diff --git a/solution-base/build.sh b/solution-base/build.sh index a166777d60..5a98c6a7bd 100755 --- a/solution-base/build.sh +++ b/solution-base/build.sh @@ -29,35 +29,15 @@ SKOPEO=skopeo SKOPEO_OPTS="--override-os linux --insecure-policy" SOLUTION_REGISTRY=metalk8s-registry-from-config.invalid/${PRODUCT_LOWERNAME}-${VERSION_FULL} -KUBEDB_SCRIPT_BRANCH_TAG=89fab34cf2f5d9e0bcc3c2d5b0f0599f94ff0dca - -KUBEDB_OPERATOR_PATH=${ISO_ROOT}/deploy/kubedb.yaml -KUBEDB_CATALOGS_PATH=${ISO_ROOT}/deploy/kubedb-catalogs.yaml -MONGODB_SINGLE_NODE_PATH=${ISO_ROOT}/deploy/mongodb-1-node.yaml -MONGODB_THREE_NODE_PATH=${ISO_ROOT}/deploy/mongodb-3-nodes.yaml MONGODB_SHARDED_SINGLE_NODE_PATH=${ISO_ROOT}/deploy/mongodb-sharded-1-node.yaml MONGODB_SHARDED_THREE_NODE_PATH=${ISO_ROOT}/deploy/mongodb-sharded-3-nodes.yaml SOLUTION_ENV='SOLUTION_ENV' -export KUBEDB_NAMESPACE=${SOLUTION_ENV} -export KUBEDB_SERVICE_ACCOUNT=kubedb-operator -export KUBEDB_IMAGE_NAME=operator -export KUBEDB_OPERATOR_NAME=kubedb-operator -export KUBEDB_CERT_NAME=kubedb-operator-apiserver-cert -export KUBEDB_DOCKER_REGISTRY=${SOLUTION_REGISTRY} -export KUBEDB_PRIORITY_CLASS=system-cluster-critical - MONGODB_NAME="mongodb" MONGODB_SHARDED_NAME="data-db" MONGODB_NAMESPACE=${SOLUTION_ENV} MONGODB_REGISTRY=${SOLUTION_REGISTRY} -MONGODB_IMAGE_NAME="mongodb" -MONGODB_IMAGE_TAG=$(yq eval ".mongodb.tag" $SOLUTION_BASE_DIR/deps.yaml) -MONGODB_INIT_IMAGE_NAME=MONGODB_SHARDED_SHELL_IMAGE_NAME=$(yq eval ".mongodb-shell.image" $SOLUTION_BASE_DIR/deps.yaml | awk -F'/' '{print $NF}') -MONGODB_INIT_IMAGE_TAG=$(yq eval ".mongodb-shell.tag" $SOLUTION_BASE_DIR/deps.yaml) -MONGODB_EXPORTER_IMAGE_NAME="mongodb-exporter" -MONGODB_EXPORTER_IMAGE_TAG=$(yq eval ".mongodb-exporter.tag" $SOLUTION_BASE_DIR/deps.yaml) MONGODB_SHARDED_IMAGE_NAME="mongodb-sharded" MONGODB_SHARDED_IMAGE_TAG=$(yq eval ".mongodb-sharded.tag" $SOLUTION_BASE_DIR/deps.yaml) MONGODB_SHARDED_EXPORTER_IMAGE_NAME="mongodb-exporter" @@ -84,75 +64,6 @@ function mkdirs() mkdir -p ${IMAGES_ROOT} } -function kubedb_yamls() -{ - echo merging kubedb yamls - operator_yamls=( - certs - operator - service-account - rbac-list - user-roles - appcatalog-user-roles - validating-webhook - mutating-webhook - psp-operator - psp-mongodb - psp-redis - ) - catalog_yamls=( - kubedb-catalog-mongodb - kubedb-catalog-redis - ) - - for y in "${operator_yamls[@]}"; do - cat ${SOLUTION_BASE_DIR}/kubedb/${y}.yaml | envsubst >> ${KUBEDB_OPERATOR_PATH} - echo --- >> ${KUBEDB_OPERATOR_PATH} - done - - for y in "${catalog_yamls[@]}"; do - cat ${SOLUTION_BASE_DIR}/kubedb/${y}.yaml | envsubst >> ${KUBEDB_CATALOGS_PATH} - echo --- >> ${KUBEDB_CATALOGS_PATH} - done -} - -function render_mongodb_yamls() -{ - local OUTPUT_PATH=${1:-${OPERATOR_PATH}} - local NODE_COUNT=${2:-1} - local ADD_OPTIONS=${3:-""} - - echo creating mongodb ${NODE_COUNT}-node yamls - CHART_PATH="$SOLUTION_BASE_DIR/mongodb/charts/mongodb" - - helm template ${MONGODB_NAME} ${CHART_PATH} -n ${MONGODB_NAMESPACE} \ - -f "${CHART_PATH}/custom-values.yaml" \ - --set "image.registry=${MONGODB_REGISTRY}" \ - --set "image.repository=${MONGODB_IMAGE_NAME}" \ - --set "image.tag=${MONGODB_IMAGE_TAG}" \ - --set "volumePermissions.image.registry=${MONGODB_REGISTRY}" \ - --set "volumePermissions.image.repository=${MONGODB_INIT_IMAGE_NAME}" \ - --set "volumePermissions.image.tag=${MONGODB_INIT_IMAGE_TAG}" \ - --set "metrics.image.registry=${MONGODB_REGISTRY}" \ - --set "metrics.image.repository=${MONGODB_EXPORTER_IMAGE_NAME}" \ - --set "metrics.image.tag=${MONGODB_EXPORTER_IMAGE_TAG}" \ - --set "persistence.storageClass=${MONGODB_STORAGE_CLASS}" \ - --set "existingSecret=${MONGODB_NAME}-db-creds" \ - --set "volumePermissions.enabled=true" \ - --set "replicaSet.enabled=true" \ - --set "${ADD_OPTIONS}" >> ${OUTPUT_PATH} -} - -function mongodb_yamls() -{ - - render_mongodb_yamls "${MONGODB_SINGLE_NODE_PATH}" 1 \ - "replicaSet.pdb.minAvailable.secondary=0,replicaSet.pdb.minAvailable.arbiter=0,replicaSet.replicas.secondary=0,replicaSet.replicas.arbiter=0" - - render_mongodb_yamls "${MONGODB_THREE_NODE_PATH}" 3 \ - "replicaSet.pdb.minAvailable.secondary=1,replicaSet.pdb.minAvailable.arbiter=0,replicaSet.replicas.secondary=2,replicaSet.replicas.arbiter=0" -} - function render_mongodb_sharded_yamls() { local OUTPUT_PATH=${1:-${OPERATOR_PATH}} @@ -282,8 +193,6 @@ MANIFEST_ONLY=${MANIFEST_ONLY:-'false'} # run everything in order clean mkdirs -kubedb_yamls -mongodb_yamls mongodb_sharded_yamls gen_manifest_yaml diff --git a/solution-base/deps.yaml b/solution-base/deps.yaml index 6ac1df4f06..85303582c5 100644 --- a/solution-base/deps.yaml +++ b/solution-base/deps.yaml @@ -1,12 +1,6 @@ # Please keep the first level keys sorted # to sort keys, use the following command # yq eval 'sortKeys(.)' -i deps.yaml -mongodb: - image: bitnami/mongodb - tag: 4.0.27-debian-9-r118 -mongodb-exporter: - image: bitnami/mongodb-exporter - tag: 0.34.0-debian-11-r31 mongodb-sharded: image: bitnami/mongodb-sharded tag: 4.0.27-debian-9-r112 diff --git a/solution-base/kubedb/appcatalog-user-roles.yaml b/solution-base/kubedb/appcatalog-user-roles.yaml deleted file mode 100644 index 4c601fb79d..0000000000 --- a/solution-base/kubedb/appcatalog-user-roles.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: appscode:appcatalog:admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: -- apiGroups: - - appcatalog.appscode.com - resources: - - "*" - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: appscode:appcatalog:view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: -- apiGroups: - - appcatalog.appscode.com - resources: - - "*" - verbs: ["get", "list", "watch"] diff --git a/solution-base/kubedb/certs.yaml b/solution-base/kubedb/certs.yaml deleted file mode 100644 index 2ca5ff949c..0000000000 --- a/solution-base/kubedb/certs.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: selfsigned-issuer - namespace: ${KUBEDB_NAMESPACE} -spec: - selfSigned: {} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: ${KUBEDB_CERT_NAME} - namespace: ${KUBEDB_NAMESPACE} -spec: - # Secret names are always required. - secretName: ${KUBEDB_CERT_NAME} - # TODO: How does kubedb handle cert regens? - duration: 2160h # 90d - renewBefore: 360h # 15d - isCA: false - privateKey: - algorithm: RSA - encoding: PKCS1 - size: 2048 - # At least one of a DNS Name, URI, Email Address, or IP address is required. - dnsNames: - - ${KUBEDB_OPERATOR_NAME} - - ${KUBEDB_OPERATOR_NAME}.${KUBEDB_NAMESPACE}.svc - # Issuer references are always required. - issuerRef: - name: selfsigned-issuer - # We can reference ClusterIssuers by changing the kind here. - # The default value is Issuer (i.e. a locally namespaced Issuer) - kind: Issuer diff --git a/solution-base/kubedb/kubedb-catalog-mongodb.yaml b/solution-base/kubedb/kubedb-catalog-mongodb.yaml deleted file mode 100644 index 379c2311d2..0000000000 --- a/solution-base/kubedb/kubedb-catalog-mongodb.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: catalog.kubedb.com/v1alpha1 -kind: MongoDBVersion -metadata: - name: "4.0-v1" - labels: - app: kubedb -spec: - version: "4.0.5" - db: - image: "${KUBEDB_DOCKER_REGISTRY}/mongo:4.0-v1" - exporter: - image: "${KUBEDB_DOCKER_REGISTRY}/mongodb_exporter:v1.0.0" - tools: - image: "${KUBEDB_DOCKER_REGISTRY}/mongo-tools:4.0-v1" - initContainer: - image: "${KUBEDB_DOCKER_REGISTRY}/busybox" - podSecurityPolicies: - databasePolicyName: mongodb-db - snapshotterPolicyName: mongodb-snapshot diff --git a/solution-base/kubedb/kubedb-catalog-redis.yaml b/solution-base/kubedb/kubedb-catalog-redis.yaml deleted file mode 100644 index 65c5ffeb40..0000000000 --- a/solution-base/kubedb/kubedb-catalog-redis.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: catalog.kubedb.com/v1alpha1 -kind: RedisVersion -metadata: - name: "5.0.3-v1" - labels: - app: kubedb -spec: - version: "5.0.3" - db: - image: "${KUBEDB_DOCKER_REGISTRY}/redis:5.0.3-v1" - exporter: - image: "${KUBEDB_DOCKER_REGISTRY}/redis_exporter:v0.21.1" - podSecurityPolicies: - databasePolicyName: redis-db diff --git a/solution-base/kubedb/mutating-webhook.yaml b/solution-base/kubedb/mutating-webhook.yaml deleted file mode 100644 index 92effc347b..0000000000 --- a/solution-base/kubedb/mutating-webhook.yaml +++ /dev/null @@ -1,100 +0,0 @@ -# register to intercept kubedb CRD creates / updates -apiVersion: admissionregistration.k8s.io/v1beta1 -kind: MutatingWebhookConfiguration -metadata: - name: mutators.kubedb.com - labels: - app: kubedb -webhooks: -- name: elasticsearch.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/elasticsearchmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["elasticsearches"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: postgres.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/postgresmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["postgreses"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: mysql.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/mysqlmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["mysqls"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: mongodb.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/mongodbmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["mongodbs"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: redis.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/redismutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["redises"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: memcached.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/memcachedmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["memcacheds"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: etcd.mutators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/mutators.kubedb.com/v1alpha1/etcdmutators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["etcds"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None ---- diff --git a/solution-base/kubedb/operator.yaml b/solution-base/kubedb/operator.yaml deleted file mode 100644 index 239ee86ee1..0000000000 --- a/solution-base/kubedb/operator.yaml +++ /dev/null @@ -1,130 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ${KUBEDB_OPERATOR_NAME} - namespace: ${KUBEDB_NAMESPACE} - labels: - app: kubedb -spec: - replicas: 1 - selector: - matchLabels: - app: kubedb - template: - metadata: - labels: - app: kubedb - annotations: - scheduler.alpha.kubernetes.io/critical-pod: '' - spec: - serviceAccountName: ${KUBEDB_SERVICE_ACCOUNT} - imagePullSecrets: [${KUBEDB_IMAGE_PULL_SECRET}] - containers: - - name: operator - image: ${KUBEDB_DOCKER_REGISTRY}/${KUBEDB_IMAGE_NAME}:${KUBEDB_OPERATOR_TAG} - imagePullPolicy: IfNotPresent - args: - - run - - --v=3 - - --governing-service=kubedb - - --rbac=true - - --secure-port=8443 - - --audit-log-path=- - - --tls-cert-file=/var/serving-cert/tls.crt - - --tls-private-key-file=/var/serving-cert/tls.key - - --enable-mutating-webhook=true - - --enable-validating-webhook=true - - --enable-status-subresource=true - - --bypass-validating-webhook-xray=false - - --enable-analytics=false - env: - - name: MY_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: MY_POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - ports: - - containerPort: 8443 - volumeMounts: - - mountPath: /var/serving-cert - name: serving-cert - readinessProbe: - httpGet: - path: /healthz - port: 8443 - scheme: HTTPS - initialDelaySeconds: 5 - livenessProbe: - httpGet: - path: /healthz - port: 8443 - scheme: HTTPS - initialDelaySeconds: 15 - timeoutSeconds: 15 - resources: - requests: - cpu: "100m" - nodeSelector: - beta.kubernetes.io/os: linux - beta.kubernetes.io/arch: amd64 - volumes: - - name: serving-cert - secret: - defaultMode: 420 - secretName: ${KUBEDB_CERT_NAME} ---- -apiVersion: v1 -kind: Service -metadata: - name: ${KUBEDB_OPERATOR_NAME} - namespace: ${KUBEDB_NAMESPACE} - labels: - app: kubedb -spec: - ports: - - name: api - port: 443 - targetPort: 8443 - selector: - app: kubedb ---- -# register as aggregated apiserver -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.validators.kubedb.com - namespace: ${KUBEDB_NAMESPACE} - labels: - app: kubedb - annotations: - cert-manager.io/inject-ca-from: ${KUBEDB_NAMESPACE}/${KUBEDB_CERT_NAME} -spec: - group: validators.kubedb.com - groupPriorityMinimum: 1000 - versionPriority: 15 - service: - name: ${KUBEDB_OPERATOR_NAME} - namespace: ${KUBEDB_NAMESPACE} - version: v1alpha1 ---- -# register as aggregated apiserver -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.mutators.kubedb.com - namespace: ${KUBEDB_NAMESPACE} - labels: - app: kubedb - annotations: - cert-manager.io/inject-ca-from: ${KUBEDB_NAMESPACE}/${KUBEDB_CERT_NAME} -spec: - group: mutators.kubedb.com - groupPriorityMinimum: 1000 - versionPriority: 15 - service: - name: ${KUBEDB_OPERATOR_NAME} - namespace: ${KUBEDB_NAMESPACE} - version: v1alpha1 diff --git a/solution-base/kubedb/psp-mongodb.yaml b/solution-base/kubedb/psp-mongodb.yaml deleted file mode 100644 index 7c7d2d5d90..0000000000 --- a/solution-base/kubedb/psp-mongodb.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: mongodb-db - labels: - app: kubedb -spec: - privileged: false - allowPrivilegeEscalation: false - volumes: - - "*" - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - fsGroup: - rule: RunAsAny - ---- -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: mongodb-snapshot - labels: - app: kubedb -spec: #same spec as db - privileged: false - allowPrivilegeEscalation: false - volumes: - - "*" - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - fsGroup: - rule: RunAsAny diff --git a/solution-base/kubedb/psp-operator.yaml b/solution-base/kubedb/psp-operator.yaml deleted file mode 100644 index 64079bd688..0000000000 --- a/solution-base/kubedb/psp-operator.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: ${KUBEDB_OPERATOR_NAME} - labels: - app: kubedb -spec: - privileged: true #Allowing privileged pods is necessary for ES db only! - allowPrivilegeEscalation: true #Allowing privilege escalation is necessary for ES db only! - volumes: - - '*' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - fsGroup: - rule: RunAsAny - allowedCapabilities: - - IPC_LOCK - - SYS_RESOURCE diff --git a/solution-base/kubedb/psp-redis.yaml b/solution-base/kubedb/psp-redis.yaml deleted file mode 100644 index 41b8c33391..0000000000 --- a/solution-base/kubedb/psp-redis.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: redis-db - labels: - app: kubedb -spec: - privileged: false - allowPrivilegeEscalation: false - volumes: - - "*" - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - fsGroup: - rule: RunAsAny diff --git a/solution-base/kubedb/rbac-list.yaml b/solution-base/kubedb/rbac-list.yaml deleted file mode 100644 index cc6b62af54..0000000000 --- a/solution-base/kubedb/rbac-list.yaml +++ /dev/null @@ -1,186 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ${KUBEDB_OPERATOR_NAME} - labels: - app: kubedb -rules: -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: ["*"] -- apiGroups: - - apiregistration.k8s.io - resources: - - apiservices - verbs: ["get", "patch"] -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - verbs: ["delete", "get", "list", "watch", "patch"] -- apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - - roles - verbs: ["create", "delete", "get", "patch"] -- apiGroups: - - "" - resources: - - services - verbs: ["create", "delete", "get", "patch", "list"] -- apiGroups: - - "" - resources: - - secrets - - serviceaccounts - verbs: ["create", "delete", "get", "patch"] -- apiGroups: - - apps - resources: - - deployments - - statefulsets - verbs: ["create", "delete", "get", "list", "patch", "update"] -- apiGroups: - - apps - resources: - - replicasets - verbs: ["get"] -- apiGroups: - - batch - resources: - - jobs - verbs: ["create", "delete", "get", "list", "watch"] -- apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: ["get"] -- apiGroups: - - "" - resources: - - pods - verbs: ["*"] -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: ["create", "delete", "get", "list", "patch", "watch"] -- apiGroups: - - "" - resources: - - configmaps - verbs: ["create", "delete", "get", "update", "list", "patch"] -- apiGroups: - - "" - resources: - - events - verbs: ["create"] -- apiGroups: - - "" - resources: - - nodes - verbs: ["get", "list", "watch"] -- apiGroups: - - kubedb.com - - catalog.kubedb.com - - authorization.kubedb.com - resources: - - "*" - verbs: ["*"] -- apiGroups: - - appcatalog.appscode.com - resources: - - "*" - verbs: ["*"] -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: ["*"] -- apiGroups: - - "" - resources: - - "pods/exec" - verbs: ["create"] -- apiGroups: - - policy - resources: - - podsecuritypolicies - verbs: ["use"] - resourceNames: - - ${KUBEDB_OPERATOR_NAME} - - elasticsearch-db - - etcd-db - - memcached-db - - mongodb-db - - mysql-db - - postgres-db - - redis-db - - elasticsearch-snapshot - - mongodb-snapshot - - mysql-snapshot - - postgres-snapshot - # -array for custom PSPs -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: ["get", "list", "create", "delete", "patch"] -- apiGroups: - - stash.appscode.com - resources: - - restoresessions - verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ${KUBEDB_OPERATOR_NAME} - labels: - app: kubedb -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ${KUBEDB_OPERATOR_NAME} -subjects: -- kind: ServiceAccount - name: ${KUBEDB_SERVICE_ACCOUNT} - namespace: ${KUBEDB_NAMESPACE} - ---- -# to read the config for terminating authentication -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kubedb-server-extension-server-authentication-reader - namespace: kube-system - labels: - app: kubedb -roleRef: - kind: Role - apiGroup: rbac.authorization.k8s.io - name: extension-apiserver-authentication-reader -subjects: -- kind: ServiceAccount - name: ${KUBEDB_SERVICE_ACCOUNT} - namespace: ${KUBEDB_NAMESPACE} ---- -# to delegate authentication and authorization -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kubedb-server-auth-delegator - labels: - app: kubedb -roleRef: - kind: ClusterRole - apiGroup: rbac.authorization.k8s.io - name: system:auth-delegator -subjects: -- kind: ServiceAccount - name: ${KUBEDB_SERVICE_ACCOUNT} - namespace: ${KUBEDB_NAMESPACE} diff --git a/solution-base/kubedb/service-account.yaml b/solution-base/kubedb/service-account.yaml deleted file mode 100644 index a36cc2749c..0000000000 --- a/solution-base/kubedb/service-account.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ${KUBEDB_SERVICE_ACCOUNT} - namespace: ${KUBEDB_NAMESPACE} - labels: - app: kubedb diff --git a/solution-base/kubedb/user-roles.yaml b/solution-base/kubedb/user-roles.yaml deleted file mode 100644 index 13a333e325..0000000000 --- a/solution-base/kubedb/user-roles.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kubedb:core:admin - labels: - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: -- apiGroups: - - kubedb.com - - catalog.kubedb.com - resources: - - "*" - verbs: ["*"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kubedb:core:edit - labels: - rbac.authorization.k8s.io/aggregate-to-edit: "true" -rules: -- apiGroups: - - kubedb.com - resources: - - elasticsearches - - memcacheds - - mongodbs - - mysqls - - postgreses - - redises - - snapshots - verbs: ["*"] -- apiGroups: - - kubedb.com - resources: - - dormantdatabases - verbs: ["get", "list", "watch"] -- apiGroups: - - catalog.kubedb.com - resources: - - elasticsearchversions - - memcachedversions - - mongodbversions - - mysqlversions - - postgresversions - - redisversions - verbs: ["get", "list", "watch"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: kubedb:core:view - labels: - rbac.authorization.k8s.io/aggregate-to-view: "true" -rules: -- apiGroups: - - kubedb.com - resources: - - dormantdatabases - - elasticsearches - - memcacheds - - mongodbs - - mysqls - - postgreses - - redises - - snapshots - verbs: ["get", "list", "watch"] -- apiGroups: - - catalog.kubedb.com - resources: - - elasticsearchversions - - memcachedversions - - mongodbversions - - mysqlversions - - postgresversions - - redisversions - verbs: ["get", "list", "watch"] diff --git a/solution-base/kubedb/validating-webhook.yaml b/solution-base/kubedb/validating-webhook.yaml deleted file mode 100644 index ac00b11c12..0000000000 --- a/solution-base/kubedb/validating-webhook.yaml +++ /dev/null @@ -1,138 +0,0 @@ -# register to intercept kubedb CRD creates / updates -apiVersion: admissionregistration.k8s.io/v1beta1 -kind: ValidatingWebhookConfiguration -metadata: - name: validators.kubedb.com - labels: - app: kubedb -webhooks: -- name: elasticsearch.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/elasticsearchvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["elasticsearches"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: postgres.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/postgresvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["postgreses"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: mysql.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/mysqlvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["mysqls"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: mongodb.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/mongodbvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["mongodbs"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: redis.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/redisvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["redises"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: memcached.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/memcachedvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["memcacheds"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: etcd.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/etcdvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["etcds"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: snapshot.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/snapshotvalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["snapshots"] - operations: ["CREATE", "UPDATE"] - failurePolicy: Fail - sideEffects: None -- name: dormantdatabase.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/dormantdatabasevalidators - rules: - - apiGroups: ["kubedb.com"] - apiVersions: ["*"] - resources: ["dormantdatabases"] - operations: ["CREATE", "UPDATE", "DELETE"] - failurePolicy: Fail - sideEffects: None -- name: namespace.validators.kubedb.com - clientConfig: - service: - namespace: default - name: kubernetes - path: /apis/validators.kubedb.com/v1alpha1/namespaces - rules: - - apiGroups: [""] - apiVersions: ["*"] - resources: ["namespaces"] - operations: ["DELETE"] - failurePolicy: Fail - sideEffects: None diff --git a/solution-base/mongodb/charts/mongodb/.helmignore b/solution-base/mongodb/charts/mongodb/.helmignore deleted file mode 100644 index 6b8710a711..0000000000 --- a/solution-base/mongodb/charts/mongodb/.helmignore +++ /dev/null @@ -1 +0,0 @@ -.git diff --git a/solution-base/mongodb/charts/mongodb/Chart.yaml b/solution-base/mongodb/charts/mongodb/Chart.yaml deleted file mode 100644 index 4464586059..0000000000 --- a/solution-base/mongodb/charts/mongodb/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -appVersion: 4.0.27 -description: NoSQL document-oriented database that stores JSON-like documents with - dynamic schemas, simplifying the integration of data in content-driven applications. -engine: gotpl -home: https://mongodb.org -icon: https://bitnami.com/assets/stacks/mongodb/img/mongodb-stack-220x234.png -keywords: -- mongodb -- database -- nosql -- cluster -- replicaset -- replication -maintainers: -- email: containers@bitnami.com - name: Bitnami -name: mongodb -sources: -- https://github.com/bitnami/bitnami-docker-mongodb -version: 7.8.0 diff --git a/solution-base/mongodb/charts/mongodb/OWNERS b/solution-base/mongodb/charts/mongodb/OWNERS deleted file mode 100644 index f87e010777..0000000000 --- a/solution-base/mongodb/charts/mongodb/OWNERS +++ /dev/null @@ -1,16 +0,0 @@ -approvers: -- prydonius -- tompizmor -- sameersbn -- carrodher -- javsalgar -- juan131 -- miguelaeh -reviewers: -- prydonius -- tompizmor -- sameersbn -- carrodher -- javsalgar -- juan131 -- miguelaeh diff --git a/solution-base/mongodb/charts/mongodb/README.md b/solution-base/mongodb/charts/mongodb/README.md deleted file mode 100644 index 60ae1c6a00..0000000000 --- a/solution-base/mongodb/charts/mongodb/README.md +++ /dev/null @@ -1,315 +0,0 @@ -# MongoDB - -[MongoDB](https://www.mongodb.com/) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster. - -## TL;DR; - -```bash -$ helm install stable/mongodb -``` - -## Introduction - -This chart bootstraps a [MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This chart has been tested to work with NGINX Ingress, cert-manager, fluentd and Prometheus on top of the [BKPR](https://kubeprod.io/). - -## Prerequisites - -- Kubernetes 1.12+ -- Helm 2.11+ or Helm 3.0-beta3+ -- PV provisioner support in the underlying infrastructure -- ReadWriteMany volumes for deployment scaling - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```bash -$ helm install --name my-release stable/mongodb -``` - -The command deploys MongoDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```bash -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Parameters - -The following table lists the configurable parameters of the MongoDB chart and their default values. - -| Parameter | Description | Default | -|----------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | -| `image.registry` | MongoDB image registry | `docker.io` | -| `image.repository` | MongoDB Image name | `bitnami/mongodb` | -| `image.tag` | MongoDB Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `nameOverride` | String to partially override mongodb.fullname template with a string (will prepend the release name) | `nil` | -| `fullnameOverride` | String to fully override mongodb.fullname template with a string | `nil` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `stretch` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | -| `volumePermissions.resources` | Init container resource requests/limit | `nil` | -| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | -| `usePassword` | Enable password authentication | `true` | -| `existingSecret` | Existing secret with MongoDB credentials | `nil` | -| `mongodbRootPassword` | MongoDB admin password | `random alphanumeric string (10)` | -| `mongodbUsername` | MongoDB custom user (mandatory if `mongodbDatabase` is set) | `nil` | -| `mongodbPassword` | MongoDB custom user password | `random alphanumeric string (10)` | -| `mongodbDatabase` | Database to create | `nil` | -| `mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB | `false` | -| `mongodbDirectoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB | `false` | -| `mongodbSystemLogVerbosity` | MongoDB system log verbosity level | `0` | -| `mongodbDisableSystemLog` | Whether to disable MongoDB system log or not | `false` | -| `mongodbExtraFlags` | MongoDB additional command line flags | `[]` | -| `service.name` | Kubernetes service name | `nil` | -| `service.annotations` | Kubernetes service annotations, evaluated as a template | `{}` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.clusterIP` | Static clusterIP or None for headless services | `nil` | -| `service.port` | MongoDB service port | `27017` | -| `service.nodePort` | Port to bind to for NodePort service type | `nil` | -| `service.loadBalancerIP` | Static IP Address to use for LoadBalancer service type | `nil` | -| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` | -| `service.loadBalancerSourceRanges` | List of IP ranges allowed access to load balancer (if supported) | `[]` (does not add IP range restrictions to the service) | -| `replicaSet.enabled` | Switch to enable/disable replica set configuration | `false` | -| `replicaSet.name` | Name of the replica set | `rs0` | -| `replicaSet.useHostnames` | Enable DNS hostnames in the replica set config | `true` | -| `replicaSet.key` | Key used for authentication in the replica set | `random alphanumeric string (10)` | -| `replicaSet.replicas.secondary` | Number of secondary nodes in the replica set | `1` | -| `replicaSet.replicas.arbiter` | Number of arbiter nodes in the replica set | `1` | -| `replicaSet.pdb.enabled` | Switch to enable/disable Pod Disruption Budget | `true` | -| `replicaSet.pdb.minAvailable.secondary` | PDB (min available) for the MongoDB Secondary nodes | `1` | -| `replicaSet.pdb.minAvailable.arbiter` | PDB (min available) for the MongoDB Arbiter nodes | `1` | -| `replicaSet.pdb.maxUnavailable.secondary` | PDB (max unavailable) for the MongoDB Secondary nodes | `nil` | -| `replicaSet.pdb.maxUnavailable.arbiter` | PDB (max unavailable) for the MongoDB Arbiter nodes | `nil` | -| `annotations` | Annotations to be added to the deployment or statefulsets | `{}` | -| `labels` | Additional labels for the deployment or statefulsets | `{}` | -| `podAnnotations` | Annotations to be added to pods | `{}` | -| `podLabels` | Additional labels for the pod(s). | `{}` | -| `resources` | Pod resources | `{}` | -| `resourcesArbiter` | Pod resources for arbiter when replica set is enabled | `{}` | -| `priorityClassName` | Pod priority class name | `` | -| `extraEnvVars` | Array containing extra env vars to be added to all pods in the cluster (evaluated as a template) | `nil` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `affinity` | Affinity for pod assignment | `{}` | -| `affinityArbiter` | Affinity for arbiter pod assignment | `{}` | -| `tolerations` | Toleration labels for pod assignment | `{}` | -| `updateStrategy` | Statefulsets update strategy policy | `RollingUpdate` | -| `securityContext.enabled` | Enable security context | `true` | -| `securityContext.fsGroup` | Group ID for the container | `1001` | -| `securityContext.runAsUser` | User ID for the container | `1001` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | -| `sidecars` | Add additional containers to pod | `[]` | -| `extraVolumes` | Add additional volumes to deployment | `[]` | -| `extraVolumeMounts` | Add additional volumes mounts to pod | `[]` | -| `sidecarsArbiter` | Add additional containers to arbiter pod | `[]` | -| `extraVolumesArbiter` | Add additional volumes to arbiter deployment | `[]` | -| `extraVolumeMountsArbiter` | Add additional volumes mounts to arbiter pod | `[]` | -| `persistence.enabled` | Use a PVC to persist data | `true` | -| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mongodb` | -| `persistence.subPath` | Subdirectory of the volume to mount at | `""` | -| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) | -| `persistence.accessModes` | Use volume as ReadOnly or ReadWrite | `[ReadWriteOnce]` | -| `persistence.size` | Size of data volume | `8Gi` | -| `persistence.annotations` | Persistent Volume annotations | `{}` | -| `persistence.existingClaim` | Name of an existing PVC to use (avoids creating one if this is given) | `nil` | -| `useStatefulSet` | Set to true to use StatefulSet instead of Deployment even when replicaSet.enalbed=false | `nil` | -| `extraInitContainers` | Additional init containers as a string to be passed to the `tpl` function | `{}` | -| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `5` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `initConfigMap.name` | Custom config map with init scripts | `nil` | -| `configmap` | MongoDB configuration file to be used | `nil` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.certManager` | Add annotations for cert-manager | `false` | -| `ingress.annotations` | Ingress annotations | `[]` | -| `ingress.hosts[0].name` | Hostname to your MongoDB installation | `mongodb.local` | -| `ingress.hosts[0].path` | Path within the url structure | `/` | -| `ingress.tls[0].hosts[0]` | TLS hosts | `mongodb.local` | -| `ingress.tls[0].secretName` | TLS Secret (certificates) | `mongodb.local-tls` | -| `ingress.secrets[0].name` | TLS Secret Name | `nil` | -| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | -| `ingress.secrets[0].key` | TLS Secret Key | `nil` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | MongoDB exporter image registry | `docker.io` | -| `metrics.image.repository` | MongoDB exporter image name | `bitnami/mongodb-exporter` | -| `metrics.image.tag` | MongoDB exporter image tag | `{TAG_NAME}` | -| `metrics.image.pullPolicy` | Image pull policy | `Always` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `metrics.podAnnotations.prometheus.io/scrape` | Additional annotations for Metrics exporter pod | `true` | -| `metrics.podAnnotations.prometheus.io/port` | Additional annotations for Metrics exporter pod | `"9216"` | -| `metrics.extraArgs` | String with extra arguments for the MongoDB Exporter | `` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` | -| `metrics.serviceMonitor.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` | -| `metrics.serviceMonitor.relabellings` | Specify Metric Relabellings to add to the scrape endpoint | `nil` | -| `metrics.serviceMonitor.alerting.rules` | Define individual alerting rules as required | `{}` | -| `metrics.serviceMonitor.alerting.additionalLabels` | Used to pass Labels that are required by the Installed Prometheus Operator | `{}` | -| `metrics.livenessProbe.enabled` | Enable/disable the Liveness Check of Prometheus metrics exporter | `false` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial Delay for Liveness Check of Prometheus metrics exporter | `15` | -| `metrics.livenessProbe.periodSeconds` | How often to perform Liveness Check of Prometheus metrics exporter | `5` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout for Liveness Check of Prometheus metrics exporter | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure Threshold for Liveness Check of Prometheus metrics exporter | `3` | -| `metrics.livenessProbe.successThreshold` | Success Threshold for Liveness Check of Prometheus metrics exporter | `1` | -| `metrics.readinessProbe.enabled` | Enable/disable the Readiness Check of Prometheus metrics exporter | `false` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial Delay for Readiness Check of Prometheus metrics exporter | `5` | -| `metrics.readinessProbe.periodSeconds` | How often to perform Readiness Check of Prometheus metrics exporter | `5` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout for Readiness Check of Prometheus metrics exporter | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure Threshold for Readiness Check of Prometheus metrics exporter | `3` | -| `metrics.readinessProbe.successThreshold` | Success Threshold for Readiness Check of Prometheus metrics exporter | `1` | - - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```bash -$ helm install --name my-release \ - --set mongodbRootPassword=secretpassword,mongodbUsername=my-user,mongodbPassword=my-password,mongodbDatabase=my-database \ - stable/mongodb -``` - -The above command sets the MongoDB `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```bash -$ helm install --name my-release -f values.yaml stable/mongodb -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) - -## Configuration and installation details - -### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Production configuration and horizontal scaling - -This chart includes a `values-production.yaml` file where you can find some parameters oriented to production configuration in comparison to the regular `values.yaml`. You can use this file instead of the default one. - -- Switch to enable/disable replica set configuration: -```diff -- replicaSet.enabled: false -+ replicaSet.enabled: true -``` - -- Start a side-car prometheus exporter: -```diff -- metrics.enabled: false -+ metrics.enabled: true -``` - -- Enable/disable the Liveness Check of Prometheus metrics exporter: -```diff -- metrics.livenessProbe.enabled: false -+ metrics.livenessProbe.enabled: true -``` - -- Enable/disable the Readiness Check of Prometheus metrics exporter: -```diff -- metrics.readinessProbe.enabled: false -+ metrics.readinessProbe.enabled: true -``` - -To horizontally scale this chart, you can use the `--replicas` flag to modify the number of secondary nodes in your MongoDB replica set. - -### Replication - -You can start the MongoDB chart in replica set mode with the following parameter: `replicaSet.enabled=true` - -Some characteristics of this chart are: - -- Each of the participants in the replication has a fixed stateful set so you always know where to find the primary, secondary or arbiter nodes. -- The number of secondary and arbiter nodes can be scaled out independently. -- Easy to move an application from using a standalone MongoDB server to use a replica set. - -### Initialize a fresh instance - -The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, they must be located inside the chart folder `files/docker-entrypoint-initdb.d` so they can be consumed as a ConfigMap. -Also you can create a custom config map and give it via `initConfigMap`(check options for more details). - -The allowed extensions are `.sh`, and `.js`. - -## Persistence - -The [Bitnami MongoDB](https://github.com/bitnami/bitnami-docker-mongodb) image stores the MongoDB data and configurations at the `/bitnami/mongodb` path of the container. - -The chart mounts a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) at this location. The volume is created using dynamic volume provisioning. - -### Adjust permissions of persistent volume mountpoint - -As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. - -By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. -As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. - -You can enable this initContainer by setting `volumePermissions.enabled` to `true`. - -## Upgrading - -### To 7.0.0 -From this version, the way of setting the ingress rules has changed. Instead of using `ingress.paths` and `ingress.hosts` as separate objects, you should now define the rules as objects inside the `ingress.hosts` value, for example: - -```yaml -ingress: - hosts: - - name: mongodb.local - path: / -``` - -### To 6.0.0 - -From this version, `mongodbEnableIPv6` is set to `false` by default in order to work properly in most k8s clusters, if you want to use IPv6 support, you need to set this variable to `true` by adding `--set mongodbEnableIPv6=true` to your `helm` command. -You can find more information in the [`bitnami/mongodb` image README](https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md). - -### To 5.0.0 - -When enabling replicaset configuration, backwards compatibility is not guaranteed unless you modify the labels used on the chart's statefulsets. -Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is `my-release`: - -```console -$ kubectl delete statefulset my-release-mongodb-arbiter my-release-mongodb-primary my-release-mongodb-secondary --cascade=false -``` - -## Configure Ingress -MongoDB can exposed externally using an Ingress controller. To do so, it's necessary to: - -- Install the MongoDB chart setting the parameter `ingress.enabled=true`. -- Create a ConfigMap to map the external port to use and the internal service/port where to redirect the requests (see https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/exposing-tcp-udp-services.md for more information). - -For instance, if you installed the MongoDB chart in the `default` namespace, you can install the [stable/nginx-ingress chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress) setting the "tcp" parameter in the **values.yaml** used to install the chart as shown below: - -```yaml -... - -tcp: - 27017: "default/mongodb:27017" -``` diff --git a/solution-base/mongodb/charts/mongodb/custom-values.yaml b/solution-base/mongodb/charts/mongodb/custom-values.yaml deleted file mode 100644 index 2ab41e3f7f..0000000000 --- a/solution-base/mongodb/charts/mongodb/custom-values.yaml +++ /dev/null @@ -1,514 +0,0 @@ -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets -## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass - -image: - ## Bitnami MongoDB registry - ## - registry: docker.io - ## Bitnami MongoDB image name - ## - repository: bitnami/mongodb - ## Bitnami MongoDB image tag - ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/ - ## - tag: 4.0.14-debian-9-r24 - ## Specify a imagePullPolicy - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - - ## Set to true if you would like to see extra information on logs - ## It turns on Bitnami debugging in minideb-extras-base - ## ref: https://github.com/bitnami/minideb-extras-base - debug: false - -## String to partially override mongodb.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override mongodb.fullname template -## -# fullnameOverride: - -# Add custom extra environment variables to all the MongoDB containers -# extraEnvVars: - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - enabled: false - image: - registry: docker.io - repository: bitnami/minideb - tag: stretch - pullPolicy: Always - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - resources: {} - -## Enable authentication -## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/ -# -usePassword: true -# existingSecret: name-of-existing-secret - -## MongoDB admin password -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run -## -# mongodbRootPassword: - -## MongoDB custom user and database -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run -## -# mongodbUsername: username -# mongodbPassword: password -# mongodbDatabase: database - -## Whether enable/disable IPv6 on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6 -## -mongodbEnableIPv6: false - -## Whether enable/disable DirectoryPerDB on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb -## -mongodbDirectoryPerDB: false - -## MongoDB System Log configuration -## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level -## -mongodbSystemLogVerbosity: 0 -mongodbDisableSystemLog: false - -## MongoDB additional command line flags -## -## Can be used to specify command line flags, for example: -## -## mongodbExtraFlags: -## - "--wiredTigerCacheSizeGB=2" -mongodbExtraFlags: [] - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - -## Kubernetes Cluster Domain -clusterDomain: cluster.local - -## Kubernetes service type -service: - ## Specify an explicit service name. - # name: svc-mongo - ## Provide any additional annotations which may be required. - ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - annotations: {} - type: ClusterIP - # clusterIP: None - port: 27017 - - ## Specify the nodePort value for the LoadBalancer and NodePort service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - # nodePort: - - ## Specify the externalIP value ClusterIP service type. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - # externalIPs: [] - - ## Specify the loadBalancerIP value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer - ## - # loadBalancerIP: - - ## Specify the loadBalancerSourceRanges value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - # loadBalancerSourceRanges: [] - -## Use StatefulSet instead of Deployment when deploying standalone -useStatefulSet: false - -## Setting up replication -## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication -# -replicaSet: - ## Whether to create a MongoDB replica set for high availability or not - enabled: true - useHostnames: true - - ## Name of the replica set - ## - name: rs0 - - ## Key used for replica set authentication - ## - # key: key - - ## Number of replicas per each node type - ## - replicas: - secondary: 1 - arbiter: 1 - - ## Pod Disruption Budget - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - pdb: - enabled: true - minAvailable: - secondary: 1 - arbiter: 1 - # maxUnavailable: - # secondary: 1 - # arbiter: 1 - -# Annotations to be added to the deployment or statefulsets -annotations: {} - -# Additional labels to apply to the deployment or statefulsets -labels: {} - -# Annotations to be added to MongoDB pods -podAnnotations: {} - -# Additional pod labels to apply -podLabels: {} - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} -# Define separate resources per arbiter, which are less then primary or secondary -# used only when replica set is enabled -resourcesArbiter: {} -# limits: -# cpu: 500m -# memory: 512Mi -# requests: -# cpu: 100m -# memory: 256Mi - -## Pod priority -## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -# priorityClassName: "" - -## Node selector -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -nodeSelector: {} - -## Affinity -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -affinity: {} -# Define separate affinity for arbiter pod -affinityArbiter: {} - -## Tolerations -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -tolerations: [] - -## Add sidecars to the pod -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecars: [] -## Array to add extra volumes -## -extraVolumes: [] -## Array to add extra mounts (normally used with extraVolumes) -## -extraVolumeMounts: [] - -## Add sidecars to the arbiter pod -# used only when replica set is enabled -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecarsArbiter: [] -## Array to add extra volumes to the arbiter -# used only when replica set is enabled -## -extraVolumesArbiter: [] -## Array to add extra mounts (normally used with extraVolumes) to the arbiter -# used only when replica set is enabled -## -extraVolumeMountsArbiter: [] - -## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies -updateStrategy: - type: RollingUpdate - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - ## - # existingClaim: - - ## The path the volume will be mounted at, useful when using different - ## MongoDB images. - ## - mountPath: /bitnami/mongodb - - ## The subdirectory of the volume to mount to, useful in dev environments - ## and one PV for multiple services. - ## - subPath: "" - - ## mongodb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessModes: - - ReadWriteOnce - size: 10Gi - annotations: {} - selector: - matchLabels: - app.kubernetes.io/name: mongodb - app.kubernetes.io/part-of: zenko - -## Configure the ingress resource that allows you to access the -## MongoDB installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## Set to true to enable ingress record generation - enabled: false - - ## Set this to true in order to add the corresponding annotations for cert-manager - certManager: false - - ## Ingress annotations done as key:value pairs - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - ## - ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set - annotations: - # kubernetes.io/ingress.class: nginx - - ## The list of hostnames to be covered with this ingress record. - ## Most likely this will be just one host, but in the event more hosts are needed, this is an array - hosts: - - name: mongodb.local - path: / - - ## The tls configuration for the ingress - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - tls: - - hosts: - - mongodb.local - secretName: mongodb.local-tls - - secrets: - ## If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - # - name: airflow.local-tls - # key: - # certificate: - -## Configure the options for init containers to be run before the main app containers -## are started. All init containers are run sequentially and must exit without errors -## for the next one to be started. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ -# extraInitContainers: | -# - name: do-something -# image: busybox -# command: ['do', 'something'] - -## Configure extra options for liveness and readiness probes -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 -readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - -# Define custom config map with init scripts -initConfigMap: {} -# name: "init-config-map" - -## Entries for the MongoDB config file. For documentation of all options, see: -## http://docs.mongodb.org/manual/reference/configuration-options/ -## -configmap: -# # where and how to store data. -# storage: -# dbPath: /bitnami/mongodb/data/db -# journal: -# enabled: true -# directoryPerDB: false -# # where to write logging data. -# systemLog: -# destination: file -# quiet: false -# logAppend: true -# logRotate: reopen -# path: /opt/bitnami/mongodb/logs/mongodb.log -# verbosity: 0 -# # network interfaces -# net: -# port: 27017 -# unixDomainSocket: -# enabled: true -# pathPrefix: /opt/bitnami/mongodb/tmp -# ipv6: false -# bindIpAll: true -# # replica set options -# #replication: -# #replSetName: replicaset -# #enableMajorityReadConcern: true -# # process management options -# processManagement: -# fork: false -# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid -# # set parameter options -# setParameter: -# enableLocalhostAuthBypass: true -# # security options -# security: -# authorization: disabled -# #keyFile: /opt/bitnami/mongodb/conf/keyfile - -## Prometheus Exporter / Metrics -## -metrics: - enabled: true - - image: - registry: docker.io - repository: bitnami/mongodb-exporter - tag: 0.34.0-debian-11-r24 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - - ## String with extra arguments to the metrics exporter - ## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go - ## - ## We use "--compatible-mode" flag to export old metric: "mongodb_mongod_replset_oplog_head_timestamp" - ## for mongoDB and backbeat dashboards. - extraArgs: "--collector.diagnosticdata --collector.replicasetstatus --collector.dbstats --collector.topmetrics --compatible-mode" - - ## Metrics exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - # resources: {} - - ## Metrics exporter liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - livenessProbe: - enabled: true - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - - ## Metrics exporter pod Annotation - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9216" - - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md - serviceMonitor: - ## If the operator is installed in your cluster, set to true to create a Service Monitor Entry - enabled: true - - ## Specify a namespace if needed - # namespace: monitoring - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: - metalk8s.scality.com/monitor: '' - - ## Specify Metric Relabellings to add to the scrape endpoint - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - # relabellings: - - alerting: - ## Define individual alerting rules as required - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup - ## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ - rules: {} - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} diff --git a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/README.md b/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/README.md deleted file mode 100644 index a9299905d0..0000000000 --- a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/README.md +++ /dev/null @@ -1,3 +0,0 @@ -You can copy here your custom .sh, or .js file so they are executed during the first boot of the image. - -More info in the [bitnami-docker-mongodb](https://github.com/bitnami/bitnami-docker-mongodb#initializing-a-new-instance) repository. \ No newline at end of file diff --git a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh b/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh deleted file mode 120000 index 61f367cb42..0000000000 --- a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh +++ /dev/null @@ -1 +0,0 @@ -../../../../scripts/create-app-user.sh \ No newline at end of file diff --git a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/set-default-write-concern-majority.sh b/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/set-default-write-concern-majority.sh deleted file mode 120000 index 9d7ca4a1ef..0000000000 --- a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/set-default-write-concern-majority.sh +++ /dev/null @@ -1 +0,0 @@ -../../../../scripts/set-default-write-concern-majority.sh \ No newline at end of file diff --git a/solution-base/mongodb/charts/mongodb/templates/NOTES.txt b/solution-base/mongodb/charts/mongodb/templates/NOTES.txt deleted file mode 100644 index 2de5d48b9f..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/NOTES.txt +++ /dev/null @@ -1,75 +0,0 @@ -{{- if contains .Values.service.type "LoadBalancer" }} -{{- if not .Values.mongodbRootPassword }} -------------------------------------------------------------------------------- - WARNING - - By specifying "service.type=LoadBalancer" and not specifying "mongodbRootPassword" - you have most likely exposed the MongoDB service externally without any - authentication mechanism. - - For security reasons, we strongly suggest that you switch to "ClusterIP" or - "NodePort". As alternative, you can also specify a valid password on the - "mongodbRootPassword" parameter. - -------------------------------------------------------------------------------- -{{- end }} -{{- end }} - -** Please be patient while the chart is being deployed ** - -MongoDB can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster: - - {{ template "mongodb.serviceName" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} - -{{ if .Values.usePassword -}} - -To get the root password run: - - export MONGODB_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-root-password}" | base64 --decode) - -{{- end }} -{{- if and .Values.mongodbUsername .Values.mongodbDatabase }} -{{- if .Values.mongodbPassword }} - -To get the password for "{{ .Values.mongodbUsername }}" run: - - export MONGODB_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }} -o jsonpath="{.data.mongodb-password}" | base64 --decode) - -{{- end }} -{{- end }} - -To connect to your database run the following command: - - kubectl run --namespace {{ .Release.Namespace }} {{ template "mongodb.fullname" . }}-client --rm --tty -i --restart='Never' --image bitnami/mongodb --command -- mongo admin --host {{ template "mongodb.serviceName" . }} {{- if .Values.usePassword }} --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD{{- end }} - -To connect to your database from outside the cluster execute the following commands: - -{{- if contains "NodePort" .Values.service.type }} - - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "mongodb.serviceName" . }}) - mongo --host $NODE_IP --port $NODE_PORT {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }} - -{{- else if contains "LoadBalancer" .Values.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "mongodb.serviceName" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mongodb.serviceName" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - mongo --host $SERVICE_IP --port {{ .Values.service.nodePort }} {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }} - -{{- else if contains "ClusterIP" .Values.service.type }} - - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "mongodb.serviceName" . }} {{ .Values.service.port }}:{{ .Values.service.port }} & - mongo --host 127.0.0.1 {{- if .Values.usePassword }} --authenticationDatabase admin -p $MONGODB_ROOT_PASSWORD{{- end }} - -{{- end }} - -{{- include "mongodb.validateValues" . -}} - -{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }} - -WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. -+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ - -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/_helpers.tpl b/solution-base/mongodb/charts/mongodb/templates/_helpers.tpl deleted file mode 100644 index fe6963a7e6..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/_helpers.tpl +++ /dev/null @@ -1,278 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "mongodb.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Renders a value that contains template. -Usage: -{{ include "mongodb.tplValue" ( dict "value" .Values.path.to.the.Value "context" $) }} -*/}} -{{- define "mongodb.tplValue" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "mongodb.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "mongodb.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name for the admin secret. -*/}} -{{- define "mongodb.adminSecret" -}} - {{- if .Values.auth.existingAdminSecret -}} - {{- .Values.auth.existingAdminSecret -}} - {{- else -}} - {{- template "mongodb.fullname" . -}}-admin - {{- end -}} -{{- end -}} - -{{/* -Create the name for the key secret. -*/}} -{{- define "mongodb.keySecret" -}} - {{- if .Values.auth.existingKeySecret -}} - {{- .Values.auth.existingKeySecret -}} - {{- else -}} - {{- template "mongodb.fullname" . -}}-keyfile - {{- end -}} -{{- end -}} - -{{/* -Return the proper MongoDB image name -*/}} -{{- define "mongodb.image" -}} -{{- $registryName := .Values.image.registry -}} -{{- $repositoryName := .Values.image.repository -}} -{{- $tag := .Values.image.tag | toString -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. -Also, we can't use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} - {{- if .Values.global.imageRegistry }} - {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} - {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} - {{- end -}} -{{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- end -}} -{{- end -}} - -{{/* -Return the proper image name (for the metrics image) -*/}} -{{- define "mongodb.metrics.image" -}} -{{- $registryName := .Values.metrics.image.registry -}} -{{- $repositoryName := .Values.metrics.image.repository -}} -{{- $tag := .Values.metrics.image.tag | toString -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. -Also, we can't use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} - {{- if .Values.global.imageRegistry }} - {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} - {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} - {{- end -}} -{{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- end -}} -{{- end -}} - - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "mongodb.imagePullSecrets" -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. -Also, we can not use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} -{{- if .Values.global.imagePullSecrets }} -imagePullSecrets: -{{- range .Values.global.imagePullSecrets }} - - name: {{ . }} -{{- end }} -{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }} -imagePullSecrets: -{{- range .Values.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.metrics.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.volumePermissions.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- end -}} -{{- else if or .Values.image.pullSecrets .Values.metrics.image.pullSecrets .Values.volumePermissions.image.pullSecrets }} -imagePullSecrets: -{{- range .Values.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.metrics.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- range .Values.volumePermissions.image.pullSecrets }} - - name: {{ . }} -{{- end }} -{{- end -}} -{{- end -}} - -{{/* -Return the proper image name (for the init container volume-permissions image) -*/}} -{{- define "mongodb.volumePermissions.image" -}} -{{- $registryName := .Values.volumePermissions.image.registry -}} -{{- $repositoryName := .Values.volumePermissions.image.repository -}} -{{- $tag := .Values.volumePermissions.image.tag | toString -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic. -Also, we can't use a single if because lazy evaluation is not an option -*/}} -{{- if .Values.global }} - {{- if .Values.global.imageRegistry }} - {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}} - {{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} - {{- end -}} -{{- else -}} - {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- end -}} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "mongodb.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "mongodb.validateValues.mongodbCustomDatabase" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* -Validate values of MongoDB - both mongodbUsername and mongodbDatabase are necessary -to create a custom user and database during 1st initialization -*/}} -{{- define "mongodb.validateValues.mongodbCustomDatabase" -}} -{{- if or (and .Values.mongodbUsername (not .Values.mongodbDatabase)) (and (not .Values.mongodbUsername) .Values.mongodbDatabase) }} -mongodb: mongodbUsername, mongodbDatabase - Both mongodbUsername and mongodbDatabase must be provided to create - a custom user and database during 1st initialization. - Please set both of them (--set mongodbUsername="xxxx",mongodbDatabase="yyyy") -{{- end -}} -{{- end -}} - -{{/* -Return the proper Storage Class -*/}} -{{- define "mongodb.storageClass" -}} -{{/* -Helm 2.11 supports the assignment of a value to a variable defined in a different scope, -but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. -*/}} -{{- if .Values.global -}} - {{- if .Values.global.storageClass -}} - {{- if (eq "-" .Values.global.storageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.global.storageClass -}} - {{- end -}} - {{- else -}} - {{- if .Values.persistence.storageClass -}} - {{- if (eq "-" .Values.persistence.storageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.persistence.storageClass -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- else -}} - {{- if .Values.persistence.storageClass -}} - {{- if (eq "-" .Values.persistence.storageClass) -}} - {{- printf "storageClassName: \"\"" -}} - {{- else }} - {{- printf "storageClassName: %s" .Values.persistence.storageClass -}} - {{- end -}} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Returns the proper Service name depending if an explicit service name is set -in the values file. If the name is not explicitly set it will take the "mongodb.fullname" -*/}} -{{- define "mongodb.serviceName" -}} - {{- if .Values.service.name -}} - {{ .Values.service.name }} - {{- else -}} - {{ template "mongodb.fullname" .}} - {{- end -}} -{{- end -}} - - -{{- define "mongodb.servicePort" -}} - {{- if .Values.service.port -}} - {{ .Values.service.port | toString }} - {{- else -}} - {{ 27017 | toString }} - {{- end -}} -{{- end -}} - -{{- define "mongodb.headlessServiceSuffix" -}} -{{ template "mongodb.fullname" .}}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ template "mongodb.servicePort" . }} -{{- end -}} - -{{/* -Create the default mongodb replicaset hosts string -*/}} -{{- define "mongodb.hosts" -}} -{{- $secondaryCount := (int (.Values.replicaSet.replicas.secondary)) -}} -{{- $arbiterCount := (int (.Values.replicaSet.replicas.arbiter)) -}} -{{- $suffix := include "mongodb.headlessServiceSuffix" . -}} -{{- $name := include "mongodb.fullname" . -}} -{{ $name }}-primary-0.{{ $suffix }} -{{- range $v := until $secondaryCount}},{{ $name }}-secondary-{{ $v }}.{{ $suffix }}{{- end -}} -{{- range $v := until $arbiterCount}},{{ $name }}-arbiter-{{ $v }}.{{ $suffix }}{{- end -}} -{{- end -}} diff --git a/solution-base/mongodb/charts/mongodb/templates/configmap.yaml b/solution-base/mongodb/charts/mongodb/templates/configmap.yaml deleted file mode 100644 index 66dc853866..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/configmap.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if .Values.configmap }} -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - name: {{ template "mongodb.fullname" . }} -data: - mongodb.conf: |- -{{ toYaml .Values.configmap | indent 4 }} -{{- end }} \ No newline at end of file diff --git a/solution-base/mongodb/charts/mongodb/templates/deployment-standalone.yaml b/solution-base/mongodb/charts/mongodb/templates/deployment-standalone.yaml deleted file mode 100644 index 78c9e1d704..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/deployment-standalone.yaml +++ /dev/null @@ -1,299 +0,0 @@ -{{- if not .Values.replicaSet.enabled }} -apiVersion: apps/v1 -kind: {{ if .Values.useStatefulSet }}{{ "StatefulSet" }}{{- else }}{{ "Deployment" }}{{- end }} -metadata: - name: {{ template "mongodb.fullname" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - {{- with .Values.labels }} -{{ toYaml . | indent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} -spec: - strategy: - type: {{ .Values.updateStrategy.type }} - {{- if (eq "Recreate" .Values.updateStrategy.type) }} - rollingUpdate: null - {{- end }} - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: "{{ .Release.Name }}" - template: - metadata: - labels: - app: {{ template "mongodb.name" . }} - release: "{{ .Release.Name }}" - chart: {{ template "mongodb.chart" . }} - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} - {{- end }} - {{- if or .Values.podAnnotations .Values.metrics.enabled }} - annotations: -{{- if .Values.podAnnotations }} -{{ toYaml .Values.podAnnotations | indent 8 }} -{{- end }} -{{- if .Values.metrics.enabled }} -{{ toYaml .Values.metrics.podAnnotations | indent 8 }} -{{- end }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - {{- end }} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end -}} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- end }} -{{- include "mongodb.imagePullSecrets" . | indent 6 }} - initContainers: - {{- if .Values.extraInitContainers }} -{{ tpl .Values.extraInitContainers . | indent 6}} - {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ template "mongodb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"] - securityContext: - runAsUser: 0 - resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }} - volumeMounts: - - name: data - mountPath: {{ .Values.persistence.mountPath }} - {{- end }} - containers: - - name: {{ template "mongodb.fullname" . }} - image: {{ template "mongodb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - env: - {{- if .Values.image.debug}} - - name: BITNAMI_DEBUG - value: "true" - {{- end }} - {{- if .Values.usePassword }} - {{- if and .Values.mongodbUsername .Values.mongodbDatabase }} - - name: MONGODB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-password - {{- end }} - - name: MONGODB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - {{- end }} - {{- if .Values.mongodbUsername }} - - name: MONGODB_USERNAME - value: {{ .Values.mongodbUsername | quote }} - {{- end }} - - name: MONGODB_SYSTEM_LOG_VERBOSITY - value: {{ .Values.mongodbSystemLogVerbosity | quote }} - - name: MONGODB_DISABLE_SYSTEM_LOG - {{- if .Values.mongodbDisableSystemLog }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - {{- if .Values.mongodbDatabase }} - - name: MONGODB_DATABASE - value: {{ .Values.mongodbDatabase | quote }} - {{- end }} - - name: MONGODB_ENABLE_IPV6 - {{- if .Values.mongodbEnableIPv6 }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_ENABLE_DIRECTORY_PER_DB - {{- if .Values.mongodbDirectoryPerDB }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - {{- if .Values.mongodbExtraFlags }} - - name: MONGODB_EXTRA_FLAGS - value: {{ .Values.mongodbExtraFlags | join " " | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 8 }} - {{- end }} - ports: - - name: mongodb - containerPort: 27017 - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - exec: - command: - - mongo - - --eval - - "db.adminCommand('ping')" - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - exec: - command: - - mongo - - --eval - - "db.adminCommand('ping')" - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - volumeMounts: - - name: data - mountPath: {{ .Values.persistence.mountPath }} - subPath: {{ .Values.persistence.subPath }} - {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d - {{- end }} - {{- if .Values.configmap }} - - name: config - mountPath: /opt/bitnami/mongodb/conf/mongodb.conf - subPath: mongodb.conf - {{- end }} - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 8}} - {{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} -{{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "mongodb.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - env: - {{- if .Values.usePassword }} - - name: MONGODB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ] - {{- else }} - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ] - {{- end }} - ports: - - name: metrics - containerPort: 9216 - {{- if .Values.metrics.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }} - {{- end }} - {{- if .Values.metrics.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }} - {{- end }} - resources: -{{ toYaml .Values.metrics.resources | indent 10 }} -{{- end }} -{{- if .Values.sidecars }} -{{ toYaml .Values.sidecars | indent 6 }} -{{- end }} - volumes: - {{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }} - - name: custom-init-scripts - configMap: - name: {{ template "mongodb.fullname" . }}-init-scripts - {{- end }} - {{- if (.Values.initConfigMap) }} - - name: custom-init-scripts - configMap: - name: {{ .Values.initConfigMap.name }} - {{- end }} - - name: data - {{- if not .Values.useStatefulSet }} - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - - {{- else }} - emptyDir: {} - {{- end -}} - {{- end -}} - {{- if .Values.configmap }} - - name: config - configMap: - name: {{ template "mongodb.fullname" . }} - {{- end }} - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 6}} - {{- end }} -{{- if .Values.useStatefulSet }} -{{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: data - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: "{{ $value }}" - {{- end }} - spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{ include "mongodb.storageClass" . }} -{{- else }} - - name: data - emptyDir: {} -{{- end }} -{{- end }} -{{- end -}} diff --git a/solution-base/mongodb/charts/mongodb/templates/ingress.yaml b/solution-base/mongodb/charts/mongodb/templates/ingress.yaml deleted file mode 100644 index 669c33b9e4..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/ingress.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "mongodb.fullname" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" - annotations: - {{- if .Values.ingress.certManager }} - kubernetes.io/tls-acme: "true" - {{- end }} - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -spec: - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .name }} - http: - paths: - - path: {{ default "/" .path }} - backend: - serviceName: {{ template "mongodb.serviceName" $ }} - servicePort: mongodb - {{- end }} - {{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} - {{- end }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/initialization-configmap.yaml b/solution-base/mongodb/charts/mongodb/templates/initialization-configmap.yaml deleted file mode 100644 index 02da7dfbed..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/initialization-configmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "mongodb.fullname" . }}-init-scripts - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: {{ .Release.Name | quote }} - heritage: {{ .Release.Service | quote }} -data: -{{ tpl (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]").AsConfig . | indent 2 }} -{{ end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-arbiter-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-arbiter-rs.yaml deleted file mode 100644 index 85f0c65720..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-arbiter-rs.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if and (and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled) (gt .Values.replicaSet.replicas.arbiter 0) }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - name: {{ template "mongodb.fullname" . }}-arbiter -spec: - {{- if .Values.replicaSet.pdb.minAvailable }} - {{- if .Values.replicaSet.pdb.minAvailable.arbiter }} - minAvailable: {{ .Values.replicaSet.pdb.minAvailable.arbiter }} - {{- end }} - {{- end }} - {{- if .Values.replicaSet.pdb.maxUnavailable }} - {{- if .Values.replicaSet.pdb.maxUnavailable.arbiter }} - maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.arbiter }} - {{- end }} - {{- end }} - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} - component: arbiter -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-secondary-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-secondary-rs.yaml deleted file mode 100644 index 91be500fa1..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/poddisruptionbudget-secondary-rs.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if and (and .Values.replicaSet.enabled .Values.replicaSet.pdb.enabled) (gt .Values.replicaSet.replicas.secondary 0) }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - name: {{ template "mongodb.fullname" . }}-secondary -spec: - {{- if .Values.replicaSet.pdb.minAvailable }} - {{- if .Values.replicaSet.pdb.minAvailable.secondary }} - minAvailable: {{ .Values.replicaSet.pdb.minAvailable.secondary }} - {{- end }} - {{- end }} - {{- if .Values.replicaSet.pdb.maxUnavailable }} - {{- if .Values.replicaSet.pdb.maxUnavailable.secondary }} - maxUnavailable: {{ .Values.replicaSet.pdb.maxUnavailable.secondary }} - {{- end }} - {{- end }} - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} - component: secondary -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/prometheus-alerting-rule.yaml b/solution-base/mongodb/charts/mongodb/templates/prometheus-alerting-rule.yaml deleted file mode 100644 index e6d4d4c688..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/prometheus-alerting-rule.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled .Values.metrics.serviceMonitor.alerting.rules }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ template "mongodb.fullname" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - {{- if .Values.metrics.serviceMonitor.alerting.additionalLabels }} -{{ toYaml .Values.metrics.serviceMonitor.alerting.additionalLabels | indent 4 }} - {{- end }} -spec: - groups: -{{ toYaml .Values.metrics.serviceMonitor.alerting.rules | indent 4 }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/prometheus-service-monitor.yaml b/solution-base/mongodb/charts/mongodb/templates/prometheus-service-monitor.yaml deleted file mode 100644 index 8900b344f0..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/prometheus-service-monitor.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "mongodb.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- end }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} -{{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} -spec: - endpoints: - - interval: 30s - port: metrics - {{- if .Values.metrics.serviceMonitor.relabellings }} - metricRelabelings: -{{ toYaml .Values.metrics.serviceMonitor.relabellings | indent 4 }} - {{- end }} - jobLabel: {{ template "mongodb.fullname" . }} - namespaceSelector: - matchNames: - - "{{ $.Release.Namespace }}" - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/pvc-standalone.yaml b/solution-base/mongodb/charts/mongodb/templates/pvc-standalone.yaml deleted file mode 100644 index f4e114d71a..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/pvc-standalone.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (not .Values.replicaSet.enabled) (not .Values.useStatefulSet) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - name: {{ template "mongodb.fullname" . }} -spec: - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{ include "mongodb.storageClass" . }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/secrets.yaml b/solution-base/mongodb/charts/mongodb/templates/secrets.yaml deleted file mode 100644 index bf644cba9e..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/secrets.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{ if and .Values.usePassword (not .Values.existingSecret) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "mongodb.fullname" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -type: Opaque -data: - {{- if .Values.mongodbRootPassword }} - mongodb-root-password: {{ .Values.mongodbRootPassword | b64enc | quote }} - {{- else }} - mongodb-root-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- if and .Values.mongodbUsername .Values.mongodbDatabase }} - {{- if .Values.mongodbPassword }} - mongodb-password: {{ .Values.mongodbPassword | b64enc | quote }} - {{- else }} - mongodb-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} - {{- if .Values.replicaSet.enabled }} - {{- if .Values.replicaSet.key }} - mongodb-replica-set-key: {{ .Values.replicaSet.key | b64enc | quote }} - {{- else }} - mongodb-replica-set-key: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- end }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/statefulset-arbiter-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/statefulset-arbiter-rs.yaml deleted file mode 100644 index a131b49a40..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/statefulset-arbiter-rs.yaml +++ /dev/null @@ -1,187 +0,0 @@ -{{- if and .Values.replicaSet.enabled (gt .Values.replicaSet.replicas.arbiter 0) }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "mongodb.fullname" . }}-arbiter - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - {{- with .Values.labels }} -{{ toYaml . | indent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} -spec: - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} - component: arbiter - serviceName: {{ template "mongodb.fullname" . }}-headless - replicas: {{ .Values.replicaSet.replicas.arbiter }} - updateStrategy: - type: {{ .Values.updateStrategy.type }} - {{- if (eq "Recreate" .Values.updateStrategy.type) }} - rollingUpdate: null - {{- end }} - template: - metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: {{ .Release.Name }} - component: arbiter - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} - {{- end }} - {{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - {{- end }} - {{- if .Values.affinityArbiter }} - affinity: -{{ toYaml .Values.affinityArbiter | indent 8 }} - {{- end -}} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- end }} -{{- include "mongodb.imagePullSecrets" . | indent 6 }} - {{- if .Values.extraInitContainers }} - initContainers: -{{ tpl .Values.extraInitContainers . | indent 6}} - {{- end }} - containers: - - name: {{ template "mongodb.name" . }}-arbiter - image: {{ template "mongodb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - ports: - - containerPort: {{ .Values.service.port }} - name: mongodb - env: - {{- if .Values.image.debug}} - - name: BITNAMI_DEBUG - value: "true" - {{- end }} - - name: MONGODB_SYSTEM_LOG_VERBOSITY - value: {{ .Values.mongodbSystemLogVerbosity | quote }} - - name: MONGODB_DISABLE_SYSTEM_LOG - {{- if .Values.mongodbDisableSystemLog }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: MONGODB_REPLICA_SET_MODE - value: "arbiter" - - name: MONGODB_PRIMARY_HOST - value: {{ template "mongodb.fullname" . }} - - name: MONGODB_REPLICA_SET_NAME - value: {{ .Values.replicaSet.name | quote }} - {{- if .Values.replicaSet.useHostnames }} - - name: MONGODB_ADVERTISED_HOSTNAME - value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - {{- end }} - {{- if .Values.usePassword }} - - name: MONGODB_PRIMARY_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - - name: MONGODB_REPLICA_SET_KEY - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-replica-set-key - {{- end }} - - name: MONGODB_ENABLE_IPV6 - {{- if .Values.mongodbEnableIPv6 }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_ENABLE_DIRECTORY_PER_DB - {{- if .Values.mongodbDirectoryPerDB }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - {{- if .Values.mongodbExtraFlags }} - - name: MONGODB_EXTRA_FLAGS - value: {{ .Values.mongodbExtraFlags | join " " | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - tcpSocket: - port: mongodb - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - tcpSocket: - port: mongodb - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - volumeMounts: - {{- if .Values.configmap }} - - name: config - mountPath: /opt/bitnami/mongodb/conf/mongodb.conf - subPath: mongodb.conf - {{- end }} - resources: -{{ toYaml .Values.resourcesArbiter | indent 12 }} -{{- if .Values.extraVolumeMountsArbiter }} - volumeMounts: -{{ toYaml .Values.extraVolumeMountsArbiter | indent 12}} -{{- end }} -{{- if .Values.sidecarsArbiter }} -{{ toYaml .Values.sidecarsArbiter | indent 8 }} -{{- end }} - volumes: - {{- if .Values.configmap }} - - name: config - configMap: - name: {{ template "mongodb.fullname" . }} - {{- end }} - {{- if .Values.extraVolumesArbiter }} -{{ toYaml .Values.extraVolumesArbiter | indent 8 }} - {{- end }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/statefulset-primary-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/statefulset-primary-rs.yaml deleted file mode 100644 index cd42a8a71f..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/statefulset-primary-rs.yaml +++ /dev/null @@ -1,313 +0,0 @@ -{{- if .Values.replicaSet.enabled }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "mongodb.fullname" . }}-primary - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - {{- with .Values.labels }} -{{ toYaml . | indent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} -spec: - serviceName: {{ template "mongodb.fullname" . }}-headless - replicas: 1 - updateStrategy: - type: {{ .Values.updateStrategy.type }} - {{- if (eq "Recreate" .Values.updateStrategy.type) }} - rollingUpdate: null - {{- end }} - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} - component: primary - template: - metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: {{ .Release.Name }} - component: primary - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} - {{- end }} - {{- if or .Values.podAnnotations .Values.metrics.enabled }} - annotations: -{{- if .Values.podAnnotations }} -{{ toYaml .Values.podAnnotations | indent 8 }} -{{- end }} -{{- if .Values.metrics.enabled }} -{{ toYaml .Values.metrics.podAnnotations | indent 8 }} -{{- end }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - {{- end }} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end -}} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- end }} -{{- include "mongodb.imagePullSecrets" . | indent 6 }} - initContainers: - {{- if .Values.extraInitContainers }} -{{ tpl .Values.extraInitContainers . | indent 6}} - {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ template "mongodb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"] - securityContext: - runAsUser: 0 - resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }} - volumeMounts: - - name: datadir - mountPath: {{ .Values.persistence.mountPath }} - {{- end }} - containers: - - name: {{ template "mongodb.name" . }}-primary - image: {{ template "mongodb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - ports: - - containerPort: {{ .Values.service.port }} - name: mongodb - env: - {{- if .Values.image.debug}} - - name: BITNAMI_DEBUG - value: "true" - {{- end }} - - name: MONGODB_SYSTEM_LOG_VERBOSITY - value: {{ .Values.mongodbSystemLogVerbosity | quote }} - - name: MONGODB_DISABLE_SYSTEM_LOG - {{- if .Values.mongodbDisableSystemLog }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: MONGODB_REPLICA_SET_MODE - value: "primary" - - name: MONGODB_REPLICA_SET_NAME - value: {{ .Values.replicaSet.name | quote }} - {{- if .Values.replicaSet.useHostnames }} - - name: MONGODB_HOSTS - value: {{ template "mongodb.hosts". }} - - name: MONGODB_ADVERTISED_HOSTNAME - value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - {{- end }} - {{- if .Values.usePassword }} - - name: MONGODB_APP_USERNAME - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-username - - name: MONGODB_APP_DATABASE - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-database - - name: MONGODB_APP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-password - - name: MONGODB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - - name: MONGODB_REPLICA_SET_KEY - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-replica-set-key - {{- end }} - - name: MONGODB_ENABLE_IPV6 - {{- if .Values.mongodbEnableIPv6 }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_ENABLE_DIRECTORY_PER_DB - {{- if .Values.mongodbDirectoryPerDB }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - {{- if .Values.mongodbExtraFlags }} - - name: MONGODB_EXTRA_FLAGS - value: {{ .Values.mongodbExtraFlags | join " " | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - exec: - command: - - pgrep - - mongod - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - exec: - command: - - mongo - - --eval - - "db.adminCommand('ping')" - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - volumeMounts: - - name: datadir - mountPath: {{ .Values.persistence.mountPath }} - subPath: {{ .Values.persistence.subPath }} - {{- if or (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") (.Values.initConfigMap) }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d - {{- end }} - {{- if .Values.configmap }} - - name: config - mountPath: /opt/bitnami/mongodb/conf/mongodb.conf - subPath: mongodb.conf - {{- end }} - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 12}} - {{- end }} - resources: -{{ toYaml .Values.resources | indent 12 }} -{{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "mongodb.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - env: - {{- if .Values.usePassword }} - - name: MONGODB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ] - {{- else }} - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ] - {{- end }} - ports: - - name: metrics - containerPort: 9216 - {{- if .Values.metrics.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }} - {{- end }} - {{- if .Values.metrics.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }} - {{- end }} - resources: -{{ toYaml .Values.metrics.resources | indent 12 }} -{{- end }} -{{- if .Values.sidecars }} -{{ toYaml .Values.sidecars | indent 8 }} -{{- end }} - volumes: - {{- if (.Files.Glob "files/docker-entrypoint-initdb.d/*[sh|js|json]") }} - - name: custom-init-scripts - configMap: - name: {{ template "mongodb.fullname" . }}-init-scripts - {{- end }} - {{- if (.Values.initConfigMap) }} - - name: custom-init-scripts - configMap: - name: {{ .Values.initConfigMap.name }} - {{- end }} - {{- if .Values.configmap }} - - name: config - configMap: - name: {{ template "mongodb.fullname" . }} - {{- end }} - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 8}} - {{- end }} -{{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: datadir - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: "{{ $value }}" - {{- end }} - spec: - {{- if .Values.persistence.selector }} - selector: -{{ toYaml .Values.persistence.selector | indent 10 }} - {{- end }} - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{ include "mongodb.storageClass" . }} -{{- else }} - - name: datadir - emptyDir: {} -{{- end }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/statefulset-secondary-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/statefulset-secondary-rs.yaml deleted file mode 100644 index 51cb6f5046..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/statefulset-secondary-rs.yaml +++ /dev/null @@ -1,285 +0,0 @@ -{{- if and .Values.replicaSet.enabled (gt .Values.replicaSet.replicas.secondary 0) }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "mongodb.fullname" . }}-secondary - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - heritage: {{ .Release.Service }} - release: {{ .Release.Name }} - {{- with .Values.labels }} -{{ toYaml . | indent 4 }} - {{- end }} - {{- with .Values.annotations }} - annotations: -{{ toYaml . | indent 4 }} - {{- end }} -spec: - selector: - matchLabels: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} - component: secondary - podManagementPolicy: "Parallel" - serviceName: {{ template "mongodb.fullname" . }}-headless - replicas: {{ .Values.replicaSet.replicas.secondary }} - updateStrategy: - type: {{ .Values.updateStrategy.type }} - {{- if (eq "Recreate" .Values.updateStrategy.type) }} - rollingUpdate: null - {{- end }} - template: - metadata: - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: {{ .Release.Name }} - component: secondary - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} - {{- end }} - {{- if or .Values.podAnnotations .Values.metrics.enabled }} - annotations: -{{- if .Values.podAnnotations }} -{{ toYaml .Values.podAnnotations | indent 8 }} -{{- end }} -{{- if .Values.metrics.enabled }} -{{ toYaml .Values.metrics.podAnnotations | indent 8 }} -{{- end }} - {{- end }} - spec: - {{- if .Values.schedulerName }} - schedulerName: "{{ .Values.schedulerName }}" - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- if .Values.securityContext.enabled }} - securityContext: - fsGroup: {{ .Values.securityContext.fsGroup }} - {{- end }} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 8 }} - {{- end -}} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: -{{ toYaml .Values.tolerations | indent 8 }} - {{- end }} -{{- include "mongodb.imagePullSecrets" . | indent 6 }} - initContainers: - {{- if .Values.extraInitContainers }} -{{ tpl .Values.extraInitContainers . | indent 6}} - {{- end }} - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ template "mongodb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.persistence.mountPath }}"] - securityContext: - runAsUser: 0 - resources: {{ toYaml .Values.volumePermissions.resources | nindent 10 }} - volumeMounts: - - name: datadir - mountPath: {{ .Values.persistence.mountPath }} - {{- end }} - containers: - - name: {{ template "mongodb.name" . }}-secondary - image: {{ template "mongodb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - ports: - - containerPort: {{ .Values.service.port }} - name: mongodb - env: - {{- if .Values.image.debug}} - - name: BITNAMI_DEBUG - value: "true" - {{- end }} - - name: MONGODB_SYSTEM_LOG_VERBOSITY - value: {{ .Values.mongodbSystemLogVerbosity | quote }} - - name: MONGODB_DISABLE_SYSTEM_LOG - {{- if .Values.mongodbDisableSystemLog }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: MONGODB_REPLICA_SET_MODE - value: "secondary" - - name: MONGODB_PRIMARY_HOST - value: {{ template "mongodb.fullname" . }} - - name: MONGODB_REPLICA_SET_NAME - value: {{ .Values.replicaSet.name | quote }} - {{- if .Values.replicaSet.useHostnames }} - - name: MONGODB_ADVERTISED_HOSTNAME - value: "$(MONGODB_POD_NAME).{{ template "mongodb.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - {{- end }} - {{- if .Values.usePassword }} - - name: MONGODB_PRIMARY_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - - name: MONGODB_REPLICA_SET_KEY - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-replica-set-key - {{- end }} - - name: MONGODB_ENABLE_IPV6 - {{- if .Values.mongodbEnableIPv6 }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - - name: MONGODB_ENABLE_DIRECTORY_PER_DB - {{- if .Values.mongodbDirectoryPerDB }} - value: "yes" - {{- else }} - value: "no" - {{- end }} - {{- if .Values.mongodbExtraFlags }} - - name: MONGODB_EXTRA_FLAGS - value: {{ .Values.mongodbExtraFlags | join " " | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "mongodb.tplValue" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - exec: - command: - - pgrep - - mongod - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - exec: - command: - - mongo - - --eval - - "db.adminCommand('ping')" - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - volumeMounts: - - name: datadir - mountPath: {{ .Values.persistence.mountPath }} - subPath: {{ .Values.persistence.subPath }} - {{- if .Values.configmap }} - - name: config - mountPath: /opt/bitnami/mongodb/conf/mongodb.conf - subPath: mongodb.conf - {{- end }} - {{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 12}} - {{- end }} - resources: -{{ toYaml .Values.resources | indent 12 }} -{{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "mongodb.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.securityContext.enabled }} - securityContext: - runAsNonRoot: true - runAsUser: {{ .Values.securityContext.runAsUser }} - {{- end }} - env: - {{- if .Values.usePassword }} - - name: MONGODB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ if .Values.existingSecret }}{{ .Values.existingSecret }}{{- else }}{{ template "mongodb.fullname" . }}{{- end }} - key: mongodb-root-password - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://root:${MONGODB_ROOT_PASSWORD}@localhost:{{ .Values.service.port }}/admin {{ .Values.metrics.extraArgs }}' ] - {{- else }} - command: [ 'sh', '-c', '/bin/mongodb_exporter --mongodb.uri mongodb://localhost:{{ .Values.service.port }} {{ .Values.metrics.extraArgs }}' ] - {{- end }} - ports: - - name: metrics - containerPort: 9216 - {{- if .Values.metrics.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }} - {{- end }} - {{- if .Values.metrics.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: {{ .Values.metrics.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.metrics.readinessProbe.timeoutSeconds }} - failureThreshold: {{ .Values.metrics.readinessProbe.failureThreshold }} - successThreshold: {{ .Values.metrics.readinessProbe.successThreshold }} - {{- end }} - resources: -{{ toYaml .Values.metrics.resources | indent 12 }} -{{- end }} -{{- if .Values.sidecars }} -{{ toYaml .Values.sidecars | indent 8 }} -{{- end }} - volumes: - {{- if .Values.configmap }} - - name: config - configMap: - name: {{ template "mongodb.fullname" . }} - {{- end }} - {{- if .Values.extraVolumes }} -{{ toYaml .Values.extraVolumes | indent 8}} - {{- end }} -{{- if .Values.persistence.enabled }} - volumeClaimTemplates: - - metadata: - name: datadir - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: "{{ $value }}" - {{- end }} - spec: - {{- if .Values.persistence.selector }} - selector: -{{ toYaml .Values.persistence.selector | indent 10 }} - {{- end }} - accessModes: - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{ include "mongodb.storageClass" . }} -{{- else }} - - name: datadir - emptyDir: {} -{{- end }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/svc-headless-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/svc-headless-rs.yaml deleted file mode 100644 index 92f1141ba7..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/svc-headless-rs.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.replicaSet.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "mongodb.fullname" . }}-headless - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- with .Values.service.annotations }} - annotations: {{ tpl (toYaml .) $ | nindent 4 }} -{{- end }} -spec: - type: ClusterIP - clusterIP: None - ports: - - name: mongodb - port: {{ .Values.service.port }} - selector: - app: {{ template "mongodb.name" . }} - release: {{ .Release.Name }} -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/svc-primary-rs.yaml b/solution-base/mongodb/charts/mongodb/templates/svc-primary-rs.yaml deleted file mode 100644 index 78150684b5..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/svc-primary-rs.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if .Values.replicaSet.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "mongodb.serviceName" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- with .Values.service.annotations }} - annotations: {{ tpl (toYaml .) $ | nindent 4 }} -{{- end }} -spec: - type: {{ .Values.service.type }} - {{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} - clusterIP: {{ .Values.service.clusterIP }} - {{- end }} - {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} - {{- end }} - {{- if .Values.service.externalIPs }} - externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }} - {{- end }} - {{- if .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - ports: - - name: mongodb - port: {{ .Values.service.port }} - targetPort: mongodb -{{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} -{{- end }} -{{- if .Values.metrics.enabled }} - - name: metrics - port: 9216 - targetPort: metrics -{{- end }} - selector: - app: {{ template "mongodb.name" . }} - release: "{{ .Release.Name }}" - component: primary -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/templates/svc-standalone.yaml b/solution-base/mongodb/charts/mongodb/templates/svc-standalone.yaml deleted file mode 100644 index 0695c7323d..0000000000 --- a/solution-base/mongodb/charts/mongodb/templates/svc-standalone.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- if not .Values.replicaSet.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "mongodb.serviceName" . }} - labels: - app: {{ template "mongodb.name" . }} - chart: {{ template "mongodb.chart" . }} - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -{{- with .Values.service.annotations }} - annotations: {{ tpl (toYaml .) $ | nindent 4 }} -{{- end }} -spec: - type: {{ .Values.service.type }} - {{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} - clusterIP: {{ .Values.service.clusterIP }} - {{- end }} - {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} - {{- end }} - {{- if .Values.service.externalIPs }} - externalIPs: {{ toYaml .Values.service.externalIPs | nindent 4 }} - {{- end }} - {{- if .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - ports: - - name: mongodb - port: {{ .Values.service.port }} - targetPort: mongodb -{{- if .Values.service.nodePort }} - nodePort: {{ .Values.service.nodePort }} -{{- end }} -{{- if .Values.metrics.enabled }} - - name: metrics - port: 9216 - targetPort: metrics -{{- end }} - selector: - app: {{ template "mongodb.name" . }} - release: "{{ .Release.Name }}" -{{- end }} diff --git a/solution-base/mongodb/charts/mongodb/values-production.yaml b/solution-base/mongodb/charts/mongodb/values-production.yaml deleted file mode 100644 index da5d3dc7df..0000000000 --- a/solution-base/mongodb/charts/mongodb/values-production.yaml +++ /dev/null @@ -1,509 +0,0 @@ -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets -## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass - -image: - ## Bitnami MongoDB registry - ## - registry: docker.io - ## Bitnami MongoDB image name - ## - repository: bitnami/mongodb - ## Bitnami MongoDB image tag - ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/ - ## - tag: 4.0.14-debian-9-r24 - ## Specify a imagePullPolicy - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - - ## Set to true if you would like to see extra information on logs - ## It turns on Bitnami debugging in minideb-extras-base - ## ref: https://github.com/bitnami/minideb-extras-base - debug: false - -## String to partially override mongodb.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override mongodb.fullname template -## -# fullnameOverride: - -# Add custom extra environment variables to all the MongoDB containers -# extraEnvVars: - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - enabled: false - image: - registry: docker.io - repository: bitnami/minideb - tag: stretch - pullPolicy: Always - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - resources: {} - -## Enable authentication -## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/ -# -usePassword: true -# existingSecret: name-of-existing-secret - -## MongoDB admin password -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run -## -# mongodbRootPassword: - -## MongoDB custom user and database -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run -## -# mongodbUsername: username -# mongodbPassword: password -# mongodbDatabase: database - -## Whether enable/disable IPv6 on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6 -## -mongodbEnableIPv6: false - -## Whether enable/disable DirectoryPerDB on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb -## -mongodbDirectoryPerDB: false - -## MongoDB System Log configuration -## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level -## -mongodbSystemLogVerbosity: 0 -mongodbDisableSystemLog: false - -## MongoDB additional command line flags -## -## Can be used to specify command line flags, for example: -## -## mongodbExtraFlags: -## - "--wiredTigerCacheSizeGB=2" -mongodbExtraFlags: [] - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - -## Kubernetes Cluster Domain -clusterDomain: cluster.local - -## Kubernetes service type -service: - ## Specify an explicit service name. - # name: svc-mongo - ## Provide any additional annotations which may be required. - ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - annotations: {} - type: ClusterIP - # clusterIP: None - port: 27017 - - ## Specify the nodePort value for the LoadBalancer and NodePort service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - # nodePort: - - ## Specify the externalIP value ClusterIP service type. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - # externalIPs: [] - - ## Specify the loadBalancerIP value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer - ## - # loadBalancerIP: - - ## Specify the loadBalancerSourceRanges value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - # loadBalancerSourceRanges: [] - -## Use StatefulSet instead of Deployment when deploying standalone -useStatefulSet: false - -## Setting up replication -## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication -# -replicaSet: - ## Whether to create a MongoDB replica set for high availability or not - enabled: true - useHostnames: true - - ## Name of the replica set - ## - name: rs0 - - ## Key used for replica set authentication - ## - # key: key - - ## Number of replicas per each node type - ## - replicas: - secondary: 1 - arbiter: 1 - - ## Pod Disruption Budget - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - pdb: - enabled: true - minAvailable: - secondary: 1 - arbiter: 1 - # maxUnavailable: - # secondary: 1 - # arbiter: 1 - -# Annotations to be added to the deployment or statefulsets -annotations: {} - -# Additional labels to apply to the deployment or statefulsets -labels: {} - -# Annotations to be added to MongoDB pods -podAnnotations: {} - -# Additional pod labels to apply -podLabels: {} - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} -# Define separate resources per arbiter, which are less then primary or secondary -# used only when replica set is enabled -resourcesArbiter: {} -# limits: -# cpu: 500m -# memory: 512Mi -# requests: -# cpu: 100m -# memory: 256Mi - -## Pod priority -## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -# priorityClassName: "" - -## Node selector -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -nodeSelector: {} - -## Affinity -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -affinity: {} -# Define separate affinity for arbiter pod -affinityArbiter: {} - -## Tolerations -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -tolerations: [] - -## Add sidecars to the pod -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecars: [] -## Array to add extra volumes -## -extraVolumes: [] -## Array to add extra mounts (normally used with extraVolumes) -## -extraVolumeMounts: [] - -## Add sidecars to the arbiter pod -# used only when replica set is enabled -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecarsArbiter: [] -## Array to add extra volumes to the arbiter -# used only when replica set is enabled -## -extraVolumesArbiter: [] -## Array to add extra mounts (normally used with extraVolumes) to the arbiter -# used only when replica set is enabled -## -extraVolumeMountsArbiter: [] - -## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies -updateStrategy: - type: RollingUpdate - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - ## - # existingClaim: - - ## The path the volume will be mounted at, useful when using different - ## MongoDB images. - ## - mountPath: /bitnami/mongodb - - ## The subdirectory of the volume to mount to, useful in dev environments - ## and one PV for multiple services. - ## - subPath: "" - - ## mongodb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessModes: - - ReadWriteOnce - size: 8Gi - annotations: {} - -## Configure the ingress resource that allows you to access the -## MongoDB installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## Set to true to enable ingress record generation - enabled: false - - ## Set this to true in order to add the corresponding annotations for cert-manager - certManager: false - - ## Ingress annotations done as key:value pairs - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - ## - ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set - annotations: - # kubernetes.io/ingress.class: nginx - - ## The list of hostnames to be covered with this ingress record. - ## Most likely this will be just one host, but in the event more hosts are needed, this is an array - hosts: - - name: mongodb.local - path: / - - ## The tls configuration for the ingress - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - tls: - - hosts: - - mongodb.local - secretName: mongodb.local-tls - - secrets: - ## If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - # - name: airflow.local-tls - # key: - # certificate: - -## Configure the options for init containers to be run before the main app containers -## are started. All init containers are run sequentially and must exit without errors -## for the next one to be started. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ -# extraInitContainers: | -# - name: do-something -# image: busybox -# command: ['do', 'something'] - -## Configure extra options for liveness and readiness probes -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 -readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - -# Define custom config map with init scripts -initConfigMap: {} -# name: "init-config-map" - -## Entries for the MongoDB config file. For documentation of all options, see: -## http://docs.mongodb.org/manual/reference/configuration-options/ -## -configmap: -# # where and how to store data. -# storage: -# dbPath: /bitnami/mongodb/data/db -# journal: -# enabled: true -# directoryPerDB: false -# # where to write logging data. -# systemLog: -# destination: file -# quiet: false -# logAppend: true -# logRotate: reopen -# path: /opt/bitnami/mongodb/logs/mongodb.log -# verbosity: 0 -# # network interfaces -# net: -# port: 27017 -# unixDomainSocket: -# enabled: true -# pathPrefix: /opt/bitnami/mongodb/tmp -# ipv6: false -# bindIpAll: true -# # replica set options -# #replication: -# #replSetName: replicaset -# #enableMajorityReadConcern: true -# # process management options -# processManagement: -# fork: false -# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid -# # set parameter options -# setParameter: -# enableLocalhostAuthBypass: true -# # security options -# security: -# authorization: disabled -# #keyFile: /opt/bitnami/mongodb/conf/keyfile - -## Prometheus Exporter / Metrics -## -metrics: - enabled: true - - image: - registry: docker.io - repository: bitnami/mongodb-exporter - tag: 0.34.0-debian-11-r24 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - - ## String with extra arguments to the metrics exporter - ## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go - ## - ## We use "--compatible-mode" flag to export old metric: "mongodb_mongod_replset_oplog_head_timestamp" - ## for mongoDB and backbeat dashboards. - extraArgs: "--collector.diagnosticdata --collector.replicasetstatus --collector.dbstats --collector.topmetrics --compatible-mode" - - ## Metrics exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - # resources: {} - - ## Metrics exporter liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - livenessProbe: - enabled: true - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - - ## Metrics exporter pod Annotation - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9216" - - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md - serviceMonitor: - ## If the operator is installed in your cluster, set to true to create a Service Monitor Entry - enabled: false - - ## Specify a namespace if needed - # namespace: monitoring - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} - - ## Specify Metric Relabellings to add to the scrape endpoint - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - # relabellings: - - alerting: - ## Define individual alerting rules as required - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup - ## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ - rules: {} - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} diff --git a/solution-base/mongodb/charts/mongodb/values.schema.json b/solution-base/mongodb/charts/mongodb/values.schema.json deleted file mode 100644 index 9bf39e511a..0000000000 --- a/solution-base/mongodb/charts/mongodb/values.schema.json +++ /dev/null @@ -1,147 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "usePassword": { - "type": "boolean", - "title": "Enable password authentication", - "form": true - }, - "mongodbRootPassword": { - "type": "string", - "title": "MongoDB admin password", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set", - "hidden": { - "condition": false, - "value": "usePassword" - } - }, - "mongodbDatabase": { - "type": "string", - "title": "MongoDB custom database", - "description": "Name of the custom database to be created during the 1st initialization of MongoDB", - "form": true - }, - "mongodbUsername": { - "type": "string", - "title": "MongoDB custom user", - "description": "Name of the custom user to be created during the 1st initialization of MongoDB. This user only has permissions on the MongoDB custom database", - "form": true - }, - "mongodbPassword": { - "type": "string", - "title": "Password for MongoDB custom user", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set", - "hidden": { - "condition": false, - "value": "usePassword" - } - }, - "replicaSet": { - "type": "object", - "title": "Replicaset configuration", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable replicaset configuration" - }, - "replicas": { - "type": "object", - "title": "Number of replicas", - "form": true, - "hidden": { - "condition": false, - "value": "replicaSet.enabled" - }, - "properties": { - "secondary": { - "type": "integer", - "title": "Secondary node replicas", - "description": "Number of secondary node replicas to deploy", - "form": true - }, - "arbiter": { - "type": "integer", - "title": "Arbiter node replicas", - "description": "Number of arbiter node replicas to deploy", - "form": true - } - } - } - } - }, - "persistence": { - "type": "object", - "title": "Persistence configuration", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable persistence", - "description": "Enable persistence using Persistent Volume Claims" - }, - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi", - "hidden": { - "condition": false, - "value": "persistence.enabled" - } - } - } - }, - "volumePermissions": { - "type": "object", - "hidden": { - "condition": false, - "value": "persistence.enabled" - }, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" - } - } - }, - "metrics": { - "type": "object", - "form": true, - "title": "Prometheus metrics details", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus metrics exporter", - "description": "Create a side-car container to expose Prometheus metrics", - "form": true - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus Operator ServiceMonitor", - "description": "Create a ServiceMonitor to track metrics using Prometheus Operator", - "form": true, - "hidden": { - "condition": false, - "value": "metrics.enabled" - } - } - } - } - } - } - } -} diff --git a/solution-base/mongodb/charts/mongodb/values.yaml b/solution-base/mongodb/charts/mongodb/values.yaml deleted file mode 100644 index 4b3abda985..0000000000 --- a/solution-base/mongodb/charts/mongodb/values.yaml +++ /dev/null @@ -1,510 +0,0 @@ -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets -## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass - -image: - ## Bitnami MongoDB registry - ## - registry: docker.io - ## Bitnami MongoDB image name - ## - repository: bitnami/mongodb - ## Bitnami MongoDB image tag - ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/ - ## - tag: 4.0.27-debian-9-r118 - ## Specify a imagePullPolicy - ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - - ## Set to true if you would like to see extra information on logs - ## It turns on Bitnami debugging in minideb-extras-base - ## ref: https://github.com/bitnami/minideb-extras-base - debug: false - -## String to partially override mongodb.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override mongodb.fullname template -## -# fullnameOverride: - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - enabled: false - image: - registry: docker.io - repository: bitnami/minideb - tag: stretch - pullPolicy: Always - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - resources: {} - -## Enable authentication -## ref: https://docs.mongodb.com/manual/tutorial/enable-authentication/ -# -usePassword: true -# existingSecret: name-of-existing-secret - -## MongoDB admin password -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#setting-the-root-password-on-first-run -## -# mongodbRootPassword: - -## MongoDB custom user and database -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#creating-a-user-and-database-on-first-run -## -# mongodbUsername: username -# mongodbPassword: password -# mongodbDatabase: database - -## Whether enable/disable IPv6 on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-ipv6 -## -mongodbEnableIPv6: false - -## Whether enable/disable DirectoryPerDB on MongoDB -## ref: https://github.com/bitnami/bitnami-docker-mongodb/blob/master/README.md#enabling/disabling-directoryperdb -## -mongodbDirectoryPerDB: false - -## MongoDB System Log configuration -## ref: https://github.com/bitnami/bitnami-docker-mongodb#configuring-system-log-verbosity-level -## -mongodbSystemLogVerbosity: 0 -mongodbDisableSystemLog: false - -## MongoDB additional command line flags -## -## Can be used to specify command line flags, for example: -## -## mongodbExtraFlags: -## - "--wiredTigerCacheSizeGB=2" -mongodbExtraFlags: [] - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -securityContext: - enabled: true - fsGroup: 1001 - runAsUser: 1001 - -## Kubernetes Cluster Domain -clusterDomain: cluster.local - -## Kubernetes service type -service: - ## Specify an explicit service name. - # name: svc-mongo - ## Provide any additional annotations which may be required. - ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - annotations: {} - type: ClusterIP - # clusterIP: None - port: 27017 - - ## Specify the nodePort value for the LoadBalancer and NodePort service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - # nodePort: - - ## Specify the externalIP value ClusterIP service type. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - # externalIPs: [] - - ## Specify the loadBalancerIP value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer - ## - # loadBalancerIP: - - ## Specify the loadBalancerSourceRanges value for LoadBalancer service types. - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - # loadBalancerSourceRanges: [] - -# Add custom extra environment variables to all the MongoDB containers -# extraEnvVars: - -## Use StatefulSet instead of Deployment when deploying standalone -useStatefulSet: false - -## Setting up replication -## ref: https://github.com/bitnami/bitnami-docker-mongodb#setting-up-a-replication -# -replicaSet: - ## Whether to create a MongoDB replica set for high availability or not - enabled: false - useHostnames: true - - ## Name of the replica set - ## - name: rs0 - - ## Key used for replica set authentication - ## - # key: key - - ## Number of replicas per each node type - ## - replicas: - secondary: 1 - arbiter: 1 - - ## Pod Disruption Budget - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - pdb: - enabled: true - minAvailable: - primary: 1 - secondary: 1 - arbiter: 1 - # maxUnavailable: - # primary: 1 - # secondary: 1 - # arbiter: 1 - -# Annotations to be added to the deployment or statefulsets -annotations: {} - -# Additional labels to apply to the deployment or statefulsets -labels: {} - -# Annotations to be added to MongoDB pods -podAnnotations: {} - -# Additional pod labels to apply -podLabels: {} - -## Use an alternate scheduler, e.g. "stork". -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -# schedulerName: - -## Configure resource requests and limits -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} -# Define separate resources per arbiter, which are less then primary or secondary -# used only when replica set is enabled -resourcesArbiter: {} -# limits: -# cpu: 500m -# memory: 512Mi -# requests: -# cpu: 100m -# memory: 256Mi - -## Pod priority -## https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -# priorityClassName: "" - -## Node selector -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -nodeSelector: {} - -## Affinity -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -affinity: {} -# Define separate affinity for arbiter pod -affinityArbiter: {} - -## Tolerations -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -tolerations: [] - -## updateStrategy for MongoDB Primary, Secondary and Arbitrer statefulsets -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies -updateStrategy: - type: RollingUpdate - -## Add sidecars to the pod -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecars: [] -## Array to add extra volumes -## -extraVolumes: [] -## Array to add extra mounts (normally used with extraVolumes) -## -extraVolumeMounts: [] - -## Add sidecars to the arbiter pod -# used only when replica set is enabled -## -## For example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -sidecarsArbiter: [] -## Array to add extra volumes to the arbiter -# used only when replica set is enabled -## -extraVolumesArbiter: [] -## Array to add extra mounts (normally used with extraVolumes) to the arbiter -# used only when replica set is enabled -## -extraVolumeMountsArbiter: [] - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - enabled: true - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - ## - # existingClaim: - - ## The path the volume will be mounted at, useful when using different - ## MongoDB images. - ## - mountPath: /bitnami/mongodb - - ## The subdirectory of the volume to mount to, useful in dev environments - ## and one PV for multiple services. - ## - subPath: "" - - ## mongodb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - accessModes: - - ReadWriteOnce - size: 8Gi - annotations: {} - -## Configure the ingress resource that allows you to access the -## MongoDB installation. Set up the URL -## ref: http://kubernetes.io/docs/user-guide/ingress/ -## -ingress: - ## Set to true to enable ingress record generation - enabled: false - - ## Set this to true in order to add the corresponding annotations for cert-manager - certManager: false - - ## Ingress annotations done as key:value pairs - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md - ## - ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set - ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set - annotations: - # kubernetes.io/ingress.class: nginx - - ## The list of hostnames to be covered with this ingress record. - ## Most likely this will be just one host, but in the event more hosts are needed, this is an array - hosts: - - name: mongodb.local - path: / - - ## The tls configuration for the ingress - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - tls: - - hosts: - - mongodb.local - secretName: mongodb.local-tls - - secrets: - ## If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - # - name: airflow.local-tls - # key: - # certificate: - -## Configure the options for init containers to be run before the main app containers -## are started. All init containers are run sequentially and must exit without errors -## for the next one to be started. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ -# extraInitContainers: | -# - name: do-something -# image: busybox -# command: ['do', 'something'] - -## Configure extra options for liveness and readiness probes -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 -readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - -# Define custom config map with init scripts -initConfigMap: {} -# name: "init-config-map" - -## Entries for the MongoDB config file. For documentation of all options, see: -## http://docs.mongodb.org/manual/reference/configuration-options/ -## -configmap: -# # where and how to store data. -# storage: -# dbPath: /bitnami/mongodb/data/db -# journal: -# enabled: true -# directoryPerDB: false -# # where to write logging data. -# systemLog: -# destination: file -# quiet: false -# logAppend: true -# logRotate: reopen -# path: /opt/bitnami/mongodb/logs/mongodb.log -# verbosity: 0 -# # network interfaces -# net: -# port: 27017 -# unixDomainSocket: -# enabled: true -# pathPrefix: /opt/bitnami/mongodb/tmp -# ipv6: false -# bindIpAll: true -# # replica set options -# #replication: -# #replSetName: replicaset -# #enableMajorityReadConcern: true -# # process management options -# processManagement: -# fork: false -# pidFilePath: /opt/bitnami/mongodb/tmp/mongodb.pid -# # set parameter options -# setParameter: -# enableLocalhostAuthBypass: true -# # security options -# security: -# authorization: disabled -# #keyFile: /opt/bitnami/mongodb/conf/keyfile - -## Prometheus Exporter / Metrics -## -metrics: - enabled: false - - image: - registry: docker.io - repository: bitnami/mongodb-exporter - tag: 0.34.0-debian-11-r24 - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - # pullSecrets: - # - myRegistryKeySecretName - ## String with extra arguments to the metrics exporter - ## ref: https://github.com/percona/mongodb_exporter/blob/master/mongodb_exporter.go - ## - ## We use "--compatible-mode" flag to export old metric: "mongodb_mongod_replset_oplog_head_timestamp" - ## for mongoDB and backbeat dashboards. - extraArgs: "--collector.diagnosticdata --collector.replicasetstatus --collector.dbstats --collector.topmetrics --compatible-mode" - - ## Metrics exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - # resources: {} - - ## Metrics exporter liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - livenessProbe: - enabled: false - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - enabled: false - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - - ## Metrics exporter pod Annotation - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9216" - - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md - serviceMonitor: - ## If the operator is installed in your cluster, set to true to create a Service Monitor Entry - enabled: false - - ## Specify a namespace if needed - # namespace: monitoring - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} - - ## Specify Metric Relabellings to add to the scrape endpoint - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - # relabellings: - - alerting: - ## Define individual alerting rules as required - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup - ## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ - rules: {} - - ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Prometheus Rules to work with - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec - additionalLabels: {} diff --git a/solution-base/mongodb/patches/create-app-creds.patch b/solution-base/mongodb/patches/create-app-creds.patch deleted file mode 100644 index 6d1c4ed5c6..0000000000 --- a/solution-base/mongodb/patches/create-app-creds.patch +++ /dev/null @@ -1,101 +0,0 @@ -diff --git a/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh b/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh -new file mode 100644 -index 00000000..886b73d9 ---- /dev/null -+++ b/solution-base/mongodb/charts/mongodb/files/docker-entrypoint-initdb.d/create-app-user.sh -@@ -0,0 +1,30 @@ -+#!/bin/bash -+ -+create_user() { -+ mongo --host $MONGODB_HOSTS -u 'root' -p "$MONGODB_ROOT_PASSWORD" <