabbix;" postgres admin minio: - enabled: false + enabled: true persistence: enabled: false size: 50Gi @@ -143,7 +143,7 @@ minio: type: NodePort grafana: - enabled: false + enabled: true service: type: NodePort grafana.ini: @@ -212,7 +212,7 @@ grafana: email = "email" jupyterhub: - enabled: false + enabled: true proxy: secretToken: 'af83775ec3bfaf0507ce596df51d491e7ed54450adc454038fa7405495465f19' db: @@ -259,7 +259,7 @@ jupyterhub: enabled: false nifi: - enabled: false + enabled: true service: type: NodePort postStart: /opt/nifi/psql; wget -P /opt/nifi/psql https://jdbc.postgresql.org/download/postgresql-42.2.6.jar @@ -287,7 +287,7 @@ nifi: hosts: [] openldap: - enabled: false + enabled: true persistence: enabled: false env: @@ -306,7 +306,7 @@ openldap: phpldapadmin: - enabled: false + enabled: true service: type: NodePort env: @@ -386,7 +386,7 @@ swaggerui: description: "TSIMULUS API" adminer: - enabled: false + enabled: true config: design: "pepa-linha" service: @@ -446,7 +446,7 @@ airflow: user: admin influxdb: - enabled: true + enabled: false auth: admin: username: admin From 91b37f50072fd2db4ae555308e61a3ad5b3b853a Mon Sep 17 00:00:00 2001 From: zakaria2905 <48456087+zakaria2905@users.noreply.github.com> Date: Fri, 12 Nov 2021 14:28:04 +0100 Subject: [PATCH 5/8] Update questions.yml --- questions.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/questions.yml b/questions.yml index ab2ecb1..6050a43 100644 --- a/questions.yml +++ b/questions.yml @@ -110,3 +110,9 @@ questions: type: boolean required: true label: Enable Adminer + - variable: influxdb.enabled + default: "false" + description: "Enable influxdb service" + type: boolean + required: true + label: Enable Influxdb From 3f8070dcb84653538565dcdaeee6b93b427ffcfa Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Mon, 22 Nov 2021 11:01:27 +0100 Subject: [PATCH 6/8] update values.yaml --- values.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/values.yaml b/values.yaml index 11f8231..d6e4cd0 100644 --- a/values.yaml +++ b/values.yaml @@ -18,7 +18,7 @@ spark: superset: enabled: true persistence: - enabled: false + enabled: true service: type: NodePort configFile: |- @@ -62,9 +62,9 @@ superset: postgresql: enabled: true persistence: - enabled: false + enabled: true ldap: - enabled: false + enabled: true pgldapconfig: |- # Reference: https://github.com/larskanis/pg-ldap-sync/blob/master/config/sample-config.yaml # Connection parameters to LDAP server @@ -137,7 +137,7 @@ postgresql: minio: enabled: true persistence: - enabled: false + enabled: true size: 50Gi service: type: NodePort @@ -177,7 +177,7 @@ grafana: ## ref: http://docs.grafana.org/installation/configuration/#auth-ldap ## ref: http://docs.grafana.org/installation/ldap/#configuration ldap: - enabled: false + enabled: true # `existingSecret` is a reference to an existing secret containing the ldap configuration # for Grafana in a key `ldap-toml`. existingSecret: "" @@ -289,7 +289,7 @@ nifi: openldap: enabled: true persistence: - enabled: false + enabled: true env: LDAP_ORGANISATION: "Cetic" LDAP_DOMAIN: "ldap.cetic.be" From 72f376259ef1247ff029015849d27b88cf247975 Mon Sep 17 00:00:00 2001 From: zakaria2905 Date: Mon, 22 Nov 2021 11:22:30 +0100 Subject: [PATCH 7/8] adding persistence options --- values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/values.yaml b/values.yaml index d6e4cd0..2f521a3 100644 --- a/values.yaml +++ b/values.yaml @@ -547,6 +547,10 @@ influxdb: type: ClusterIP port: 8086 rpcPort: 8088 + persistence: + enabled: true + storageClass: "" + size: 8Gi ingress: enabled: false hostname: From 78dc91f1496928af3d42713e1a69723a38b2f4ff Mon Sep 17 00:00:00 2001 From: Sebastien Dupont Date: Mon, 22 Nov 2021 11:53:42 +0100 Subject: [PATCH 8/8] Bump chart version --- Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index fae4d23..1f53236 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -1,8 +1,8 @@ --- apiVersion: v2 name: fadi -version: 0.2.11 -appVersion: 0.2.11 +version: 0.2.12 +appVersion: 0.2.12 description: FADI is a Cloud Native platform for Big Data based on mature open source tools. keywords: - fadi