From 86c4a54656e357d3d4592e9a53ed250bfc698571 Mon Sep 17 00:00:00 2001 From: Jeff Date: Mon, 5 Oct 2020 15:11:36 -0700 Subject: [PATCH 1/2] Add support for mutiple release trains using directories --- .template/yugabyte/Chart.yaml | 14 + .template/yugabyte/README.md | 1 + .template/yugabyte/app-readme.md | 1 + .template/yugabyte/expose-all-shared.yaml | 14 + .template/yugabyte/expose-all.yaml | 24 + .template/yugabyte/generate_kubeconfig.py | 82 ++++ .template/yugabyte/questions.yaml | 64 +++ .template/yugabyte/templates/NOTES.txt | 25 ++ .template/yugabyte/templates/_helpers.tpl | 69 +++ .../templates/master-servicemonitor.yaml | 43 ++ .template/yugabyte/templates/service.yaml | 417 ++++++++++++++++++ .../templates/tserver-servicemonitor.yaml | 107 +++++ .template/yugabyte/values.yaml | 187 ++++++++ .template/yugabyte/yugabyte-rbac.yaml | 19 + .template/yugaware/.helmignore | 21 + .template/yugaware/Chart.yaml | 12 + .template/yugaware/templates/_helpers.tpl | 32 ++ .template/yugaware/templates/configs.yaml | 321 ++++++++++++++ .template/yugaware/templates/pdb.yaml | 9 + .template/yugaware/templates/rbac.yaml | 63 +++ .template/yugaware/templates/service.yaml | 234 ++++++++++ .template/yugaware/templates/volumes.yaml | 17 + .template/yugaware/values.yaml | 48 ++ 23 files changed, 1824 insertions(+) create mode 100644 .template/yugabyte/Chart.yaml create mode 100644 .template/yugabyte/README.md create mode 100644 .template/yugabyte/app-readme.md create mode 100644 .template/yugabyte/expose-all-shared.yaml create mode 100644 .template/yugabyte/expose-all.yaml create mode 100755 .template/yugabyte/generate_kubeconfig.py create mode 100644 .template/yugabyte/questions.yaml create mode 100644 .template/yugabyte/templates/NOTES.txt create mode 100644 .template/yugabyte/templates/_helpers.tpl create mode 100644 .template/yugabyte/templates/master-servicemonitor.yaml create mode 100644 .template/yugabyte/templates/service.yaml create mode 100644 .template/yugabyte/templates/tserver-servicemonitor.yaml create mode 100644 .template/yugabyte/values.yaml create mode 100644 .template/yugabyte/yugabyte-rbac.yaml create mode 100644 .template/yugaware/.helmignore create mode 100644 .template/yugaware/Chart.yaml create mode 100644 .template/yugaware/templates/_helpers.tpl create mode 100644 .template/yugaware/templates/configs.yaml create mode 100644 .template/yugaware/templates/pdb.yaml create mode 100644 .template/yugaware/templates/rbac.yaml create mode 100644 .template/yugaware/templates/service.yaml create mode 100644 .template/yugaware/templates/volumes.yaml create mode 100644 .template/yugaware/values.yaml diff --git a/.template/yugabyte/Chart.yaml b/.template/yugabyte/Chart.yaml new file mode 100644 index 0000000000..b67a37b27d --- /dev/null +++ b/.template/yugabyte/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +name: yugabyte +version: 0.0.0 +appVersion: 0.0.0.0-b0 +home: https://www.yugabyte.com +description: YugabyteDB is the high-performance distributed SQL database for building global, internet-scale apps. +icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 +sources: +- https://github.com/yugabyte/yugabyte-db +maintainers: +- name: Ram Sri + email: ram@yugabyte.com +- name: Arnav Agarwal + email: arnav@yugabyte.com diff --git a/.template/yugabyte/README.md b/.template/yugabyte/README.md new file mode 100644 index 0000000000..9528cff1c0 --- /dev/null +++ b/.template/yugabyte/README.md @@ -0,0 +1 @@ +YugabyteDB can be deployed in various Kubernetes configurations (including single zone, multi-zone and multi-cluster) using this Helm Chart. Detailed documentation is available in [YugabyteDB Docs for Kubernetes Deployments](https://docs.yugabyte.com/latest/deploy/kubernetes/). diff --git a/.template/yugabyte/app-readme.md b/.template/yugabyte/app-readme.md new file mode 100644 index 0000000000..7c52e5066d --- /dev/null +++ b/.template/yugabyte/app-readme.md @@ -0,0 +1 @@ +This chart bootstraps an RF3 Yugabyte DB version 2.3.1.0-b15 cluster using the Helm Package Manager. diff --git a/.template/yugabyte/expose-all-shared.yaml b/.template/yugabyte/expose-all-shared.yaml new file mode 100644 index 0000000000..4f823d647a --- /dev/null +++ b/.template/yugabyte/expose-all-shared.yaml @@ -0,0 +1,14 @@ +serviceEndpoints: + - name: "yb-master-service" + type: LoadBalancer + app: "yb-master" + ports: + ui: "7000" + + - name: "yb-tserver-service" + type: LoadBalancer + app: "yb-tserver" + ports: + yql-port: "9042" + yedis-port: "6379" + ysql-port: "5433" diff --git a/.template/yugabyte/expose-all.yaml b/.template/yugabyte/expose-all.yaml new file mode 100644 index 0000000000..525a34a28c --- /dev/null +++ b/.template/yugabyte/expose-all.yaml @@ -0,0 +1,24 @@ +serviceEndpoints: + - name: "yb-master-ui" + type: LoadBalancer + app: "yb-master" + ports: + ui: "7000" + + - name: "yql-service" + type: LoadBalancer + app: "yb-tserver" + ports: + yql-port: "9042" + + - name: "yedis-service" + type: LoadBalancer + app: "yb-tserver" + ports: + yedis-port: "6379" + + - name: "ysql-service" + type: LoadBalancer + app: "yb-tserver" + ports: + ysql-port: "5433" diff --git a/.template/yugabyte/generate_kubeconfig.py b/.template/yugabyte/generate_kubeconfig.py new file mode 100755 index 0000000000..f709f3a1db --- /dev/null +++ b/.template/yugabyte/generate_kubeconfig.py @@ -0,0 +1,82 @@ +#!/usr/bin/python +# Copyright (c) YugaByte, Inc. + +# This script would generate a kubeconfig for the given servie account +# by fetching the cluster information and also add the service account +# token for the authentication purpose. + +import argparse +from subprocess import check_output +import json +import base64 +import tempfile + + +def run_command(command_args, namespace=None, as_json=True): + command = ['kubectl'] + if namespace: + command.extend(['--namespace', namespace]) + command.extend(command_args) + if as_json: + command.extend(['-o', 'json']) + return json.loads(check_output(command)) + else: + return check_output(command).decode('utf8') + + +parser = argparse.ArgumentParser(description='Generate KubeConfig with Token') +parser.add_argument('-s', '--service_account', help='Service Account name', required=True) +parser.add_argument('-n', '--namespace', help='Kubernetes namespace', default='kube-system') +parser.add_argument('-c', '--context', help='kubectl context') +args = vars(parser.parse_args()) + +# if the context is not provided we use the current-context +context = args['context'] +if context is None: + context = run_command(['config', 'current-context'], + args['namespace'], as_json=False) + +cluster_attrs = run_command(['config', 'get-contexts', context.strip(), + '--no-headers'], args['namespace'], as_json=False) + +cluster_name = cluster_attrs.strip().split()[2] +endpoint = run_command(['config', 'view', '-o', + 'jsonpath="{.clusters[?(@.name =="' + + cluster_name + '")].cluster.server}"'], + args['namespace'], as_json=False) +service_account_info = run_command(['get', 'sa', args['service_account']], + args['namespace']) +sa_secret = service_account_info['secrets'][0]['name'] +secret_data = run_command(['get', 'secret', sa_secret], args['namespace']) +context_name = '{}-{}'.format(args['service_account'], cluster_name) +kube_config = '/tmp/{}.conf'.format(args['service_account']) + +with tempfile.NamedTemporaryFile() as ca_crt_file: + ca_crt = base64.b64decode(secret_data['data']['ca.crt']) + ca_crt_file.write(ca_crt) + ca_crt_file.flush() + # create kubeconfig entry + set_cluster_cmd = ['config', 'set-cluster', cluster_name, + '--kubeconfig={}'.format(kube_config), + '--server={}'.format(endpoint.strip('"')), + '--embed-certs=true', + '--certificate-authority={}'.format(ca_crt_file.name)] + run_command(set_cluster_cmd, as_json=False) + +user_token = base64.b64decode(secret_data['data']['token']).decode('utf-8') +set_credentials_cmd = ['config', 'set-credentials', context_name, + '--token={}'.format(user_token), + '--kubeconfig={}'.format(kube_config)] +run_command(set_credentials_cmd, as_json=False) + +set_context_cmd = ['config', 'set-context', context_name, + '--cluster={}'.format(cluster_name), + '--user={}'.format(context_name), + '--kubeconfig={}'.format(kube_config)] +run_command(set_context_cmd, as_json=False) + +use_context_cmd = ['config', 'use-context', context_name, + '--kubeconfig={}'.format(kube_config)] +run_command(use_context_cmd, as_json=False) + +print("Generated the kubeconfig file: {}".format(kube_config)) diff --git a/.template/yugabyte/questions.yaml b/.template/yugabyte/questions.yaml new file mode 100644 index 0000000000..d90ee81313 --- /dev/null +++ b/.template/yugabyte/questions.yaml @@ -0,0 +1,64 @@ + questions: + - variable: persistence.enabled + default: "false" + description: "Enable persistent volume for YugabyteDB" + type: boolean + required: true + label: Yugabyte Persistent Volume Enabled + show_subquestion_if: true + group: "YugabyteDB Settings" + subquestions: + - variable: persistence.size + default: "40Gi" + description: "YugabyteDB Persistent Volume Size" + type: string + label: YugabyteDB Volume Size + - variable: persistence.storageClass + default: "" + description: "If undefined or null, uses the default StorageClass. Default to null" + type: storageclass + label: Default StorageClass for YugabyteDB + - variable: replicas.tserver + default: "3" + description: "Number of replicas for default replication" + type: string + required: true + label: Replication Factor + - variable: resource.tserver.requests.cpu + default: "8" + description: "Tserver vcpu allocation for YugabyteDB" + type: string + required: true + label: vcpu allocation for tserver + - variable: resource.tserver.requests.memory + default: "15Gi" + description: "Tserver RAM allocation for YugabyteDB" + type: string + required: true + label: RAM allocation for tserver + - variable: disable.ysql + default: "false" + description: "Disable YSQL API" + type: boolean + required: true + label: Disable YSQL API + - variable: serviceEndpoints.name + default: "ysql-service" + description: "Loadbalancer for YSQL API" + type: boolean + required: true + label: Create YSQL API Loadbalancer + - variable: gflags.tserver.use_cassandra_authentication + default: "true" + description: "Enable CQL API" + type: boolean + required: true + label: Enable CQL API + - variable: serviceEndpoints.name + default: "yql-service" + description: "Loadbalancer for CQL API" + type: boolean + required: true + label: Create CQL API Loadbalancer + + diff --git a/.template/yugabyte/templates/NOTES.txt b/.template/yugabyte/templates/NOTES.txt new file mode 100644 index 0000000000..67f22abfca --- /dev/null +++ b/.template/yugabyte/templates/NOTES.txt @@ -0,0 +1,25 @@ +1. Get YugabyteDB Pods by running this command: + kubectl --namespace {{ .Release.Namespace }} get pods + +2. Get list of YugabyteDB services that are running: + kubectl --namespace {{ .Release.Namespace }} get services + +3. Get information about the load balancer services: + kubectl get svc --namespace {{ .Release.Namespace }} + +4. Connect to one of the tablet server: + kubectl exec --namespace {{ .Release.Namespace }} -it yb-tserver-0 bash + +5. Run YSQL shell from inside of a tablet server: + kubectl exec --namespace {{ .Release.Namespace }} -it yb-tserver-0 -- /home/yugabyte/bin/ysqlsh -h yb-tserver-0.yb-tservers.{{ .Release.Namespace }} + +6. Cleanup YugabyteDB Pods + For helm 2: + helm delete {{ .Release.Name }} --purge + For helm 3: + helm delete {{ .Release.Name }} -n {{ .Release.Namespace }} + NOTE: You need to manually delete the persistent volume + {{- $root := . -}} + {{- range .Values.Services }} + kubectl delete pvc --namespace {{ $root.Release.Namespace }} -l app={{.label}} + {{- end }} diff --git a/.template/yugabyte/templates/_helpers.tpl b/.template/yugabyte/templates/_helpers.tpl new file mode 100644 index 0000000000..4569fac99a --- /dev/null +++ b/.template/yugabyte/templates/_helpers.tpl @@ -0,0 +1,69 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "yugabyte.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "yugabyte.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{/* +Derive the memory hard limit for each POD based on the memory limit. +Since the memory is represented in GBi, we use this function to convert that into bytes. +Multiplied by 870 since 0.85 * 1024 ~ 870 (floating calculations not supported) +*/}} +{{- define "yugabyte.memory_hard_limit" -}} +{{- printf "%d" .limits.memory | regexFind "\\d+" | mul 1024 | mul 1024 | mul 870 }} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "yugabyte.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* + Get YugaByte fs data directories +*/}} +{{- define "yugabyte.fs_data_dirs" -}} +{{range $index := until (int (.count))}}{{if ne $index 0}},{{end}}/mnt/disk{{ $index }}{{end}} +{{- end -}} + +{{/* + Get YugaByte master addresses +*/}} +{{- define "yugabyte.master_addresses" -}} +{{- $master_replicas := .Values.replicas.master | int -}} +{{- $domain_name := .Values.domainName -}} + {{- range .Values.Services }} + {{- if eq .name "yb-masters" }} + {{range $index := until $master_replicas }}{{if ne $index 0}},{{end}}yb-master-{{ $index }}.yb-masters.$(NAMESPACE).svc.{{ $domain_name }}:7100{{end}} + {{- end -}} + {{- end -}} +{{- end -}} + +{{/* +Compute the maximum number of unavailable pods based on the number of master replicas +*/}} +{{- define "yugabyte.max_unavailable_for_quorum" -}} +{{- $master_replicas := .Values.replicas.master | int | mul 100 -}} +{{- $master_replicas := 100 | div (100 | sub (2 | div ($master_replicas | add 100))) -}} +{{- printf "%d" $master_replicas -}} +{{- end -}} diff --git a/.template/yugabyte/templates/master-servicemonitor.yaml b/.template/yugabyte/templates/master-servicemonitor.yaml new file mode 100644 index 0000000000..e90156001b --- /dev/null +++ b/.template/yugabyte/templates/master-servicemonitor.yaml @@ -0,0 +1,43 @@ +{{- if and .Values.serviceMonitor.enabled .Values.serviceMonitor.master.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "yugabyte.fullname" . }}-yb-master + labels: + app: "yb-master" + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}" + component: "{{ .Values.Component }}" + {{- with .Values.serviceMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: "release" + selector: + matchLabels: + app: "yb-master" + release: {{ .Release.Name | quote }} + service-type: "headless" + endpoints: + + {{- with .Values.serviceMonitor.master }} + {{- if .enabled }} + - port: {{ .port }} + path: {{ .path }} + {{- if .interval }} + interval: {{ .interval }} + {{- else }} + interval: {{ $.Values.serviceMonitor.interval }} + {{- end }} + relabelings: + - targetLabel: "group" + replacement: "yb-master" + - targetLabel: "export_type" + replacement: "master_export" + - targetLabel: "node_prefix" + replacement: {{ $.Release.Name | quote }} + metricRelabelings: + {{- toYaml $.Values.serviceMonitor.commonMetricRelabelings | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/.template/yugabyte/templates/service.yaml b/.template/yugabyte/templates/service.yaml new file mode 100644 index 0000000000..9638fda945 --- /dev/null +++ b/.template/yugabyte/templates/service.yaml @@ -0,0 +1,417 @@ +{{- $root := . -}} +--- +{{- if $root.Values.tls.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: yugabyte-tls-client-cert + namespace: "{{ $root.Release.Namespace }}" + labels: + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" +type: Opaque +data: +{{- $rootCAClient := buildCustomCert $root.Values.tls.rootCA.cert $root.Values.tls.rootCA.key -}} +{{- $client := genSignedCert "yugabyte" ( default nil ) ( default nil ) 3650 $rootCAClient }} + root.crt: {{ $rootCAClient.Cert | b64enc }} + yugabytedb.crt: {{ $client.Cert | b64enc }} + yugabytedb.key: {{ $client.Key | b64enc }} +--- +{{- end }} + +{{- range .Values.Services }} +{{- $service := . -}} + +{{- if $root.Values.tls.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ $service.label }}-yugabyte-tls-cert + namespace: "{{ $root.Release.Namespace }}" + labels: + app: "{{ $service.label }}" + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" +type: Opaque +data: +{{- $rootCA := buildCustomCert $root.Values.tls.rootCA.cert $root.Values.tls.rootCA.key -}} +{{- $replicas := (eq .name "yb-masters") | ternary $root.Values.replicas.master $root.Values.replicas.tserver -}} +{{- range $index := until ( int ( $replicas ) ) }} +{{- $node := printf "%s-%d.%s.%s.svc.%s" $service.label $index $service.name $root.Release.Namespace $root.Values.domainName }} +{{- $dns1 := printf "*.*.%s" $root.Release.Namespace }} +{{- $dns2 := printf "%s.svc.%s" $dns1 $root.Values.domainName }} +{{- $server := genSignedCert $node ( default nil ) (list $dns1 $dns2 ) 3650 $rootCA }} + node.{{$node}}.crt: {{ $server.Cert | b64enc }} + node.{{$node}}.key: {{ $server.Key | b64enc }} +{{- end }} + ca.crt: {{ $rootCA.Cert | b64enc }} +{{- end }} + +--- +apiVersion: v1 +kind: Service +metadata: + name: "{{ .name }}" + labels: + app: "{{ .label }}" + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" + service-type: "headless" +spec: + clusterIP: None + ports: + {{- range $label, $port := .ports }} + - name: {{ $label | quote }} + port: {{ $port }} + {{- end}} + selector: + app: "{{ .label }}" + +{{ if $root.Values.enableLoadBalancer }} +{{- range $endpoint := $root.Values.serviceEndpoints }} +{{- if eq $service.label $endpoint.app }} +--- +apiVersion: v1 +kind: Service +metadata: + name: "{{ $endpoint.name }}" + annotations: +{{ toYaml $endpoint.annotations | indent 4 }} + labels: + app: "{{ $endpoint.app }}" + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" +spec: + {{ if eq $root.Release.Service "Tiller" }} + clusterIP: + {{ else }} + {{ if $endpoint.clusterIP }} + clusterIP: {{ $endpoint.clusterIP }} + {{- end }} + {{- end }} + ports: + {{- range $label, $port := $endpoint.ports }} + - name: {{ $label | quote }} + port: {{ $port }} + {{- end}} + selector: + app: "{{ $endpoint.app }}" + type: {{ $endpoint.type }} +{{- end}} +{{- end}} +{{ end }} + +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: "{{ .label }}" + namespace: "{{ $root.Release.Namespace }}" + labels: + app: "{{ .label }}" + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" +spec: + serviceName: "{{ .name }}" + podManagementPolicy: {{ $root.Values.PodManagementPolicy }} + {{ if eq .name "yb-masters" }} + replicas: {{ $root.Values.replicas.master }} + {{ else }} + replicas: {{ $root.Values.replicas.tserver }} + {{ end }} + {{- $storageInfo := (eq .name "yb-masters") | ternary $root.Values.storage.master $root.Values.storage.tserver -}} + {{ if not $root.Values.storage.ephemeral }} + volumeClaimTemplates: + {{- range $index := until (int ($storageInfo.count )) }} + - metadata: + name: datadir{{ $index }} + annotations: + volume.beta.kubernetes.io/storage-class: {{ $storageInfo.storageClass }} + labels: + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" + spec: + accessModes: + - "ReadWriteOnce" + {{- if $storageInfo.storageClass }} + storageClassName: {{ $storageInfo.storageClass }} + {{- end }} + resources: + requests: + storage: {{ $storageInfo.size }} + {{- end }} + {{- end }} + updateStrategy: + type: RollingUpdate + rollingUpdate: + {{ if eq .name "yb-masters" }} + partition: {{ $root.Values.partition.master }} + {{ else }} + partition: {{ $root.Values.partition.tserver }} + {{ end }} + selector: + matchLabels: + app: "{{ .label }}" + template: + metadata: + {{ if $root.Values.networkAnnotation }} + annotations: +{{ toYaml $root.Values.networkAnnotation | indent 8}} + {{ end }} + labels: + app: "{{ .label }}" + heritage: {{ $root.Values.helm2Legacy | ternary "Tiller" ($root.Release.Service | quote) }} + release: {{ $root.Release.Name | quote }} + chart: "{{ $root.Chart.Name }}" + component: "{{ $root.Values.Component }}" + spec: + {{- if $root.Values.Image.pullSecretName }} + imagePullSecrets: + - name: {{ $root.Values.Image.pullSecretName }} + {{ end }} + {{- if $root.Values.nodeSelector }} + nodeSelector: + {{ toYaml $root.Values.nodeSelector | indent 8 }} + {{- end }} + affinity: + # Set the anti-affinity selector scope to YB masters. + {{ if $root.Values.AZ }} + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: failure-domain.beta.kubernetes.io/zone + operator: In + values: + - {{ $root.Values.AZ }} + {{ end }} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - "{{ .label }}" + topologyKey: kubernetes.io/hostname + containers: + - name: "{{ .label }}" + image: "{{ $root.Values.Image.repository }}:{{ $root.Values.Image.tag }}" + imagePullPolicy: {{ $root.Values.Image.pullPolicy }} + lifecycle: + postStart: + exec: + command: + - "sh" + - "-c" + - > + mkdir -p /mnt/disk0/cores; + mkdir -p /mnt/disk0/yb-data/scripts; + if [ ! -f /mnt/disk0/yb-data/scripts/log_cleanup.sh ]; then + if [ -f /home/yugabyte/bin/log_cleanup.sh ]; then + cp /home/yugabyte/bin/log_cleanup.sh /mnt/disk0/yb-data/scripts; + fi; + fi + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + {{ if eq .name "yb-masters" }} +{{ toYaml $root.Values.resource.master | indent 10 }} + {{ else }} +{{ toYaml $root.Values.resource.tserver | indent 10 }} + {{ end }} + # core dumps are collected to workingDir if + # kernel.core_pattern is set to a relative path like + # core.%e.%p.%t ref: + # https://github.com/yugabyte/charts/issues/11 + workingDir: "/mnt/disk0/cores" + command: + {{ if eq .name "yb-masters" }} + - "/home/yugabyte/bin/yb-master" + {{ if not $root.Values.storage.ephemeral }} + - "--fs_data_dirs={{ template "yugabyte.fs_data_dirs" $storageInfo }}" + {{ else }} + - "--fs_data_dirs=/var/yugabyte" + {{- end }} + {{- if $root.Values.istioCompatibility.enabled }} + - "--rpc_bind_addresses=0.0.0.0:7100" + {{- else }} + - "--rpc_bind_addresses={{ printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .name $root.Values.domainName }}" + {{- end }} + - "--server_broadcast_addresses={{ printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .name $root.Values.domainName }}:7100" + - "--webserver_interface={{ eq $root.Values.ip_version_support "v6_only" | ternary "[::]" "0.0.0.0" }}" + {{ if eq $root.Values.ip_version_support "v6_only"}} + - "--net_address_filter=ipv6_external,ipv6_non_link_local,ipv6_all,ipv4_external,ipv4_all" + {{ end }} + {{ if $root.Values.isMultiAz }} + - "--master_addresses={{ $root.Values.masterAddresses}}" + - "--replication_factor={{ $root.Values.replicas.totalMasters }}" + {{ else }} + - "--master_addresses={{ template "yugabyte.master_addresses" $root }}" + - "--replication_factor={{ $root.Values.replicas.master }}" + {{ end }} + {{ if not $root.Values.disableYsql }} + - "--enable_ysql=true" + {{ else }} + - "--enable_ysql=false" + {{ end }} + - "--metric_node_name=$(HOSTNAME)" + - "--memory_limit_hard_bytes={{ template "yugabyte.memory_hard_limit" $root.Values.resource.master }}" + - "--stderrthreshold=0" + - "--num_cpus={{ ceil $root.Values.resource.master.requests.cpu }}" + - "--undefok=num_cpus,enable_ysql" + {{- range $flag, $override := $root.Values.gflags.master }} + - "--{{ $flag }}={{ $override }}" + {{- end}} + {{ if $root.Values.tls.enabled }} + - "--certs_dir=/opt/certs/yugabyte" + - "--use_node_to_node_encryption=true" + - "--allow_insecure_connections={{ $root.Values.tls.insecure }}" + {{- end }} + {{ else }} + - "/home/yugabyte/bin/yb-tserver" + - "--fs_data_dirs={{ template "yugabyte.fs_data_dirs" $storageInfo }}" + - "--server_broadcast_addresses={{ printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .name $root.Values.domainName }}:9100" + {{- if $root.Values.istioCompatibility.enabled }} + - "--rpc_bind_addresses=0.0.0.0:9100" + {{- else }} + - "--rpc_bind_addresses={{ printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .name $root.Values.domainName }}" + {{- end }} + {{- if $root.Values.istioCompatibility.enabled }} + - "--cql_proxy_bind_address=0.0.0.0:9042" + {{- else }} + - "--cql_proxy_bind_address={{ printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .name $root.Values.domainName }}" + {{- end }} + - "--webserver_interface={{ eq $root.Values.ip_version_support "v6_only" | ternary "[::]" "0.0.0.0" }}" + {{ if eq $root.Values.ip_version_support "v6_only" }} + - "--net_address_filter=ipv6_external,ipv6_non_link_local,ipv6_all,ipv4_external,ipv4_all" + {{ end }} + {{ if not $root.Values.disableYsql }} + - "--enable_ysql=true" + - "--pgsql_proxy_bind_address={{ eq $root.Values.ip_version_support "v6_only" | ternary "[::]" "0.0.0.0" }}:5433" + {{ else }} + - "--enable_ysql=false" + {{ end }} + {{ if $root.Values.isMultiAz }} + - "--tserver_master_addrs={{ $root.Values.masterAddresses}}" + {{ else }} + - "--tserver_master_addrs={{ template "yugabyte.master_addresses" $root }}" + {{ end }} + - "--metric_node_name=$(HOSTNAME)" + - "--memory_limit_hard_bytes={{ template "yugabyte.memory_hard_limit" $root.Values.resource.tserver }}" + - "--stderrthreshold=0" + - "--num_cpus={{ ceil $root.Values.resource.tserver.requests.cpu }}" + - "--undefok=num_cpus,enable_ysql" + {{- range $flag, $override := $root.Values.gflags.tserver }} + - "--{{ $flag }}={{ $override }}" + {{- end }} + {{ if $root.Values.tls.enabled }} + - "--certs_dir=/opt/certs/yugabyte" + - "--use_node_to_node_encryption=true" + - "--allow_insecure_connections={{ $root.Values.tls.insecure }}" + - "--use_client_to_server_encryption=true" + - "--certs_for_client_dir=/opt/certs/yugabyte" + {{- end }} + {{ end }} + ports: + {{- range $label, $port := .ports }} + - containerPort: {{ $port }} + name: {{ $label | quote }} + {{- end}} + volumeMounts: + {{ if not $root.Values.storage.ephemeral }} + {{- range $index := until (int ($storageInfo.count)) }} + - name: datadir{{ $index }} + mountPath: /mnt/disk{{ $index }} + {{- end }} + {{- end }} + {{- if $root.Values.tls.enabled }} + - name: {{ .label }}-yugabyte-tls-cert + mountPath: /opt/certs/yugabyte + readOnly: true + - name: yugabyte-tls-client-cert + mountPath: /root/.yugabytedb/ + readOnly: true + {{- end }} + + {{ if not $root.Values.storage.ephemeral }} + - name: yb-cleanup + image: busybox:1.31 + env: + - name: USER + value: "yugabyte" + command: + - "/bin/sh" + - "-c" + - > + mkdir /var/spool/cron; + mkdir /var/spool/cron/crontabs; + echo "0 * * * * /home/yugabyte/scripts/log_cleanup.sh" | tee -a /var/spool/cron/crontabs/root; + crond; + while true; do + sleep 86400; + done + volumeMounts: + - name: datadir0 + mountPath: /home/yugabyte/ + subPath: yb-data + {{- end }} + + volumes: + {{ if not $root.Values.storage.ephemeral }} + {{- range $index := until (int ($storageInfo.count)) }} + - name: datadir{{ $index }} + hostPath: + path: /mnt/disks/ssd{{ $index }} + {{- end }} + {{- end }} + {{- if $root.Values.tls.enabled }} + - name: {{ .label }}-yugabyte-tls-cert + secret: + secretName: {{ .label }}-yugabyte-tls-cert + defaultMode: 256 + - name: yugabyte-tls-client-cert + secret: + secretName: yugabyte-tls-client-cert + defaultMode: 256 + {{- end }} +{{- if eq $root.Values.isMultiAz false }} +--- +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ .label }}-pdb +spec: + maxUnavailable: {{ template "yugabyte.max_unavailable_for_quorum" $root }} + selector: + matchLabels: + app: {{ .label }} +{{- end }} +{{- end }} diff --git a/.template/yugabyte/templates/tserver-servicemonitor.yaml b/.template/yugabyte/templates/tserver-servicemonitor.yaml new file mode 100644 index 0000000000..12ee4dbbb3 --- /dev/null +++ b/.template/yugabyte/templates/tserver-servicemonitor.yaml @@ -0,0 +1,107 @@ +{{- $sm := .Values.serviceMonitor }} +{{ if and $sm.enabled (or $sm.tserver.enabled $sm.ycql.enabled $sm.ysql.enabled $sm.yedis.enabled) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "yugabyte.fullname" . }}-yb-tserver + labels: + app: "yb-tserver" + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}" + component: "{{ .Values.Component }}" + {{- with .Values.serviceMonitor.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: "release" + selector: + matchLabels: + app: "yb-tserver" + release: {{ .Release.Name | quote }} + service-type: "headless" + endpoints: + + {{- with .Values.serviceMonitor.tserver }} + {{- if .enabled }} + - port: {{ .port }} + path: {{ .path }} + {{- if .interval }} + interval: {{ .interval }} + {{- else }} + interval: {{ $.Values.serviceMonitor.interval }} + {{- end }} + relabelings: + - targetLabel: "group" + replacement: "yb-tserver" + - targetLabel: "export_type" + replacement: "tserver_export" + - targetLabel: "node_prefix" + replacement: {{ $.Release.Name | quote }} + metricRelabelings: + {{- toYaml $.Values.serviceMonitor.commonMetricRelabelings | nindent 4 }} + {{- end }} + {{- end }} + + {{- with .Values.serviceMonitor.ycql }} + {{- if .enabled }} + - port: {{ .port }} + path: {{ .path }} + {{- if .interval }} + interval: {{ .interval }} + {{- else }} + interval: {{ $.Values.serviceMonitor.interval }} + {{- end }} + relabelings: + - targetLabel: "group" + replacement: "ycql" + - targetLabel: "export_type" + replacement: "cql_export" + - targetLabel: "node_prefix" + replacement: {{ $.Release.Name | quote }} + metricRelabelings: + {{- toYaml $.Values.serviceMonitor.commonMetricRelabelings | nindent 4 }} + {{- end }} + {{- end }} + + {{- with .Values.serviceMonitor.ysql }} + {{- if .enabled }} + - port: {{ .port }} + path: {{ .path }} + {{- if .interval }} + interval: {{ .interval }} + {{- else }} + interval: {{ $.Values.serviceMonitor.interval }} + {{- end }} + relabelings: + - targetLabel: "group" + replacement: "ysql" + - targetLabel: "export_type" + replacement: "ysql_export" + - targetLabel: "node_prefix" + replacement: {{ $.Release.Name | quote }} + metricRelabelings: + {{- toYaml $.Values.serviceMonitor.commonMetricRelabelings | nindent 4 }} + {{- end }} + {{- end }} + + {{- with .Values.serviceMonitor.yedis }} + {{- if .enabled }} + - port: {{ .port }} + path: {{ .path }} + {{- if .interval }} + interval: {{ .interval }} + {{- else }} + interval: {{ $.Values.serviceMonitor.interval }} + {{- end }} + relabelings: + - targetLabel: "group" + replacement: "yedis" + - targetLabel: "export_type" + replacement: "redis_export" + - targetLabel: "node_prefix" + replacement: {{ $.Release.Name | quote }} + metricRelabelings: + {{- toYaml $.Values.serviceMonitor.commonMetricRelabelings | nindent 4 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/.template/yugabyte/values.yaml b/.template/yugabyte/values.yaml new file mode 100644 index 0000000000..a5ec42693a --- /dev/null +++ b/.template/yugabyte/values.yaml @@ -0,0 +1,187 @@ +# Default values for yugabyte. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +Component: "yugabytedb" +Image: + repository: "yugabytedb/yugabyte" + tag: 0.0.0.0-b0 + pullPolicy: IfNotPresent + +storage: + ephemeral: false # will not allocate PVs when true + master: + count: 2 + size: 10Gi + storageClass: standard + tserver: + count: 2 + size: 10Gi + storageClass: standard + +resource: + master: + requests: + cpu: 2 + memory: 2Gi + limits: + cpu: 2 + memory: 2Gi + tserver: + requests: + cpu: 2 + memory: 4Gi + limits: + cpu: 2 + memory: 4Gi + +replicas: + master: 3 + tserver: 3 + +partition: + master: 0 + tserver: 0 + +tls: + # Set to true to enable the TLS. + enabled: false + # Set to false to disallow any service with unencrypted communication from joining this cluster + insecure: false + rootCA: + cert: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM2VENDQWRHZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFXTVJRd0VnWURWUVFERXd0WmRXZGgKWW5sMFpTQkVRakFlRncweE9UQXlNRGd3TURRd01qSmFGdzB5T1RBeU1EVXdNRFF3TWpKYU1CWXhGREFTQmdOVgpCQU1UQzFsMVoyRmllWFJsSUVSQ01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCnVOMWF1aWc4b2pVMHM0OXF3QXhrT2FCaHkwcTlyaVg2akVyZWJyTHJOWDJOeHdWQmNVcWJkUlhVc3VZNS96RUQKUC9CZTNkcTFuMm9EQ2ZGVEwweGkyNFdNZExRcnJBMndCdzFtNHM1WmQzcEJ1U04yWHJkVVhkeUx6dUxlczJNbgovckJxcWRscXp6LzAyTk9TOE9SVFZCUVRTQTBSOFNMQ1RjSGxMQmRkMmdxZ1ZmemVXRlVObXhWQ2EwcHA5UENuCmpUamJJRzhJWkh5dnBkTyt3aURQM1Y1a1ZEaTkvbEtUaGUzcTFOeDg5VUNFcnRJa1pjSkYvWEs3aE90MU1sOXMKWDYzb2lVMTE1Q2svbGFGRjR6dWgrZk9VenpOVXRXeTc2RE92cm5pVGlaU0tQZDBBODNNa2l2N2VHaDVkV3owWgpsKzJ2a3dkZHJaRzVlaHhvbGhGS3pRSURBUUFCbzBJd1FEQU9CZ05WSFE4QkFmOEVCQU1DQXFRd0hRWURWUjBsCkJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWkkKaHZjTkFRRUxCUUFEZ2dFQkFEQjVRbmlYd1ptdk52eG5VbS9sTTVFbms3VmhTUzRUZldIMHY4Q0srZWZMSVBTbwpVTkdLNXU5UzNEUWlvaU9SN1Vmc2YrRnk1QXljMmNUY1M2UXBxTCt0V1QrU1VITXNJNk9oQ05pQ1gvQjNKWERPCkd2R0RIQzBVOHo3aWJTcW5zQ2Rid05kajAyM0lwMHVqNE9DVHJ3azZjd0RBeXlwVWkwN2tkd28xYWJIWExqTnAKamVQMkwrY0hkc2dKM1N4WWpkK1kvei9IdmFrZG1RZDJTL1l2V0R3aU1SRDkrYmZXWkJVRHo3Y0QyQkxEVmU0aAp1bkFaK3NyelR2Sjd5dkVodzlHSDFyajd4Qm9VNjB5SUUrYSszK2xWSEs4WnBSV0NXMnh2eWNrYXJSKytPS2NKClFsL04wWExqNWJRUDVoUzdhOTdhQktTamNqY3E5VzNGcnhJa2tKST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" + key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdU4xYXVpZzhvalUwczQ5cXdBeGtPYUJoeTBxOXJpWDZqRXJlYnJMck5YMk54d1ZCCmNVcWJkUlhVc3VZNS96RURQL0JlM2RxMW4yb0RDZkZUTDB4aTI0V01kTFFyckEyd0J3MW00czVaZDNwQnVTTjIKWHJkVVhkeUx6dUxlczJNbi9yQnFxZGxxenovMDJOT1M4T1JUVkJRVFNBMFI4U0xDVGNIbExCZGQyZ3FnVmZ6ZQpXRlVObXhWQ2EwcHA5UENualRqYklHOElaSHl2cGRPK3dpRFAzVjVrVkRpOS9sS1RoZTNxMU54ODlVQ0VydElrClpjSkYvWEs3aE90MU1sOXNYNjNvaVUxMTVDay9sYUZGNHp1aCtmT1V6ek5VdFd5NzZET3ZybmlUaVpTS1BkMEEKODNNa2l2N2VHaDVkV3owWmwrMnZrd2RkclpHNWVoeG9saEZLelFJREFRQUJBb0lCQUJsdW1tU3gxR1djWER1Mwpwei8wZEhWWkV4c2NsU3U0SGRmZkZPcTF3cFlCUjlmeGFTZGsxQzR2YXF1UjhMaWl6WWVtVWViRGgraitkSnlSCmpwZ2JNaDV4S1BtRkw5empwU3ZUTkN4UHB3OUF5bm5sM3dyNHZhcU1CTS9aZGpuSGttRC9kQzBadEEvL0JIZ3YKNHk4d3VpWCsvUWdVaER0Z1JNcmR1ZUZ1OVlKaFo5UE9jYXkzSkkzMFhEYjdJSS9vNFNhYnhTcFI3bTg5WjY0NwpUb3hsOEhTSzl0SUQxbkl1bHVpTmx1dHI1RzdDdE93WTBSc2N5dmZ2elg4a1d2akpLZVJVbmhMSCtXVFZOaExICjdZc0tMNmlLa1NkckMzeWVPWnV4R0pEbVdrZVgxTzNPRUVGYkc4TjVEaGNqL0lXbDh1dGt3LzYwTEthNHBCS2cKTXhtNEx3RUNnWUVBNnlPRkhNY2pncHYxLzlHZC8yb3c2YmZKcTFjM1dqQkV2cnM2ZXNyMzgrU3UvdVFneXJNcAo5V01oZElpb2dYZjVlNjV5ZlIzYVBXcjJJdWMxZ0RUNlYycDZFR2h0NysyQkF1YkIzczloZisycVNRY1lkS3pmCnJOTDdKalE4ZEVGZWdYd041cHhKOTRTTVFZNEI4Qm9hOHNJWTd3TzU4dHpVMjZoclVnanFXQ1VDZ1lFQXlVUUIKNzViWlh6MGJ5cEc5NjNwYVp0bGlJY0cvUk1XMnVPOE9rVFNYSGdDSjBob25uRm5IMGZOc1pGTHdFWEtnTTRORworU3ZNbWtUekE5eVVSMHpIMFJ4UW44L1YzVWZLT2k5RktFeWx6NzNiRkV6ZW1QSEppQm12NWQ4ZTlOenZmU0E0CkdpRTYrYnFyV3VVWWRoRWlYTnY1SFNPZ3I4bUx1TzJDbGlmNTg0a0NnWUFlZzlDTmlJWmlOODAzOHNNWFYzZWIKalI5ZDNnYXY3SjJ2UnVyeTdvNDVGNDlpUXNiQ3AzZWxnY1RnczY5eWhkaFpwYXp6OGNEVndhREpyTW16cHF4cQpWY1liaFFIblppSWM5MGRubS9BaVF2eWJWNUZqNnQ5b05VVWtreGpaV1haalJXOGtZMW55QmtDUmJWVnhER0k4CjZOV0ZoeTFGaUVVVGNJcms3WVZFQlFLQmdRREpHTVIrYWRFamtlRlUwNjVadkZUYmN0VFVPY3dzb1Foalc2akkKZVMyTThxakNYeE80NnhQMnVTeFNTWFJKV3FpckQ3NDRkUVRvRjRCaEdXS21veGI3M3pqSGxWaHcwcXhDMnJ4VQorZENxODE0VXVJR3BlOTBMdWU3QTFlRU9kRHB1WVdUczVzc1FmdTE3MG5CUWQrcEhzaHNFZkhhdmJjZkhyTGpQCjQzMmhVUUtCZ1FDZ3hMZG5Pd2JMaHZLVkhhdTdPVXQxbGpUT240SnB5bHpnb3hFRXpzaDhDK0ZKUUQ1bkFxZXEKZUpWSkNCd2VkallBSDR6MUV3cHJjWnJIN3IyUTBqT2ZFallwU1dkZGxXaWh4OTNYODZ0aG83UzJuUlYrN1hNcQpPVW9ZcVZ1WGlGMWdMM1NGeHZqMHhxV3l0d0NPTW5DZGFCb0M0Tkw3enJtL0lZOEUwSkw2MkE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" + +gflags: + master: + default_memory_limit_to_ram_ratio: 0.85 + tserver: + use_cassandra_authentication: false + +PodManagementPolicy: Parallel + +enableLoadBalancer: true + +isMultiAz: false + +domainName: "cluster.local" + +serviceEndpoints: + - name: "yb-master-ui" + type: LoadBalancer + app: "yb-master" + ports: + http-ui: "7000" + + - name: "yb-tserver-service" + type: LoadBalancer + app: "yb-tserver" + ports: + tcp-yql-port: "9042" + tcp-yedis-port: "6379" + tcp-ysql-port: "5433" + +Services: + - name: "yb-masters" + label: "yb-master" + memory_limit_to_ram_ratio: 0.85 + ports: + http-ui: "7000" + tcp-rpc-port: "7100" + + - name: "yb-tservers" + label: "yb-tserver" + ports: + http-ui: "9000" + tcp-rpc-port: "9100" + tcp-yql-port: "9042" + tcp-yedis-port: "6379" + tcp-ysql-port: "5433" + http-ycql-met: "12000" + http-yedis-met: "11000" + http-ysql-met: "13000" + +## Should be set to true only if Istio is being used. +## TODO: remove this once +## https://github.com/yugabyte/yugabyte-db/issues/5641 is fixed. +## +istioCompatibility: + enabled: false + +serviceMonitor: + ## If true, two ServiceMonitor CRs are created. One for yb-master + ## and one for yb-tserver + ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor + ## + enabled: false + ## interval is the default scrape_interval for all the endpoints + interval: 30s + ## extraLabels can be used to add labels to the ServiceMonitors + ## being created + extraLabels: {} + # release: prom + + ## Configurations of ServiceMonitor for yb-master + master: + enabled: true + port: "http-ui" + interval: "" + path: "/prometheus-metrics" + + ## Configurations of ServiceMonitor for yb-tserver + tserver: + enabled: true + port: "http-ui" + interval: "" + path: "/prometheus-metrics" + ycql: + enabled: true + port: "http-ycql-met" + interval: "" + path: "/prometheus-metrics" + ysql: + enabled: true + port: "http-ysql-met" + interval: "" + path: "/prometheus-metrics" + yedis: + enabled: true + port: "http-yedis-met" + interval: "" + path: "/prometheus-metrics" + + commonMetricRelabelings: + # https://git.io/JJW5p + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - sourceLabels: ["__name__"] + regex: "(.*)" + targetLabel: "saved_name" + replacement: "$1" + # The following basically retrofit the handler_latency_* metrics to label format. + - sourceLabels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(.*)" + targetLabel: "server_type" + replacement: "$1" + - sourceLabels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(.*)" + targetLabel: "service_type" + replacement: "$2" + - sourceLabels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(_sum|_count)?" + targetLabel: "service_method" + replacement: "$3" + - sourceLabels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(_sum|_count)?" + targetLabel: "__name__" + replacement: "rpc_latency$4" + +resources: {} + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +helm2Legacy: false + +ip_version_support: "v4_only" # v4_only, v6_only are the only supported values at the moment diff --git a/.template/yugabyte/yugabyte-rbac.yaml b/.template/yugabyte/yugabyte-rbac.yaml new file mode 100644 index 0000000000..a72f76a161 --- /dev/null +++ b/.template/yugabyte/yugabyte-rbac.yaml @@ -0,0 +1,19 @@ +# Create YugaByte specific service account +apiVersion: v1 +kind: ServiceAccount +metadata: + name: yugabyte-helm + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: yugabyte-helm +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: yugabyte-helm + namespace: kube-system diff --git a/.template/yugaware/.helmignore b/.template/yugaware/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/.template/yugaware/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/.template/yugaware/Chart.yaml b/.template/yugaware/Chart.yaml new file mode 100644 index 0000000000..634cd0c75f --- /dev/null +++ b/.template/yugaware/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +appVersion: 0.0.0.0-b0 +version: 0.0.0 +home: https://www.yugabyte.com +description: YugaWare is YugaByte Database's Orchestration and Management console. +name: yugaware +icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 +maintainers: +- name: Ram Sri + email: ram@yugabyte.com +- name: Arnav Agarwal + email: arnav@yugabyte.com diff --git a/.template/yugaware/templates/_helpers.tpl b/.template/yugaware/templates/_helpers.tpl new file mode 100644 index 0000000000..6dc414880f --- /dev/null +++ b/.template/yugaware/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "yugaware.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "yugaware.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "yugaware.chart" -}} +{{- printf "%s" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/.template/yugaware/templates/configs.yaml b/.template/yugaware/templates/configs.yaml new file mode 100644 index 0000000000..00eca492f0 --- /dev/null +++ b/.template/yugaware/templates/configs.yaml @@ -0,0 +1,321 @@ +# Copyright (c) YugaByte, Inc. +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-yugaware-global-config + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +data: + postgres_user: "postgres" + postgres_password: "{{ b64enc (randAlphaNum 8) }}" + postgres_db: "yugaware" + app_secret: "{{ b64enc (randAlphaNum 64) }}" + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-yugaware-app-config + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +data: + application.docker.conf: | + play.crypto.secret=${APP_SECRET} + play.i18n.langs = [ "en" ] + pidfile.path = "/dev/null" + play.evolutions.enabled=false + play.modules.enabled += "org.flywaydb.play.PlayModule" + + db { + default.url="jdbc:postgresql://{{ eq .Values.ip_version_support "v6_only" | ternary "[::1]" "127.0.0.1" }}:5432/"${POSTGRES_DB} + default.driver=org.postgresql.Driver + default.username=${POSTGRES_USER} + default.password=${POSTGRES_PASSWORD} + default.logStatements=true + default.migration.initOnMigrate=true + default.migration.auto=true + } + ebean { + default = ["com.yugabyte.yw.models.*"] + } + + play.modules.enabled += "org.flywaydb.play.PlayModule" + + yb { + devops.home = /opt/yugabyte/devops + metrics.url = "http://{{ eq .Values.ip_version_support "v6_only" | ternary "[::1]" "127.0.0.1" }}:9090/api/v1" + storage.path = /opt/yugaware_data + docker.network = bridge + seedData = false + swamper.targetPath = /opt/swamper_targets + multiTenant = {{ .Values.yugaware.multiTenant }} + releases.path = "/opt/releases" + docker.release = "/opt/yugabyte/release" + # TODO(bogdan): need this extra level for installing from local... + thirdparty.packagePath = /opt/third-party/third-party + helm.package = "{{ .Values.helm.package }}" + helm.timeout_secs = {{ .Values.helm.timeout }} + health.check_interval_ms = 300000 + health.status_interval_ms = 43200000 + health.default_email = "{{ .Values.yugaware.health.email }}" + health.ses_email_username = "{{ .Values.yugaware.health.username }}" + health.ses_email_password = "{{ .Values.yugaware.health.password }}" + } + + play.filters { + # CSRF config + csrf { + cookie { + # If non null, the CSRF token will be placed in a cookie with this name + name = "csrfCookie" + # Whether the cookie should be set to secure + secure = false + # Whether the cookie should have the HTTP only flag set + httpOnly = false + } + # Whether to bypass CSRF check if CORS check is satisfied + bypassCorsTrustedOrigins = false + header { + # The name of the header to accept CSRF tokens from. + name = "Csrf-Token" + } + } + } + +{{- if .Values.tls.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-yugaware-tls-cert + labels: + app: "{{ template "yugaware.name" . }}" + chart: "{{ template "yugaware.chart" . }}" + release: {{ .Release.Name | quote }} + heritage: {{ .Release.Service | quote }} +type: Opaque +data: + server.crt: {{ .Values.tls.certificate }} + server.key: {{ .Values.tls.key }} +{{- end }} + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-yugaware-nginx-config + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +data: + default.conf: | + server { +{{- if .Values.tls.enabled }} + listen 443 ssl; + ssl_certificate /opt/certs/server.crt; + ssl_certificate_key /opt/certs/server.key; + server_name {{ .Values.tls.hostname }}; +{{- else }} + listen {{ eq .Values.ip_version_support "v6_only" | ternary "[::]:80" "80" }}; + server_name {{ .Values.tls.hostname }}; +{{- end }} + proxy_http_version 1.1; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + + location / { + proxy_pass http://{{ eq .Values.ip_version_support "v6_only" | ternary "[::1]" "127.0.0.1" }}:9000; + } + + location ~ "^/proxy/([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}):([0-9]{4,6})/(.*)$" { + proxy_pass "http://$1:$2/$3$is_args$args"; + sub_filter "http://" "/proxy/"; + sub_filter "href='/" "href='/proxy/$1:$2/"; + sub_filter "href=\"/" "href=\"/proxy/$1:$2/"; + sub_filter "src='/" "src='/proxy/$1:$2/"; + sub_filter "src=\"/" "src=\"/proxy/$1:$2/"; + sub_filter_once off; + } + + location ~ "^/proxy/(.*.svc.cluster.local):([0-9]{4,6})/(.*)$" { + resolver {{ eq .Values.ip_version_support "v6_only" | ternary "[::1]:53" "127.0.0.1:53 ipv6=off" }}; + proxy_pass "http://$1:$2/$3$is_args$args"; + sub_filter "http://" "/proxy/"; + sub_filter "href='/" "href='/proxy/$1:$2/"; + sub_filter "href=\"/" "href=\"/proxy/$1:$2/"; + sub_filter "src='/" "src='/proxy/$1:$2/"; + sub_filter "src=\"/" "src=\"/proxy/$1:$2/"; + sub_filter_once off; + } + } +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-yugaware-prometheus-config + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +data: + prometheus.yml: | + global: + scrape_interval: 10s + evaluation_interval: 10s + scrape_configs: + - job_name: 'kubernetes-nodes' + + scheme: https + + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + kubernetes_sd_configs: + - role: node + + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - target_label: __address__ + replacement: kubernetes.default.svc:443 + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/${1}/proxy/metrics + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + + + - job_name: 'kubernetes-pods' + + kubernetes_sd_configs: + - role: pod + + relabel_configs: + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape] + action: keep + regex: true + - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path] + action: replace + target_label: __metrics_path__ + regex: (.+) + - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port] + action: replace + regex: ([^:]+)(?::\d+)?;(\d+) + replacement: $1:$2 + target_label: __address__ + - action: labelmap + regex: __meta_kubernetes_pod_label_(.+) + - source_labels: [__meta_kubernetes_namespace] + action: replace + target_label: kubernetes_namespace + - source_labels: [__meta_kubernetes_pod_name] + action: replace + target_label: kubernetes_pod_name + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + + - job_name: 'kube-state-metrics' + static_configs: + - targets: ['kube-state-metrics.kube-system.svc.{{.Values.domainName}}:8080'] + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + - source_labels: [pod] + regex: "(.*)" + target_label: "pod_name" + replacement: "$1" + - source_labels: [pod] + regex: "(yb-[^-]*)-(.*)" + target_label: "container_name" + replacement: "$1" + + - job_name: 'kubernetes-cadvisor' + + scheme: https + + tls_config: + ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt + bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token + + kubernetes_sd_configs: + - role: node + + relabel_configs: + - action: labelmap + regex: __meta_kubernetes_node_label_(.+) + - target_label: __address__ + replacement: kubernetes.default.svc:443 + - source_labels: [__meta_kubernetes_node_name] + regex: (.+) + target_label: __metrics_path__ + replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + + - job_name: "node" + file_sd_configs: + - files: + - '/opt/swamper_targets/node.*.json' + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + + - job_name: "yugabyte" + metrics_path: "/prometheus-metrics" + file_sd_configs: + - files: + - '/opt/swamper_targets/yugabyte.*.json' + metric_relabel_configs: + # Save the name of the metric so we can group_by since we cannot by __name__ directly... + - source_labels: ["__name__"] + regex: "(.*)" + target_label: "saved_name" + replacement: "$1" + # The following basically retrofit the handler_latency_* metrics to label format. + - source_labels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(.*)" + target_label: "server_type" + replacement: "$1" + - source_labels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(.*)" + target_label: "service_type" + replacement: "$2" + - source_labels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(_sum|_count)?" + target_label: "service_method" + replacement: "$3" + - source_labels: ["__name__"] + regex: "handler_latency_(yb_[^_]*)_([^_]*)_([^_]*)(_sum|_count)?" + target_label: "__name__" + replacement: "rpc_latency$4" diff --git a/.template/yugaware/templates/pdb.yaml b/.template/yugaware/templates/pdb.yaml new file mode 100644 index 0000000000..7bca490fab --- /dev/null +++ b/.template/yugaware/templates/pdb.yaml @@ -0,0 +1,9 @@ +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ .Release.Name }}-yugaware-pdb +spec: + maxUnavailable: 0 + selector: + matchLabels: + app: {{ .Release.Name }}-yugaware diff --git a/.template/yugaware/templates/rbac.yaml b/.template/yugaware/templates/rbac.yaml new file mode 100644 index 0000000000..6b2db7a315 --- /dev/null +++ b/.template/yugaware/templates/rbac.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Release.Name }} + labels: + k8s-app: yugaware + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Release.Name }} + labels: + k8s-app: yugaware + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +rules: +- apiGroups: [""] + resources: + - nodes + - nodes/proxy + - services + - endpoints + - pods + - pods/exec + verbs: ["get", "list", "watch", "create"] +- apiGroups: + - extensions + resources: + - ingresses + verbs: ["get", "list", "watch"] +- nonResourceURLs: ["/metrics"] + verbs: ["get"] +- apiGroups: [""] + resources: + - namespaces + - secrets + - pods/portforward + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["", "extensions"] + resources: + - deployments + - services + verbs: ["create", "get", "list", "watch", "update", "delete"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ .Release.Name }} + labels: + k8s-app: yugaware + kubernetes.io/cluster-service: "true" + addonmanager.kubernetes.io/mode: Reconcile +subjects: +- kind: ServiceAccount + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: {{ .Release.Name }} + apiGroup: rbac.authorization.k8s.io diff --git a/.template/yugaware/templates/service.yaml b/.template/yugaware/templates/service.yaml new file mode 100644 index 0000000000..8051ae6043 --- /dev/null +++ b/.template/yugaware/templates/service.yaml @@ -0,0 +1,234 @@ +# Copyright (c) YugaByte, Inc. + +{{- if .Values.yugaware.service.enabled }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-yugaware-ui + {{- if .Values.yugaware.service.annotations }} + annotations: +{{ toYaml .Values.yugaware.service.annotations | indent 4 }} + {{- end }} + labels: + app: {{ .Release.Name }}-yugaware + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +spec: +{{- if eq .Release.Service "Tiller" }} + clusterIP: +{{- else }} +{{- if .Values.yugaware.service.clusterIP }} + clusterIP: .Values.yugaware.service.clusterIP +{{- end }} +{{- end }} + ports: + - name: ui +{{- if .Values.tls.enabled }} + port: 443 +{{- else }} + port: 80 +{{- end }} + - name: metrics + port: 9090 + selector: + app: {{ .Release.Name }}-yugaware + type: "{{ .Values.yugaware.service.type }}" + {{- if and (eq .Values.yugaware.service.type "LoadBalancer") (.Values.yugaware.service.ip) }} + loadBalancerIP: "{{ .Values.yugaware.service.ip }}" + {{- end }} +{{- end }} +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-yugaware + labels: + app: {{ .Release.Name }}-yugaware + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +spec: + serviceName: {{ .Release.Name }}-yugaware + replicas: {{ .Values.yugaware.replicas }} + selector: + matchLabels: + app: {{ .Release.Name }}-yugaware + template: + metadata: + labels: + app: {{ .Release.Name }}-yugaware + spec: + serviceAccountName: {{ .Release.Name }} + imagePullSecrets: + - name: {{ .Values.image.pullSecret }} + {{- if .Values.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- end }} + volumes: + - name: yugaware-storage + persistentVolumeClaim: + claimName: {{ .Release.Name }}-yugaware-storage + - name: yugaware-ui + emptyDir: {} + - name: thirdparty-deps + emptyDir: {} + - name: yugaware-config + configMap: + name: {{ .Release.Name }}-yugaware-app-config + items: + - key: application.docker.conf + path: application.docker.conf + - name: nginx-config + configMap: + name: {{ .Release.Name }}-yugaware-nginx-config + items: + - key: default.conf + path: default.conf + - name: prometheus-config + configMap: + name: {{ .Release.Name }}-yugaware-prometheus-config + items: + - key: prometheus.yml + path: prometheus.yml + + {{- if .Values.tls.enabled }} + - name: {{ .Release.Name }}-yugaware-tls-cert + secret: + secretName: {{ .Release.Name }}-yugaware-tls-cert + {{- end }} + containers: + - image: postgres:11.5 + name: postgres + env: + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_user + - name: POSTGRES_PASSWORD + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_db + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: yugaware-storage + mountPath: /var/lib/postgresql/data + subPath: postgres_data + - name: prometheus + image: prom/prometheus:v2.2.1 + securityContext: + runAsUser: 0 + volumeMounts: + - name: prometheus-config + mountPath: /etc/prometheus/ + - name: yugaware-storage + mountPath: /prometheus/ + - name: yugaware-storage + mountPath: /opt/swamper_targets/ + subPath: swamper_targets + args: + - --config.file=/etc/prometheus/prometheus.yml + - --storage.tsdb.path=/prometheus/ + ports: + - containerPort: 9090 + - name: thirdparty-deps + image: quay.io/yugabyte/thirdparty-deps:latest + command: [ "/bin/sh", "-c", "--" ] + args: [ "while true; do sleep 30; done;" ] + volumeMounts: + - mountPath: /third-party-deps + name: thirdparty-deps + lifecycle: + postStart: + exec: + command: + - 'cp' + - '-fr' + - '/opt/third-party' + - '/third-party-deps' + - name: yugaware + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + {{- if .Values.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + {{- end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{ if .Values.yugaware.resources }} + resources: +{{ toYaml .Values.yugaware.resources | indent 12 }} + {{- end }} + command: [ "/bin/bash", "-c"] + args: + - "bin/yugaware -Dconfig.file=/data/application.docker.conf" + env: + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_user + - name: POSTGRES_PASSWORD + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_password + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: postgres_db + - name: APP_SECRET + valueFrom: + configMapKeyRef: + name: {{ .Release.Name }}-yugaware-global-config + key: app_secret + ports: + - containerPort: 9000 + name: yugaware + volumeMounts: + - name: yugaware-config + mountPath: /data + - name: yugaware-storage + mountPath: /opt/yugaware_data/ + subPath: data + - name: yugaware-storage + mountPath: /opt/releases/ + subPath: releases + - name: thirdparty-deps + mountPath: /opt/third-party + - name: yugaware-storage + mountPath: /opt/swamper_targets/ + subPath: swamper_targets + - name: nginx + image: nginx:1.17.4 + ports: + - containerPort: 80 + volumeMounts: + - mountPath: /etc/nginx/conf.d/ + name: nginx-config + {{- if .Values.tls.enabled }} + - name: {{ .Release.Name }}-yugaware-tls-cert + mountPath: /opt/certs/ + readOnly: true + {{- end }} + - name: dnsmasq + image: "janeczku/go-dnsmasq:release-1.0.7" + args: + - --listen + - "{{ eq .Values.ip_version_support "v6_only" | ternary "[::1]:53" "127.0.0.1:53" }}" + - --default-resolver + - --append-search-domains + - --hostsfile=/etc/hosts + - --verbose diff --git a/.template/yugaware/templates/volumes.yaml b/.template/yugaware/templates/volumes.yaml new file mode 100644 index 0000000000..37e498fb77 --- /dev/null +++ b/.template/yugaware/templates/volumes.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Release.Name }}-yugaware-storage + labels: + app: {{ template "yugaware.name" . }} + chart: {{ template "yugaware.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} +spec: + accessModes: + - ReadWriteOnce + storageClassName: {{ .Values.yugaware.storageClass }} + resources: + requests: + storage: {{ .Values.yugaware.storage }} diff --git a/.template/yugaware/values.yaml b/.template/yugaware/values.yaml new file mode 100644 index 0000000000..6d21c02f7e --- /dev/null +++ b/.template/yugaware/values.yaml @@ -0,0 +1,48 @@ +# Default values for yugaware. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: quay.io/yugabyte/yugaware + tag: 0.0.0.0-b0 + pullPolicy: IfNotPresent + pullSecret: yugabyte-k8s-pull-secret + +yugaware: + replicas: 1 + storage: 100Gi + storageClass: standard + multiTenant: false + serviceAccount: yugaware + service: + enabled: true + ip: "" + type: "LoadBalancer" + health: + username: "" + password: "" + email: "" + +tls: + enabled: false + hostname: "localhost" + certificate: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlHTHpDQ0JSZWdBd0lCQWdJUUQ2R1ZmL0ViUDhSMFQvcWxjRGZyM3pBTkJna3Foa2lHOXcwQkFRc0ZBREJlDQpNUXN3Q1FZRFZRUUdFd0pWVXpFVk1CTUdBMVVFQ2hNTVJHbG5hVU5sY25RZ1NXNWpNUmt3RndZRFZRUUxFeEIzDQpkM2N1WkdsbmFXTmxjblF1WTI5dE1SMHdHd1lEVlFRREV4UlNZWEJwWkZOVFRDQlNVMEVnUTBFZ01qQXhPREFlDQpGdzB4T1RBNE1ERXdNREF3TURCYUZ3MHlNVEEzTXpFeE1qQXdNREJhTUI4eEhUQWJCZ05WQkFNTUZDb3VZMnh2DQpkV1F1ZVhWbllXSjVkR1V1WTI5dE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBDQp3SmswU25ub1pRYW1hWm0rMVVJdjdRYjBLalhZeVEwckpJSGpsbE03elhFYUFoL0JqVjZ1M0h1TWxrTlZSekVFDQpGeEtGUm5nSlpXTVlPcy9sWDU1QmtBS0RocXNmaDl0ZVA4ZFVQU1RTVTN6bWRVc0dTcDJIMGpKbVhuRWNvMFpzDQpwYlVyYWhlcWlxSUUyZ1gwQlpvYldvWGRHc1EydXJiUGxyMGlVSnUxVnp4SGRoTS9nTnFQWEN5bE5YdENrbVI2DQo0eXpIa0Rob21pRTAySTMwTXBlOERxczl4d3lKd3F6T3J2ZnA0eUE0Ukhna2g1clovK1Erc0VQNkIyVzBHQXc2DQpzZDNTYytOTytYVUZoVnlFRDhqZkNsTndPVHZodi9keE5IWHZ4WHd0RWNjZTd1TVBBTFJzSFh1RW1kTkN5N2pvDQpibzJuUWFObzZBQ1c0U2s5RWJVZXB3SURBUUFCbzRJREpqQ0NBeUl3SHdZRFZSMGpCQmd3Rm9BVVU4b1hXZnhyDQp3QU1oTHhxdTVLcW9ISUpXMm5Vd0hRWURWUjBPQkJZRUZHemw3bjdOMy9GbFdDSDFvdWFCWldKMjI1UStNQjhHDQpBMVVkRVFRWU1CYUNGQ291WTJ4dmRXUXVlWFZuWVdKNWRHVXVZMjl0TUE0R0ExVWREd0VCL3dRRUF3SUZvREFkDQpCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUhBd0l3UGdZRFZSMGZCRGN3TlRBem9ER2dMNFl0DQphSFIwY0RvdkwyTmtjQzV5WVhCcFpITnpiQzVqYjIwdlVtRndhV1JUVTB4U1UwRkRRVEl3TVRndVkzSnNNRXdHDQpBMVVkSUFSRk1FTXdOd1lKWUlaSUFZYjliQUVDTUNvd0tBWUlLd1lCQlFVSEFnRVdIR2gwZEhCek9pOHZkM2QzDQpMbVJwWjJsalpYSjBMbU52YlM5RFVGTXdDQVlHWjRFTUFRSUJNSFVHQ0NzR0FRVUZCd0VCQkdrd1p6QW1CZ2dyDQpCZ0VGQlFjd0FZWWFhSFIwY0RvdkwzTjBZWFIxY3k1eVlYQnBaSE56YkM1amIyMHdQUVlJS3dZQkJRVUhNQUtHDQpNV2gwZEhBNkx5OWpZV05sY25SekxuSmhjR2xrYzNOc0xtTnZiUzlTWVhCcFpGTlRURkpUUVVOQk1qQXhPQzVqDQpjblF3Q1FZRFZSMFRCQUl3QURDQ0FYNEdDaXNHQVFRQjFua0NCQUlFZ2dGdUJJSUJhZ0ZvQUhVQTdrdTl0M1hPDQpZTHJoUW1rZnErR2VacU1QZmwrd2N0aURBTVI3aVhxby9jc0FBQUZzVHEwL013QUFCQU1BUmpCRUFpQlg3NXJ0DQpwNkdQbUQxbVl1S1hvcXVRVytIcUtRNE8rV1RXbTNCbVBteWF1d0lnQUoya01WdmduaUx1dEh5Y3AyYzBwdDRsDQptL3M5SWN2Yi9aN09jMU82b2xJQWRnQ0hkYi9uV1h6NGpFT1pYNzN6YnY5V2pVZFdOdjlLdFdEQnRPci9YcUNEDQpEd0FBQVd4T3JUOXNBQUFFQXdCSE1FVUNJSHphY3NCcmpEN1FER1ZRSHA5YUZPMnJ4VEx4NU9GOVE2MTFYaUU2DQpZUEk3QWlFQW9xd3pTd1BVaGt4bVhYNzN0SDVEcVNwaUxuOHdrMXFWeWhZOTVmSmxZa0VBZHdCRWxHVXVzTzdPDQpyOFJBQjlpby9pakEydWFDdnRqTE1iVS8wek9XdGJhQnFBQUFBV3hPclQ1M0FBQUVBd0JJTUVZQ0lRQ1ZLaHQ5DQpWTWhlNTUvZEwrSGN6Qzk5a2xheG9DcW5zOStRNGVOTDZ2Smd4QUloQUsyZmp4a1RadGw4WFZ4WHEwc2NSTWNJDQpiSktHcGJYdEV0N3dFVzRkZDNGS01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQm1GcDNCK1g2Y21Cb0FLWkhrDQpIWWxzanhIZk01bDQyZWJtSFdGdlQyTi9aVkZ3MEZ3YndBNExyNzlvd01QdU5FbVNNa2pmVVhxR011Q2VlVTdODQo0MlRwUFdPaGNzVHF6ZkxVa0hhMU9rK011L3RUZHBNcmhROEVqbkhMY3FKVE9MbmRSVy8zcE5IM2xrK2FJejNoDQpDVGFueElRVEE2cUxRNThRakszWmFMVzdqWVVNcVJFcnBGVDlBVXkxMDAxMjlOam5HVkhtYmU1bW1ZbEwvQlhMDQpmdHBJUUJJZnhCNXpHbHpTcjRHT3p5RDBES05YU040RU0yM2pIM1ljeUg4eFQrODU4ZkxSaXQ4SFlOQ3RQbkloDQoyRzR6UjV3emZFVDlnZUh6aWtuY0ZMWUpMMEpKMVIrZGVNRE91bmJWOUJqcmZJb3NNSk53TUV2ejFZczlBWXhHDQpxSFNYDQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tDQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRXNUQ0NBNW1nQXdJQkFnSVFDS1dpUnMxTFhJeUQxd0swdTZ0VFNUQU5CZ2txaGtpRzl3MEJBUXNGQURCaApNUXN3Q1FZRFZRUUdFd0pWVXpFVk1CTUdBMVVFQ2hNTVJHbG5hVU5sY25RZ1NXNWpNUmt3RndZRFZRUUxFeEIzCmQzY3VaR2xuYVdObGNuUXVZMjl0TVNBd0hnWURWUVFERXhkRWFXZHBRMlZ5ZENCSGJHOWlZV3dnVW05dmRDQkQKUVRBZUZ3MHhOekV4TURZeE1qSXpNek5hRncweU56RXhNRFl4TWpJek16TmFNRjR4Q3pBSkJnTlZCQVlUQWxWVApNUlV3RXdZRFZRUUtFd3hFYVdkcFEyVnlkQ0JKYm1NeEdUQVhCZ05WQkFzVEVIZDNkeTVrYVdkcFkyVnlkQzVqCmIyMHhIVEFiQmdOVkJBTVRGRkpoY0dsa1UxTk1JRkpUUVNCRFFTQXlNREU0TUlJQklqQU5CZ2txaGtpRzl3MEIKQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBNVMyb2loRW85bm5wZXpvemlEdHg0V1dMTENsbC9lMHQxRVllbUU1bgorTWdQNXZpYUhMeStWcEhQK25kWDVEMThJTkl1dUFWOHdGcTI2S0Y1VTBXTklaaVFwNm1MdElXalVlV0RQQTI4Ck9leWhUbGo5VExrMmJleXRidEZVNnlwYnBXVWx0bXZZNVY4bmdzcEM3bkZSTkNqcGZuREVEMmtSeUp6Tzh5b0sKTUZ6NEo0SkU4TjdOQTF1SndVRUZNVXZITHMwc2NMb1Baa0tjZXdJUm0xUlYyQXhtRlF4SmtkZjdZTjlQY2traQpmMlhnbTNiNDhCWm4wemYwcVhzU2VHdTg0dWE5Z3d6anpJN3RiVEJqYXlUcFQrL1hwV3VCVnY2ZnZhckk2YmlrCktCODU5T1NHUXV3NzNYWGdldUZ3RVBIVElSb1V0a3p1My9FUStMdHd6bmtrZFFJREFRQUJvNElCWmpDQ0FXSXcKSFFZRFZSME9CQllFRkZQS0YxbjhhOEFESVM4YXJ1U3FxQnlDVnRwMU1COEdBMVVkSXdRWU1CYUFGQVBlVURWVwowVXk3WnZDajRoc2J3NWV5UGRGVk1BNEdBMVVkRHdFQi93UUVBd0lCaGpBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGCkJRY0RBUVlJS3dZQkJRVUhBd0l3RWdZRFZSMFRBUUgvQkFnd0JnRUIvd0lCQURBMEJnZ3JCZ0VGQlFjQkFRUW8KTUNZd0pBWUlLd1lCQlFVSE1BR0dHR2gwZEhBNkx5OXZZM053TG1ScFoybGpaWEowTG1OdmJUQkNCZ05WSFI4RQpPekE1TURlZ05hQXpoakZvZEhSd09pOHZZM0pzTXk1a2FXZHBZMlZ5ZEM1amIyMHZSR2xuYVVObGNuUkhiRzlpCllXeFNiMjkwUTBFdVkzSnNNR01HQTFVZElBUmNNRm93TndZSllJWklBWWI5YkFFQ01Db3dLQVlJS3dZQkJRVUgKQWdFV0hHaDBkSEJ6T2k4dmQzZDNMbVJwWjJsalpYSjBMbU52YlM5RFVGTXdDd1lKWUlaSUFZYjliQUVCTUFnRwpCbWVCREFFQ0FUQUlCZ1puZ1F3QkFnSXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBSDRqeC9MS05XNVprbEZjCllXczhFamJtMG55ektlWkMyS09WWVI3UDhnZXZLeXNsV200WG80QlN6S3IyMzVGc0o0YUZ0NnlBaXYxZVkwdFoKL1pOMThiT0dTR1N0b0VjL0pFNG9jSXpyOFA1TWcxMWtSWUhibWdZbnIxUnhla2k1bVNlYjM5REd4VHBKRDRrRwpoczVsWE5vbzRjb25VaWlKd0thcUg3dmgyYmFyeWQ4cE1JU2FnODNKVXF5VkdjMnRXUHBPMDMyOS9DV3Eya3J5CnF2NjZPU01qd3VsVXowZFhmNE9IUWFzUjdDTmZJcis0S1NjYzZBQmxRNVJERjg2UEdlRTZrZHdTUWtGaUIvY1EKeXNOeXEwakVEUVRrZmEycGptdVd0TUNOYkJuaEZYQlllamZ1YkloYVViRXYyRk9RQjNkQ2F2K0ZQZzVlRXZlWApUVnlNbkdvPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==" + key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBd0prMFNubm9aUWFtYVptKzFVSXY3UWIwS2pYWXlRMHJKSUhqbGxNN3pYRWFBaC9CCmpWNnUzSHVNbGtOVlJ6RUVGeEtGUm5nSlpXTVlPcy9sWDU1QmtBS0RocXNmaDl0ZVA4ZFVQU1RTVTN6bWRVc0cKU3AySDBqSm1YbkVjbzBac3BiVXJhaGVxaXFJRTJnWDBCWm9iV29YZEdzUTJ1cmJQbHIwaVVKdTFWenhIZGhNLwpnTnFQWEN5bE5YdENrbVI2NHl6SGtEaG9taUUwMkkzME1wZThEcXM5eHd5Sndxek9ydmZwNHlBNFJIZ2toNXJaCi8rUStzRVA2QjJXMEdBdzZzZDNTYytOTytYVUZoVnlFRDhqZkNsTndPVHZodi9keE5IWHZ4WHd0RWNjZTd1TVAKQUxSc0hYdUVtZE5DeTdqb2JvMm5RYU5vNkFDVzRTazlFYlVlcHdJREFRQUJBb0lCQUJDbDdaZzJlM2tvSHdCbgowdEFhWFl3dW1ySi9YeExaK1kyNVVKUHc4KzFwUm1kQ21YZC81THVZVG1tNnZrZGVIRTFtUTNENDlVNzNSdVBtCmpwdzZVTTZDK1IyTjh6YktKcFo2dzNSWmwzaXlCalhEVzNMZHRSemRVRzMvZHd0Q0RpZ3d4ZVR3ME1RVkJ6aFYKWldlS2o2eStmNE5OekxGTkZocWdsTFBGRWVMTlk3WUgvYUdHdTZwaVpERkFMT0liMlFVUUVvVVRkUEJabDMxSwpKL0Y0cHE1RkV6ekQ0aHMwYXJzSlIxeUd4L0NCRWxqQWRSNWE4Y3FHdGhxYjFMdXJTMVcxT0dNUGkzNFdDblJKCnYwTC9zSU9ORCt5cjdjd3ZQaFFzcmI3Tk9NbGxRSDYwUGdyQ0JyOUVwalFiRm1ZN3NCTS9jYUZTWHVDTmZnTzMKT3hTQjF0RUNnWUVBNHpSMTh2aXl3Ykt5aE5xeEhkNzJ1UkxHS2k4SWZhVmhsNGxFeGdsR0pLNHQ0KzYreXhObAp2OFBkdGg3elJjL1pyQUlBUEtBRnZxa1RnVzkrc2llL3JPcE9PUzA2UnVIWVpJMjdpS3ZiL054N29YTm9TM0Y2CitXRlNJSVJqRFo0eHc2SU1iNUJFS0hOVGtKU1pBMXBkaXhYeFgzeDVTM2hCWTlmekl2NGdVVDhDZ1lFQTJRSDAKbnU5REZ0MDNmWmpvcjRMUkZCQS84NEV1dmdBL2RxMkZ4TzVvMjIrdk43Qk9LRW9IWTRuTzhYdFN2L2MzaVFZdApmTUdGZUR2eXdqRnFPU05SS2JxenMza3ZmY2gxNEhHdFltT29DVTF6Smd2VkF4SytWOFF4YWxMbmhlbjZsaTgwCnJKYmtWWUJXYnFHZHU1d2FPM1RyeGsvbHBMejFvSnliK0FQbmNKa0NnWUVBeHd3anRTeEtOc1hkL2VRMXZReWoKcTdvVjM4ajZzRkRkOGNzeGRDbVZ5UGJMZjErZXlQeUNiSUVrMExQR3ZzZDhWR1FnWHZ4MmEvVm1BRVIwZzVHdApLOGpOcE92Sm5XV29sVmRTRDBjNDRBc3RTR0Y1NG5aVm5QcTAzNFg3M1dkVkE2WUpMUWYvbmt5Q3ppeFE3UTRTCjI1SHF0NU91RS84VGttd1ROdm5aeURNQ2dZQlUxV0xmendFWEt4dktTY0NNL0VMbjZRSlhHeVUrdWJJVm52Z3cKYUZNdGxaZVYyYUowTlp4MTJTWEJXVWljS3ZUVzZFZFlBZjgvWlpBZFFsd1lRaW8wZWZ4T0tRM2J5a1hxbkFYLwo5SjE0SllMaVdMWEpJY2F2WU05QWxYQlU5WWMwdHZlTWtPQnFYR1Z0a2xpclF2Y3VUeUxzdjhjeWczd3ljWWEzCmlpOHI0UUtCZ0NaODZtcEZuUlN2aTdpTWw1MUdybDFQZER2YzZVMURRVkI5empTQlVzak1lamNTQXk4WmVJZlQKUDVoSGc3REFaUEhmUGpYLzZxUnpNQW8zWlFlZVBMdTNEYVgwbFBoekNhalF1bkpIbWZvYlA2QjFOUG45T056bQo0dE0wdEU1YTJVVmJuZW5haVZyaDRhSXlJTTFxVTdHT1ArcDNMNi9hNzVnSVQ2SVJRVlloCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==" + +## yugaware pod Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +securityContext: + enabled: false + fsGroup: 1001 + runAsUser: 1001 + + +helm: + timeout: 900 + package: "/opt/yugabyte/helm/yugabyte-latest.tgz" + +domainName: "cluster.local" + +helm2Legacy: false + +ip_version_support: "v4_only" # v4_only, v6_only are the only supported values at the moment From a507430635d657a3e14976235fdf1140c2e9e39f Mon Sep 17 00:00:00 2001 From: Jeff Date: Wed, 7 Oct 2020 16:01:02 -0700 Subject: [PATCH 2/2] Add missing changes --- .ci/update_version.sh | 46 +++++++++++++++++++-------- .github/workflows/update-version.yaml | 3 +- 2 files changed, 34 insertions(+), 15 deletions(-) diff --git a/.ci/update_version.sh b/.ci/update_version.sh index 7932377440..49dbb6e530 100755 --- a/.ci/update_version.sh +++ b/.ci/update_version.sh @@ -9,7 +9,6 @@ function version_gt() { test "$(echo -e "$1\n$2" | sort -V | head -n 1)" != "$1" } - if [[ $# -ne 1 ]]; then echo "No arguments supplied. Please provide the release version" 1>&2 echo "Terminating the script execution." 1>&2 @@ -17,8 +16,29 @@ if [[ $# -ne 1 ]]; then fi release_version="$1" + +current_stable=2.3 + +# We have multiple parallel release trains. +# Each train is described by its . number +# We use this release train name as the parent directory for the corresponding helm charts +a=( ${release_version//./ } ) +yb_release="${a[0]}.${a[1]}" + +# If the yb_release is the latest (currently 2.3), use the keyword 'stable' instead +if [[ "${yb_release}" == "${current_stable}" ]]; then + yb_release='stable' +fi + +# If our yb_release dir doesn't exist, copy it from the template at .template +if [[ ! -d "${yb_release}" ]]; then + echo "First release for ${yb_release}!" + echo "Creating new release directory" + cp -r .template "${yb_release}" +fi + # appVersion mentioned in Charts.yaml -current_version="$(grep -r "^appVersion" "stable/yugabyte/Chart.yaml" | awk '{ print $2 }')" +current_version="$(grep -r "^appVersion" "${yb_release}/yugabyte/Chart.yaml" | awk '{ print $2 }')" if ! version_gt "${release_version}" "${current_version%-b*}" ; then echo "Release version is either older or equal to the current version: '${release_version}' <= '${current_version%-b*}'" 1>&2 exit 1 @@ -35,14 +55,14 @@ else fi # Following parameters will be updated in the below-mentioned files: -# 1. ./stable/yugabyte/Chart.yaml - version, appVersion -# 2. ./stable/yugabyte/values.yaml - tag -# 3. ./stable/yugaware/Chart.yaml - version, appVersion -# 4. ./stable/yugaware/values.yaml - tag -# 5. ./stable/yugabyte/app-readme.md - *.*.*.*-b* - -files_to_update_version=("stable/yugabyte/Chart.yaml" "stable/yugaware/Chart.yaml") -files_to_update_tag=("stable/yugabyte/values.yaml" "stable/yugaware/values.yaml") +# 1. ./${yb_release}/yugabyte/Chart.yaml - version, appVersion +# 2. ./${yb_release}/yugabyte/values.yaml - tag +# 3. ./${yb_release}/yugaware/Chart.yaml - version, appVersion +# 4. ./${yb_release}/yugaware/values.yaml - tag +# 5. ./${yb_release}/yugabyte/app-readme.md - *.*.*.*-b* + +files_to_update_version=("${yb_release}/yugabyte/Chart.yaml" "${yb_release}/yugaware/Chart.yaml") +files_to_update_tag=("${yb_release}/yugabyte/values.yaml" "${yb_release}/yugaware/values.yaml") chart_release_version="$(echo "${release_version}" | grep -o '[0-9]\+.[0-9]\+.[0-9]\+')" # Update appVersion and version in Chart.yaml @@ -58,6 +78,6 @@ for file in "${files_to_update_tag[@]}"; do sed -i "s/^ tag: .*/ tag: ${docker_image_tag}/g" "${file}" done -# Update version number in stable/yugabyte/app-readme.md -echo "Updating file: 'stable/yugabyte/app-readme.md' with version: '${docker_image_tag}'" -sed -i "s/[0-9]\+.[0-9]\+.[0-9]\+.[0-9]\+-b[0-9]\+/${docker_image_tag}/g" "stable/yugabyte/app-readme.md" +# Update version number in ${yb_release}/yugabyte/app-readme.md +echo "Updating file: '${yb_release}/yugabyte/app-readme.md' with version: '${docker_image_tag}'" +sed -i "s/[0-9]\+.[0-9]\+.[0-9]\+.[0-9]\+-b[0-9]\+/${docker_image_tag}/g" "${yb_release}/yugabyte/app-readme.md" diff --git a/.github/workflows/update-version.yaml b/.github/workflows/update-version.yaml index 3f4109bd72..0ad5c941eb 100644 --- a/.github/workflows/update-version.yaml +++ b/.github/workflows/update-version.yaml @@ -44,8 +44,7 @@ jobs: run: | git status git diff - git add ./stable/yugabyte/Chart.yaml ./stable/yugaware/Chart.yaml \ - ./stable/yugabyte/values.yaml ./stable/yugaware/values.yaml ./stable/yugabyte/app-readme.md + git add . git commit -m "Update the version to ${{steps.extract-version.outputs.yb_version}}" git push origin ${{ github.ref }} - name: "Show git status in case of failure"