diff --git a/.meepctl-repocfg.yaml b/.meepctl-repocfg.yaml index d3476ce92ad57c753c9d77e1c351f0a6a75b4f12..6e959509eaa034ef1e13d1b66181f67ca1c85d33 100644 --- a/.meepctl-repocfg.yaml +++ b/.meepctl-repocfg.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -version: 1.7.1 +version: 1.8.0 repo: name: AdvantEDGE @@ -91,13 +91,77 @@ repo: # OAuth k8s secret (data: client-id, secret) secret: meep-oauth-gitlab + # Metrics Configuration + metrics: + # Influx configuration + influx: + # enable influx data backups + enabled: false + # object store url + url: my-object-store-fqdn + # object store configuration secret + secret: meep-influx-objstore-config + # Number of days to retain daily data backups + retention: 7 + # Prometheus configuration + prometheus: + # external labels added to prometheus metrics + external-labels: + # deployment region (geographic or logical) + region: idcc + # function being monitored + monitor: advantedge + # prometheus environment (dev|prod) + promenv: prod + # unique deployment identifier + replica: platform-ip + # Thanos long-term storage + thanos: + # enable Thanos + enabled: false + # object store configuration secret + secret: meep-thanos-objstore-config + # query component + query: + # enable querier + enabled: true + # query frontend component + query-frontend: + # enable query frontend + enabled: true + # store gateway component + store-gateway: + # enable store gateway + enabled: true + # compactor component + compactor: + # enable compactor + enabled: false + # data retention times + retention: + # raw data retention + resolution-raw: 30d + # 5m downsampled data retention + resolution-5m: 60d + # 1h downsampled data retention + resolution-1h: 10y + # Thanos long-term storage archive + thanos-archive: + # enable Thanos archive + enabled: false + # archive object store configuration secret + secret: meep-thanos-archive-objstore-config + # Default monitoring dashboards dashboards: network-metrics-point-to-point: dashboards/network-metrics-point-to-point.json network-metrics-aggregation: dashboards/network-metrics-aggregation.json + wireless-metrics-point-to-point: dashboards/wireless-metrics-point-to-point.json + wireless-metrics-aggregation: dashboards/wireless-metrics-aggregation.json http-single-log: dashboards/http-log-byId.json http-logs-aggregation: dashboards/http-loggers.json platform-advantedge: dashboards/platform-advantedge.json + # platform-advantedge: dashboards/platform-advantedge-thanos.json platform-k8s: dashboards/platform-k8s.json runtime-environment-node: dashboards/runtime-environment-node.json runtime-environment-k8s-cluster: dashboards/runtime-environment-k8s-cluster.json @@ -138,10 +202,16 @@ repo: codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-auth-svc/api/swagger.yaml - # AdvantEDGE resources included in Docker container image + # location of API specifications + api: + - name: 'AdvantEDGE Auth Service REST API' + file: go-apps/meep-auth-svc/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-auth-svc/entrypoint.sh # location of REST API permissions file 'permissions.yaml': config/permissions-open.yaml meep-ingress-certs: @@ -179,8 +249,6 @@ repo: codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-mon-engine/api/swagger.yaml # list of dependencies pods to monitor dependency-pods: # - meep-cert-manager @@ -208,8 +276,20 @@ repo: - meep-mg-manager - meep-rnis - meep-wais + - meep-ams - meep-sandbox-ctrl - meep-tc-engine + - meep-app-enablement + # location of API specifications + api: + - name: 'AdvantEDGE Monitoring Engine REST API' + file: go-apps/meep-mon-engine/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-mon-engine/entrypoint.sh meep-platform-ctrl: # location of source code src: go-apps/meep-platform-ctrl @@ -229,12 +309,18 @@ repo: codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-platform-ctrl/api/swagger.yaml - # AdvantEDGE resources included in Docker container image + # location of API specifications + api: + - name: 'AdvantEDGE Platform Controller REST API' + file: go-apps/meep-platform-ctrl/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image docker-data: - # location of AdvantEDGE swagger files - swagger: bin/meep-platform-swagger-ui + # location of entry script + 'entrypoint.sh': go-apps/meep-platform-ctrl/entrypoint.sh + # location of Swagger UI + swagger: js-apps/meep-swagger-ui # location of AdvantEDGE frontend frontend: bin/meep-frontend meep-virt-engine: @@ -267,8 +353,10 @@ repo: meep-mg-manager: charts/meep-mg-manager meep-rnis: charts/meep-rnis meep-wais: charts/meep-wais + meep-ams: charts/meep-ams meep-sandbox-ctrl: charts/meep-sandbox-ctrl meep-tc-engine: charts/meep-tc-engine + meep-app-enablement: charts/meep-app-enablement meep-virt-chart-templates: charts/meep-virt-chart-templates # list of sandbox specific pods sandbox-pods: @@ -278,8 +366,10 @@ repo: - meep-mg-manager - meep-rnis - meep-wais + - meep-ams - meep-sandbox-ctrl - meep-tc-engine + - meep-app-enablement meep-webhook: # location of source code src: go-apps/meep-webhook @@ -327,48 +417,6 @@ repo: meep-mon-engine-api: js-packages/meep-mon-engine-client meep-gis-engine-api: js-packages/meep-gis-engine-client meep-auth-svc-client: js-packages/meep-auth-svc-client - meep-platform-swagger-ui: - # location of source code - src: js-apps/meep-swagger-ui - # location of binary - bin: bin/meep-platform-swagger-ui - # enable meepctl build - build: true - # enable meepctl dockerize -> bundled with meep-platform-ctrl - dockerize: false - # enable meepctl deploy/delete -> deployed via meep-platform-ctrl - deploy: false - # supports linting - lint: false - # list of platform level swagger specs - api-bundle: - - core.go-apps.meep-auth-svc - - core.go-apps.meep-platform-ctrl - - core.go-apps.meep-mon-engine - meep-sandbox-swagger-ui: - # location of source code - src: js-apps/meep-swagger-ui - # location of binary - bin: bin/meep-sandbox-swagger-ui - # enable meepctl build - build: true - # enable meepctl dockerize -> bundled with meep-sandbox-ctrl - dockerize: false - # enable meepctl deploy/delete -> deployed via meep-sandbox-ctrl - deploy: false - # supports linting - lint: false - # list of sandbox level swagger specs - api-bundle: - - sandbox.go-apps.meep-sandbox-ctrl - - sandbox.go-apps.meep-gis-engine - - sandbox.go-apps.meep-loc-serv - - sandbox.go-apps.meep-rnis - - sandbox.go-apps.meep-wais - - sandbox.go-apps.meep-metrics-engine - - packages.go-packages.meep-metrics-engine-notification-client - - sandbox.go-apps.meep-mg-manager - - packages.go-packages.meep-mg-app-client #------------------------------ # Sandbox Subsystem @@ -377,6 +425,40 @@ repo: # Go Applications go-apps: + meep-app-enablement: + # location of source code + src: go-apps/meep-app-enablement + # location of binary + bin: bin/meep-app-enablement + # location of deployment chart + chart: charts/meep-app-enablement + # user supplied value file located @ .meep/user/values (use below file name) + chart-user-values: meep-app-enablement.yaml + # extra build flags + build-flags: + - -mod=vendor + # enable meepctl build + build: true + # enable meepctl dockerize + dockerize: true + # enable meepctl deploy/delete + deploy: true + # supports code coverage measurement when built in codecov mode + codecov: false + # supports linting + lint: true + # location of API specifications + api: + - name: 'AdvantEDGE MEC Application Support REST API' + file: go-apps/meep-app-enablement/api/app-support/swagger.yaml + - name: 'AdvantEDGE MEC Service Management REST API' + file: go-apps/meep-app-enablement/api/service-mgmt/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-app-enablement/entrypoint.sh meep-gis-engine: # location of source code src: go-apps/meep-gis-engine @@ -393,11 +475,19 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-gis-engine/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE GIS Engine REST API' + file: go-apps/meep-gis-engine/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-gis-engine/entrypoint.sh meep-loc-serv: # location of source code src: go-apps/meep-loc-serv @@ -417,11 +507,19 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-loc-serv/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE Location Service REST API' + file: go-apps/meep-loc-serv/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-loc-serv/entrypoint.sh meep-metrics-engine: # location of source code src: go-apps/meep-metrics-engine @@ -441,11 +539,21 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-metrics-engine/api/v2/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE Metrics Service REST API' + file: go-apps/meep-metrics-engine/api/v2/swagger.yaml + - name: 'AdvantEDGE Metrics Service Notification REST API' + file: go-packages/meep-metrics-engine-notification-client/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-metrics-engine/entrypoint.sh meep-mg-manager: # location of source code src: go-apps/meep-mg-manager @@ -462,11 +570,21 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-mg-manager/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE Mobility Group Service REST API' + file: go-apps/meep-mg-manager/api/swagger.yaml + - name: 'AdvantEDGE Mobility Group Application Client REST API' + file: go-packages/meep-mg-app-client/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-mg-manager/entrypoint.sh meep-rnis: # location of source code src: go-apps/meep-rnis @@ -486,11 +604,19 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-rnis/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE Radio Network Information Service REST API' + file: go-apps/meep-rnis/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-rnis/entrypoint.sh meep-wais: # location of source code src: go-apps/meep-wais @@ -510,11 +636,51 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-wais/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE WLAN Access Information REST API' + file: go-apps/meep-wais/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-wais/entrypoint.sh + meep-ams: + # location of source code + src: go-apps/meep-ams + # location of binary + bin: bin/meep-ams + # location of deployment chart + chart: charts/meep-ams + # user supplied value file located @ .meep/user/values (use below file name) + chart-user-values: meep-ams.yaml + # extra build flags + build-flags: + - -mod=vendor + # enable meepctl build + build: true + # enable meepctl dockerize + dockerize: true + # enable meepctl deploy/delete + deploy: true + # supports code coverage measurement when built in codecov mode + codecov: true + # supports linting + lint: true + # location of API specifications + api: + - name: 'AdvantEDGE Application Mobility REST API' + file: go-apps/meep-ams/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image + docker-data: + # location of entry script + 'entrypoint.sh': go-apps/meep-ams/entrypoint.sh meep-sandbox-ctrl: # location of source code src: go-apps/meep-sandbox-ctrl @@ -531,14 +697,21 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true - # location of API specification - api: go-apps/meep-sandbox-ctrl/api/swagger.yaml + # location of API specifications + api: + - name: 'AdvantEDGE Sandbox Controller REST API' + file: go-apps/meep-sandbox-ctrl/api/swagger.yaml + # location of user supplied API specifications + user-api: + # resources available to docker container image docker-data: + # location of entry script 'entrypoint.sh': go-apps/meep-sandbox-ctrl/entrypoint.sh - swagger: bin/meep-sandbox-swagger-ui + # location of Swagger UI + swagger: js-apps/meep-swagger-ui meep-tc-engine: # location of source code src: go-apps/meep-tc-engine @@ -555,7 +728,7 @@ repo: # enable meepctl deploy/delete deploy: true # supports code coverage measurement when built in codecov mode - codecov: false + codecov: true # supports linting lint: true meep-tc-sidecar: @@ -633,7 +806,7 @@ repo: chart: charts/influxdb # user supplied value file located @ .meep/user/values (use below file name) chart-user-values: meep-influxdb.yaml - meep-kube-state-metrics: + meep-ingress: # enable meepctl build -> deps are never built build: false # enable meepctl dockerize -> deps are never dockerized @@ -641,10 +814,10 @@ repo: # enable meepctl deploy/delete deploy: true # location of deployment chart - chart: charts/kube-state-metrics + chart: charts/ingress-nginx # user supplied value file located @ .meep/user/values (use below file name) - chart-user-values: meep-kube-state-metrics.yaml - meep-ingress: + chart-user-values: meep-ingress.yaml + meep-kube-state-metrics: # enable meepctl build -> deps are never built build: false # enable meepctl dockerize -> deps are never dockerized @@ -652,20 +825,20 @@ repo: # enable meepctl deploy/delete deploy: true # location of deployment chart - chart: charts/ingress-nginx + chart: charts/kube-state-metrics # user supplied value file located @ .meep/user/values (use below file name) - chart-user-values: meep-ingress.yaml - meep-redis: + chart-user-values: meep-kube-state-metrics.yaml + meep-minio: # enable meepctl build -> deps are never built build: false # enable meepctl dockerize -> deps are never dockerized dockerize: false # enable meepctl deploy/delete - deploy: true + deploy: false # location of deployment chart - chart: charts/redis + chart: charts/minio # user supplied value file located @ .meep/user/values (use below file name) - chart-user-values: meep-redis.yaml + chart-user-values: meep-minio.yaml meep-open-map-tiles: # enable meepctl build -> deps are never built build: false @@ -699,6 +872,39 @@ repo: chart: charts/kube-prometheus-stack # user supplied value file located @ .meep/user/values (use below file name) chart-user-values: meep-prometheus.yaml + meep-redis: + # enable meepctl build -> deps are never built + build: false + # enable meepctl dockerize -> deps are never dockerized + dockerize: false + # enable meepctl deploy/delete + deploy: true + # location of deployment chart + chart: charts/redis + # user supplied value file located @ .meep/user/values (use below file name) + chart-user-values: meep-redis.yaml + meep-thanos: + # enable meepctl build -> deps are never built + build: false + # enable meepctl dockerize -> deps are never dockerized + dockerize: false + # enable meepctl deploy/delete + deploy: false + # location of deployment chart + chart: charts/thanos + # user supplied value file located @ .meep/user/values (use below file name) + chart-user-values: meep-thanos.yaml + meep-thanos-archive: + # enable meepctl build -> deps are never built + build: false + # enable meepctl dockerize -> deps are never dockerized + dockerize: false + # enable meepctl deploy/delete + deploy: false + # location of deployment chart + chart: charts/thanos + # user supplied value file located @ .meep/user/values (use below file name) + chart-user-values: meep-thanos-archive.yaml #------------------------------ # Packages @@ -757,15 +963,11 @@ repo: src: go-packages/meep-metrics-engine-notification-client # supports linting lint: false - # location of API specification - api: go-packages/meep-metrics-engine-notification-client/api/swagger.yaml meep-mg-app-client: # location of source code src: go-packages/meep-mg-app-client # supports linting lint: false - # location of API specification - api: go-packages/meep-mg-app-client/api/swagger.yaml meep-mg-manager-client: # location of source code src: go-packages/meep-mg-manager-client @@ -831,6 +1033,11 @@ repo: src: go-packages/meep-wais-client # supports linting lint: false + meep-ams-client: + # location of source code + src: go-packages/meep-ams-client + # supports linting + lint: false meep-watchdog: # location of source code src: go-packages/meep-watchdog diff --git a/README.md b/README.md index dfaee079cafcf5d342d87bb2446e8d9e2c524a73..93af6ee7043b88e0e870b6f71bcee50daec2dd30 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,16 @@ -![AdvantEDGE-logo](https://github.com/InterDigitalInc/AdvantEDGE/wiki/images/AdvantEDGE-logo_Blue-01.png) +![AdvantEDGE-logo](https://github.com/InterDigitalInc/AdvantEDGE/blob/gh-pages/assets/images/AdvantEDGE-logo_Blue-01.png) ------ -**_What's New!_** +**_What's New in v1.8.0!_** -:zap: **v1.7.0 cool features :sunglasses: :point_right: [**process lifecycle API**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/overview-features#process-lifecycle) and [**cellular connectivity API**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/overview-features#cellular-connectivity-control) - open-up new edge experiments** +:zap: **New edge native services: [ETSI MEC011 - Edge Platform Application Enablement](https://interdigitalinc.github.io/AdvantEDGE/docs/overview/edge-services/#edge-platform-application-enablement-service) and [ETSI MEC021 - Application Mobility](https://interdigitalinc.github.io/AdvantEDGE/docs/overview/edge-services/#application-mobility-service) to boost up your edge apps! :rocket:** -:zap: **Wiki refresh was overdue :shamrock: Hope the :sparkles: new structure & [**Sitemap**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/project-sitemap) :sparkles: make it easier to navigate** +:zap: **Improved metrics & storage with :earth_americas: [Geospatial network KPIs](https://interdigitalinc.github.io/AdvantEDGE/docs/overview/features/#geospatial-subsystem) and :card_file_box: [Metrics long-term storage](https://interdigitalinc.github.io/AdvantEDGE/docs/overview/features/#monitoring-subsystem)** -:zap: **"_Old New_" :wink: you can still easily reach out to the team by initiating [:octocat: **Discussion**](https://github.com/InterDigitalInc/AdvantEDGE/discussions)** +:zap: **General Maintenance fixes :hammer_and_wrench:** + +:zap: **"_Old New_" :wink: you can still easily reach out to the team by initiating [GitHub Discussion](https://github.com/InterDigitalInc/AdvantEDGE/discussions) :octocat:** ------ @@ -37,13 +39,13 @@ AdvantEDGE provides an emulation environment, enabling experimentation with Edge ## Getting started -[:one: :heavy_minus_sign: **Familiarize with Architecture and Features**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/overview-architecture) +[:one: :heavy_minus_sign: **Familiarize with Architecture and Features**](https://interdigitalinc.github.io/AdvantEDGE/docs/overview/overview-architecture) -[:two: :heavy_minus_sign: **Setup environment**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/env-hw) +[:two: :heavy_minus_sign: **Setup environment**](https://interdigitalinc.github.io/AdvantEDGE/docs/setup/env-hw) -[:three: :heavy_minus_sign: **Deploy platform**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/mgmt-workflow) +[:three: :heavy_minus_sign: **Deploy platform**](https://interdigitalinc.github.io/AdvantEDGE/docs/platform-mgmt/mgmt-workflow) -[:four: :heavy_minus_sign: **Start using AdvantEDGE**](https://github.com/InterDigitalInc/AdvantEDGE/wiki/usage-workflow) +[:four: :heavy_minus_sign: **Start using AdvantEDGE**](https://interdigitalinc.github.io/AdvantEDGE/docs/usage/usage-workflow) ## How to Contribute If you like this project and would like to participate in its evolution, you can find information on contributing [**here**](https://github.com/InterDigitalInc/AdvantEDGE/blob/master/CONTRIBUTING.md) diff --git a/charts/grafana/dashboards/platform-advantedge-thanos.json b/charts/grafana/dashboards/platform-advantedge-thanos.json new file mode 100644 index 0000000000000000000000000000000000000000..8ba90bd2405fd82cc840b33d2a64e1535cfdbecf --- /dev/null +++ b/charts/grafana/dashboards/platform-advantedge-thanos.json @@ -0,0 +1,1116 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "id": 9, + "iteration": 1633697259754, + "links": [], + "panels": [ + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 91, + "panels": [], + "title": "Sandbox Metrics", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": "meep-influxdb", + "decimals": 2, + "fieldConfig": { + "defaults": { + "custom": {}, + "displayName": "Sbox Creation Time", + "unit": "s" + }, + "overrides": [] + }, + "fill": 1, + "fillGradient": 7, + "gridPos": { + "h": 7, + "w": 10, + "x": 0, + "y": 1 + }, + "hiddenSeries": false, + "id": 93, + "interval": "", + "legend": { + "alignAsTable": true, + "avg": true, + "current": false, + "hideEmpty": false, + "hideZero": false, + "max": true, + "min": true, + "rightSide": false, + "show": true, + "total": false, + "values": true + }, + "lines": false, + "linewidth": 2, + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": true, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "", + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "hide": false, + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT createtime FROM global_sandbox_metrics.autogen.sbox WHERE $timeFilter", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "value" + ], + "type": "field" + } + ] + ], + "tags": [] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Sandbox Creation Time", + "tooltip": { + "shared": false, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "decimals": 0, + "format": "s", + "label": null, + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": null, + "logBase": 1, + "max": null, + "min": null, + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "noValue": "0", + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 4, + "x": 10, + "y": 1 + }, + "id": 95, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "value" + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum(increase(mon_engine_sbox_create_duration_sum{replica=~\"$replica\"}[$__range])) / sum(increase(mon_engine_sbox_create_duration_count{replica=~\"$replica\"}[$__range]))", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Average Sandbox Creation Time", + "type": "stat" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-green", + "value": null + }, + { + "color": "light-green", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 10, + "x": 14, + "y": 1 + }, + "id": 97, + "options": { + "displayMode": "gradient", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "max" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum by (le) (increase(mon_engine_sbox_create_duration_bucket{replica=~\"$replica\"}[$__range]))", + "format": "heatmap", + "instant": true, + "interval": "", + "legendFormat": "{{le}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Sandbox Creation Time Distribution (seconds)", + "transformations": [], + "type": "bargauge" + }, + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 37, + "panels": [], + "title": "Platform API Requests & Notifications", + "type": "row" + }, + { + "datasource": null, + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 1, + "w": 12, + "x": 0, + "y": 9 + }, + "id": 78, + "options": { + "content": "", + "mode": "markdown" + }, + "pluginVersion": "7.3.5", + "timeFrom": null, + "timeShift": null, + "title": "Requests", + "type": "text" + }, + { + "datasource": null, + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 1, + "w": 12, + "x": 12, + "y": 9 + }, + "id": 79, + "options": { + "content": "", + "mode": "markdown" + }, + "pluginVersion": "7.3.5", + "timeFrom": null, + "timeShift": null, + "title": "Notifications", + "type": "text" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "noValue": "0", + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 4, + "x": 0, + "y": 10 + }, + "id": 55, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "value" + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Total Requests", + "type": "stat" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "noValue": "0", + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-blue", + "value": null + }, + { + "color": "blue", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 4, + "y": 10 + }, + "id": 77, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "2xx", + "refId": "B" + }, + { + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "3xx", + "refId": "C" + }, + { + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "4xx", + "refId": "D" + }, + { + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "5xx", + "refId": "E" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Request Response Codes", + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "noValue": "0", + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "purple", + "value": null + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 4, + "x": 12, + "y": 10 + }, + "id": 85, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "value" + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Total Notifications", + "type": "stat" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "noValue": "0", + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-purple", + "value": null + }, + { + "color": "purple", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 5, + "w": 8, + "x": 16, + "y": 10 + }, + "id": 86, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "2xx", + "refId": "B" + }, + { + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "3xx", + "refId": "C" + }, + { + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "4xx", + "refId": "D" + }, + { + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range)) or vector(0)", + "instant": true, + "interval": "", + "legendFormat": "5xx", + "refId": "E" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Notification Response Codes", + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": { + "align": "left", + "filterable": false + }, + "decimals": 0, + "displayName": "${__series.name}", + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-blue", + "value": null + }, + { + "color": "blue", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 15 + }, + "id": 30, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "topk(10, sort_desc(sum by (svc,path,method)((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range))))", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{method}} {{path}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Top 10 Requests", + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": { + "align": "left", + "filterable": false + }, + "decimals": 0, + "displayName": "${__series.name}", + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-purple", + "value": null + }, + { + "color": "purple", + "value": 0 + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "method" + }, + "properties": [ + { + "id": "custom.width", + "value": 121 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Time" + }, + "properties": [ + { + "id": "custom.width", + "value": 166 + } + ] + } + ] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 15 + }, + "id": 87, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "mean" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "topk(10, sort_desc(sum by (svc,notif)((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range))))", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{svc}} | {{notif}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Top 10 Notifications", + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-blue", + "value": null + }, + { + "color": "blue", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 0, + "y": 24 + }, + "id": 33, + "options": { + "displayMode": "gradient", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "max" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum by (le) ((max_over_time(metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range))", + "format": "heatmap", + "instant": true, + "interval": "", + "legendFormat": "{{le}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Request Duration Distribution (ms)", + "transformations": [], + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": {}, + "decimals": 0, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-purple", + "value": null + }, + { + "color": "purple", + "value": 0 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 24 + }, + "id": 88, + "options": { + "displayMode": "gradient", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "max" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "sum by (le) ((max_over_time(metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range))", + "format": "heatmap", + "instant": true, + "interval": "", + "legendFormat": "{{le}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Notification Processing Time Distribution (ms)", + "transformations": [], + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": { + "align": "left", + "filterable": false + }, + "decimals": 0, + "displayName": "${__series.name}", + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-blue", + "value": null + }, + { + "color": "blue", + "value": 0 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 30 + }, + "id": 38, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "topk(10, sort_desc(rate(metrics_http_request_duration_sum{replica=~\"$replica\",svc=~\"$service\"}[$__range]) / rate(metrics_http_request_duration_count{replica=~\"$replica\",svc!=\"Auth Service\"}[$__range])))", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{method}} {{path}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Top 10 Highest Average Request Processing Time", + "type": "bargauge" + }, + { + "datasource": "Thanos", + "fieldConfig": { + "defaults": { + "custom": { + "align": "left", + "filterable": false + }, + "decimals": 0, + "displayName": "${__series.name}", + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "dark-purple", + "value": null + }, + { + "color": "purple", + "value": 0 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 30 + }, + "id": 89, + "options": { + "displayMode": "gradient", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showUnfilled": true + }, + "pluginVersion": "7.3.5", + "targets": [ + { + "expr": "topk(10, sort_desc(avg by (svc,notif) (rate(metrics_http_notification_duration_sum{replica=~\"$replica\",svc=~\"$service\"}[$__range]) / rate(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]))))", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{svc}} | {{notif}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Top 5 Highest Average Notification Processing Times", + "type": "bargauge" + } + ], + "refresh": "", + "schemaVersion": 26, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "allValue": "", + "current": { + "selected": true, + "tags": [], + "text": [ + "All" + ], + "value": [ + "$__all" + ] + }, + "datasource": "Thanos", + "definition": "label_values(metrics_http_request_duration_count, svc)", + "error": null, + "hide": 0, + "includeAll": true, + "label": "Service", + "multi": true, + "name": "service", + "options": [], + "query": "label_values(metrics_http_request_duration_count, svc)", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 1, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "selected": true, + "tags": [], + "text": [ + "All" + ], + "value": [ + "$__all" + ] + }, + "datasource": "Thanos", + "definition": "label_values(metrics_http_request_duration_count, replica) ", + "error": null, + "hide": 0, + "includeAll": true, + "label": "Instance", + "multi": true, + "name": "replica", + "options": [], + "query": "label_values(metrics_http_request_duration_count, replica) ", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 2, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": { + "refresh_intervals": [ + "5s", + "10s", + "15s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ] + }, + "timezone": "", + "title": "Platform (AdvantEDGE)", + "uid": "platform-advantedge", + "version": 3 +} + diff --git a/charts/grafana/dashboards/platform-advantedge.json b/charts/grafana/dashboards/platform-advantedge.json index be212a51511e9ca715e6f4a1f9d7bd3122c6eba0..eaec53f92bd5389e46b16badfb8aa1bbd31bb449 100644 --- a/charts/grafana/dashboards/platform-advantedge.json +++ b/charts/grafana/dashboards/platform-advantedge.json @@ -15,8 +15,8 @@ "editable": true, "gnetId": null, "graphTooltip": 0, - "id": 17, - "iteration": 1618533539997, + "id": 9, + "iteration": 1633697259754, "links": [], "panels": [ { @@ -211,7 +211,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum(increase(mon_engine_sbox_create_duration_sum[$__range])) / sum(increase(mon_engine_sbox_create_duration_count[$__range]))", + "expr": "sum(increase(mon_engine_sbox_create_duration_sum{replica=~\"$replica\"}[$__range])) / sum(increase(mon_engine_sbox_create_duration_count{replica=~\"$replica\"}[$__range]))", "instant": true, "interval": "", "intervalFactor": 1, @@ -269,7 +269,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum by (le) (increase(mon_engine_sbox_create_duration_bucket[$__range]))", + "expr": "sum by (le) (increase(mon_engine_sbox_create_duration_bucket{replica=~\"$replica\"}[$__range]))", "format": "heatmap", "instant": true, "interval": "", @@ -391,7 +391,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum(increase(metrics_http_request_duration_count{svc=~\"$service\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "intervalFactor": 1, @@ -450,28 +450,28 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum(increase(metrics_http_request_duration_count{svc=~\"$service\",status=~\"2.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "2xx", "refId": "B" }, { - "expr": "sum(increase(metrics_http_request_duration_count{svc=~\"$service\",status=~\"3.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "3xx", "refId": "C" }, { - "expr": "sum(increase(metrics_http_request_duration_count{svc=~\"$service\",status=~\"4.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "4xx", "refId": "D" }, { - "expr": "sum(increase(metrics_http_request_duration_count{svc=~\"$service\",status=~\"5.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "5xx", @@ -527,7 +527,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum(increase(metrics_http_notification_duration_count{svc=~\"$service\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "intervalFactor": 1, @@ -586,28 +586,28 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum(increase(metrics_http_notification_duration_count{svc=~\"$service\",status=~\"2.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"2.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "2xx", "refId": "B" }, { - "expr": "sum(increase(metrics_http_notification_duration_count{svc=~\"$service\",status=~\"3.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"3.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "3xx", "refId": "C" }, { - "expr": "sum(increase(metrics_http_notification_duration_count{svc=~\"$service\",status=~\"4.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"4.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "4xx", "refId": "D" }, { - "expr": "sum(increase(metrics_http_notification_duration_count{svc=~\"$service\",status=~\"5.*\"}[$__range])) or vector(0)", + "expr": "sum((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\",status=~\"5.*\"} offset $__range)) or vector(0)", "instant": true, "interval": "", "legendFormat": "5xx", @@ -668,7 +668,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "topk(10, sort_desc(sum by (svc,path,method) (increase(metrics_http_request_duration_count{svc=~\"$service\"}[$__range]))))", + "expr": "topk(10, sort_desc(sum by (svc,path,method)((max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range))))", "format": "time_series", "instant": true, "interval": "", @@ -756,7 +756,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "topk(10, sort_desc(sum by (svc,notif) (increase(metrics_http_notification_duration_count{svc=~\"$service\"}[$__range]))))", + "expr": "topk(10, sort_desc(sum by (svc,notif)((max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"} offset $__range))))", "format": "time_series", "instant": true, "interval": "", @@ -815,7 +815,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum by (le) (increase(metrics_http_request_duration_bucket{svc=~\"$service\"}[$__range]))", + "expr": "sum by (le) ((max_over_time(metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_request_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range))", "format": "heatmap", "instant": true, "interval": "", @@ -874,7 +874,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "sum by (le) (increase(metrics_http_notification_duration_bucket{svc=~\"$service\"}[$__range]))", + "expr": "sum by (le) ((max_over_time(metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) - metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range) or (max_over_time(metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"}[$__range]) unless metrics_http_notification_duration_bucket{replica=~\"$replica\",svc=~\"$service\"} offset $__range))", "format": "heatmap", "instant": true, "interval": "", @@ -938,7 +938,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "topk(10, sort_desc(rate(metrics_http_request_duration_sum{svc=~\"$service\"}[$__range]) / rate(metrics_http_request_duration_count{svc!=\"Auth Service\"}[$__range])))", + "expr": "topk(10, sort_desc(rate(metrics_http_request_duration_sum{replica=~\"$replica\",svc=~\"$service\"}[$__range]) / rate(metrics_http_request_duration_count{replica=~\"$replica\",svc!=\"Auth Service\"}[$__range])))", "format": "time_series", "instant": true, "interval": "", @@ -1002,7 +1002,7 @@ "pluginVersion": "7.3.5", "targets": [ { - "expr": "topk(10, sort_desc(avg by (svc,notif) (rate(metrics_http_notification_duration_sum{svc=~\"$service\"}[$__range]) / rate(metrics_http_notification_duration_count{svc=~\"$service\"}[$__range]))))", + "expr": "topk(10, sort_desc(avg by (svc,notif) (rate(metrics_http_notification_duration_sum{replica=~\"$replica\",svc=~\"$service\"}[$__range]) / rate(metrics_http_notification_duration_count{replica=~\"$replica\",svc=~\"$service\"}[$__range]))))", "format": "time_series", "instant": true, "interval": "", @@ -1017,7 +1017,7 @@ "type": "bargauge" } ], - "refresh": "15s", + "refresh": "", "schemaVersion": 26, "style": "dark", "tags": [], @@ -1027,6 +1027,7 @@ "allValue": "", "current": { "selected": true, + "tags": [], "text": [ "All" ], @@ -1035,7 +1036,7 @@ ] }, "datasource": "Prometheus", - "definition": "label_values(metrics_http_request_duration_count, svc) ", + "definition": "label_values(metrics_http_request_duration_count, svc)", "error": null, "hide": 0, "includeAll": true, @@ -1043,7 +1044,7 @@ "multi": true, "name": "service", "options": [], - "query": "label_values(metrics_http_request_duration_count, svc) ", + "query": "label_values(metrics_http_request_duration_count, svc)", "refresh": 2, "regex": "", "skipUrlSync": false, @@ -1053,6 +1054,38 @@ "tagsQuery": "", "type": "query", "useTags": false + }, + { + "allValue": null, + "current": { + "selected": true, + "tags": [], + "text": [ + "All" + ], + "value": [ + "$__all" + ] + }, + "datasource": "Prometheus", + "definition": "label_values(metrics_http_request_duration_count, replica) ", + "error": null, + "hide": 0, + "includeAll": true, + "label": "Instance", + "multi": true, + "name": "replica", + "options": [], + "query": "label_values(metrics_http_request_duration_count, replica) ", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 2, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false } ] }, @@ -1078,5 +1111,6 @@ "timezone": "", "title": "Platform (AdvantEDGE)", "uid": "platform-advantedge", - "version": 2 + "version": 3 } + diff --git a/charts/grafana/dashboards/wireless-metrics-aggregation.json b/charts/grafana/dashboards/wireless-metrics-aggregation.json new file mode 100644 index 0000000000000000000000000000000000000000..361c08d5b5e2ba3e43320b1a971473421f8e0dd9 --- /dev/null +++ b/charts/grafana/dashboards/wireless-metrics-aggregation.json @@ -0,0 +1,933 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "#3274D9", + "limit": 100, + "name": "Mobility Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='MOBILITY' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type", + "textColumn": "", + "type": "dashboard" + }, + { + "builtIn": 1, + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "#FF780A", + "name": "Net Char Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='NETWORK-CHARACTERISTICS-UPDATE' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type", + "textColumn": "", + "type": "dashboard" + }, + { + "builtIn": 1, + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "#A352CC", + "name": "PDU Session Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='PDU-SESSION' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type", + "textColumn": "", + "type": "dashboard" + }, + { + "builtIn": 1, + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "#E02F44", + "name": "Scenario Update Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='SCENARIO-UPDATE' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type", + "textColumn": "", + "type": "dashboard" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "iteration": 1621447328946, + "links": [], + "panels": [ + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 18, + "panels": [], + "title": "Signals Aggregation", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "cacheTimeout": null, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "description": "Shows RSRPs between source physical location & destination network locations", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 1, + "gridPos": { + "h": 10, + "w": 24, + "x": 0, + "y": 1 + }, + "hiddenSeries": false, + "id": 2, + "interval": "", + "legend": { + "avg": false, + "current": false, + "hideEmpty": false, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "[[tag_dest]]", + "groupBy": [ + { + "params": [ + "1s" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "hide": false, + "measurement": "/^$scenario$/", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rsrp\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/) AND $timeFilter GROUP BY dest, time(1s)", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "RSRPs (4G / 5G)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "Signal (Mapping)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": "Throughput (Mbps)", + "logBase": 1, + "max": null, + "min": "0", + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "cacheTimeout": null, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "description": "Shows RSRQs between source physical location & destination network locations", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 1, + "gridPos": { + "h": 10, + "w": 24, + "x": 0, + "y": 11 + }, + "hiddenSeries": false, + "id": 26, + "interval": "", + "legend": { + "avg": false, + "current": false, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "[[tag_dest]]", + "groupBy": [ + { + "params": [ + "1s" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "hide": false, + "measurement": "/^$scenario$/", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rsrq\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/) AND $timeFilter GROUP BY dest, time(1s)", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "RSRQs (4G / 5G)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "Signal (Mapping)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": "Throughput (Mbps)", + "logBase": 1, + "max": null, + "min": "0", + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "aliasColors": {}, + "bars": false, + "cacheTimeout": null, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "description": "Shows RSSIs between source physical location & destination network locations", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 1, + "gridPos": { + "h": 10, + "w": 24, + "x": 0, + "y": 21 + }, + "hiddenSeries": false, + "id": 24, + "interval": "", + "legend": { + "avg": false, + "current": false, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "[[tag_dest]]", + "groupBy": [ + { + "params": [ + "1s" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "hide": false, + "measurement": "/^$scenario$/", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rssi\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/) AND $timeFilter GROUP BY dest, time(1s)", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "RSSIs (WIFI)", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "Signal (Mapping)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": "Throughput (Mbps)", + "logBase": 1, + "max": null, + "min": "0", + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 31 + }, + "id": 20, + "panels": [], + "title": "Distance Aggregation", + "type": "row" + }, + { + "aliasColors": {}, + "bars": false, + "cacheTimeout": null, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "description": "Shows distances between source physical location & destination network locations", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 0, + "fillGradient": 1, + "gridPos": { + "h": 10, + "w": 24, + "x": 0, + "y": 32 + }, + "hiddenSeries": false, + "id": 28, + "interval": "", + "legend": { + "avg": false, + "current": false, + "hideZero": false, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "[[tag_dest]]", + "groupBy": [ + { + "params": [ + "1s" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "hide": false, + "measurement": "/^$scenario$/", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"dist\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/) AND $timeFilter GROUP BY dest, time(1s)", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "Distances", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "Distance (Meters)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": "Throughput (Mbps)", + "logBase": 1, + "max": null, + "min": "0", + "show": false + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 42 + }, + "id": 22, + "panels": [], + "title": "Events", + "type": "row" + }, + { + "cacheTimeout": null, + "columns": [], + "datasource": "$datasource", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fontSize": "100%", + "gridPos": { + "h": 6, + "w": 24, + "x": 0, + "y": 43 + }, + "id": 4, + "links": [], + "pageSize": null, + "pluginVersion": "6.4.2", + "showHeader": true, + "sort": { + "col": 0, + "desc": true + }, + "styles": [ + { + "alias": "Time", + "align": "auto", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "date" + }, + { + "alias": "Type", + "align": "auto", + "colorMode": null, + "colors": [ + "#C4162A", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "events.type", + "thresholds": [], + "type": "string", + "unit": "short", + "valueMaps": [ + { + "text": "Net Char", + "value": "NETWORK-CHARACTERISTICS-UPDATE" + }, + { + "text": "Mobility", + "value": "MOBILITY" + }, + { + "text": "PDU Session", + "value": "PDU-SESSION" + }, + { + "text": "Scenario", + "value": "SCENARIO-UPDATE" + } + ] + }, + { + "alias": "Description", + "align": "auto", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 2, + "mappingType": 1, + "pattern": "events.description", + "thresholds": [], + "type": "string", + "unit": "short", + "valueMaps": [] + } + ], + "targets": [ + { + "groupBy": [], + "hide": false, + "measurement": "events", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT type,description FROM $database.autogen.events WHERE $timeFilter AND (\"src\" =~ /^$src$/) ORDER BY time desc LIMIT 100", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "event" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Events", + "transform": "timeseries_to_columns", + "type": "table-old" + } + ], + "refresh": "1s", + "schemaVersion": 26, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "meep-influxdb", + "value": "meep-influxdb" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": "", + "multi": false, + "name": "datasource", + "options": [], + "query": "influxdb", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "allValue": null, + "current": { + "selected": false, + "text": "_internal", + "value": "_internal" + }, + "datasource": "$datasource", + "definition": "show databases", + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "database", + "options": [], + "query": "show databases", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "isNone": true, + "selected": false, + "text": "None", + "value": "" + }, + "datasource": "$datasource", + "definition": "", + "error": null, + "hide": 0, + "includeAll": false, + "label": "", + "multi": false, + "name": "src", + "options": [], + "query": "show tag values on $database from gis with key = \"src\"", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1m", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "1s", + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ] + }, + "timezone": "", + "title": "Wireless Metrics Aggregation", + "uid": "6", + "version": 6 +} + diff --git a/charts/grafana/dashboards/wireless-metrics-point-to-point.json b/charts/grafana/dashboards/wireless-metrics-point-to-point.json new file mode 100644 index 0000000000000000000000000000000000000000..29659f275ebaec89039fe672fa5fcf569ac8f971 --- /dev/null +++ b/charts/grafana/dashboards/wireless-metrics-point-to-point.json @@ -0,0 +1,1148 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "rgba(0, 211, 255, 1)", + "limit": 100, + "name": "Mobility Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='MOBILITY' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type", + "textColumn": "", + "type": "dashboard" + }, + { + "datasource": "$datasource", + "enable": true, + "hide": false, + "iconColor": "#FF9830", + "name": "Net Char Events", + "query": "SELECT type,description from $database.autogen.events WHERE type='NETWORK-CHARACTERISTICS-UPDATE' AND $timeFilter ORDER BY time ASC LIMIT 100", + "showIn": 0, + "tagsColumn": "type" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "iteration": 1621449565579, + "links": [], + "panels": [ + { + "datasource": null, + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 1, + "w": 15, + "x": 0, + "y": 0 + }, + "id": 14, + "options": { + "content": "\n\n", + "mode": "markdown" + }, + "pluginVersion": "7.3.5", + "timeFrom": null, + "timeShift": null, + "title": "Signals", + "type": "text" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#F2495C" + ], + "datasource": "$datasource", + "decimals": 2, + "description": "", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 4, + "w": 9, + "x": 15, + "y": 0 + }, + "id": 9, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "pluginVersion": "6.5.2", + "postfix": " m", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false, + "ymax": null, + "ymin": null + }, + "tableColumn": "", + "targets": [ + { + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT \"dist\" FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": "", + "timeFrom": null, + "timeShift": null, + "title": "Distance", + "type": "singlestat", + "valueFontSize": "100%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#F2495C" + ], + "datasource": "$datasource", + "decimals": null, + "description": "", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 5, + "x": 0, + "y": 1 + }, + "id": 8, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "pluginVersion": "6.5.2", + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false, + "ymax": null, + "ymin": null + }, + "tableColumn": "", + "targets": [ + { + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT \"rsrp\" FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": "", + "timeFrom": null, + "timeShift": null, + "title": "RSRP (4G / 5G)", + "type": "singlestat", + "valueFontSize": "100%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#F2495C" + ], + "datasource": "$datasource", + "decimals": 0, + "description": "", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 5, + "x": 5, + "y": 1 + }, + "id": 10, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "pluginVersion": "6.5.2", + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false, + "ymax": null, + "ymin": null + }, + "tableColumn": "", + "targets": [ + { + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT \"rsrq\" FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": "", + "timeFrom": null, + "timeShift": null, + "title": "RSRQ (4G / 5G)", + "type": "singlestat", + "valueFontSize": "100%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "cacheTimeout": null, + "colorBackground": false, + "colorValue": false, + "colors": [ + "#299c46", + "rgba(237, 129, 40, 0.89)", + "#F2495C" + ], + "datasource": "$datasource", + "decimals": 0, + "description": "", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "format": "none", + "gauge": { + "maxValue": 100, + "minValue": 0, + "show": false, + "thresholdLabels": false, + "thresholdMarkers": true + }, + "gridPos": { + "h": 3, + "w": 5, + "x": 10, + "y": 1 + }, + "id": 16, + "interval": null, + "links": [], + "mappingType": 1, + "mappingTypes": [ + { + "name": "value to text", + "value": 1 + }, + { + "name": "range to text", + "value": 2 + } + ], + "maxDataPoints": 100, + "nullPointMode": "connected", + "nullText": null, + "pluginVersion": "6.5.2", + "postfix": "", + "postfixFontSize": "50%", + "prefix": "", + "prefixFontSize": "50%", + "rangeMaps": [ + { + "from": "null", + "text": "N/A", + "to": "null" + } + ], + "sparkline": { + "fillColor": "rgba(31, 118, 189, 0.18)", + "full": false, + "lineColor": "rgb(31, 120, 193)", + "show": false, + "ymax": null, + "ymin": null + }, + "tableColumn": "", + "targets": [ + { + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT \"rssi\" FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": "", + "timeFrom": null, + "timeShift": null, + "title": "RSSI (WIFI)", + "type": "singlestat", + "valueFontSize": "100%", + "valueMaps": [ + { + "op": "=", + "text": "N/A", + "value": "null" + } + ], + "valueName": "current" + }, + { + "aliasColors": {}, + "bars": false, + "cacheTimeout": null, + "dashLength": 10, + "dashes": false, + "datasource": "$datasource", + "description": "Shows RSRP, RSRQ, RSSI & DIstance between source physical location & destination network location", + "fieldConfig": { + "defaults": { + "custom": {}, + "links": [] + }, + "overrides": [] + }, + "fill": 2, + "fillGradient": 4, + "gridPos": { + "h": 11, + "w": 24, + "x": 0, + "y": 4 + }, + "hiddenSeries": false, + "id": 2, + "interval": "", + "legend": { + "avg": false, + "current": false, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 2, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "7.3.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "alias": "RSRP", + "groupBy": [ + { + "params": [ + "1s" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rsrp\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter GROUP BY time(1s)", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "lat" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + }, + { + "alias": "RSRQ", + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rsrq\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter GROUP BY time(1s)", + "rawQuery": true, + "refId": "B", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "ul" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + }, + { + "alias": "RSSI", + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "measurement": "gis", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"rssi\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter GROUP BY time(1s)", + "rawQuery": true, + "refId": "C", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "dl" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + }, + { + "alias": "Distance", + "groupBy": [ + { + "params": [ + "$__interval" + ], + "type": "time" + }, + { + "params": [ + "null" + ], + "type": "fill" + } + ], + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT mean(\"dist\") FROM $database.autogen.gis WHERE (\"src\" =~ /^$src$/ AND \"dest\" =~ /^$dest$/) AND $timeFilter GROUP BY time(1s)", + "rawQuery": true, + "refId": "D", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "value" + ], + "type": "field" + }, + { + "params": [], + "type": "mean" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "thresholds": [], + "timeFrom": null, + "timeRegions": [], + "timeShift": null, + "title": "RSRP, RSRQ, RSSI & Distance", + "tooltip": { + "shared": true, + "sort": 0, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "buckets": null, + "mode": "time", + "name": null, + "show": true, + "values": [] + }, + "yaxes": [ + { + "format": "short", + "label": "Signal (Mapping)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + }, + { + "format": "short", + "label": "Distance (Meters)", + "logBase": 1, + "max": null, + "min": "0", + "show": true + } + ], + "yaxis": { + "align": false, + "alignLevel": null + } + }, + { + "cacheTimeout": null, + "columns": [], + "datasource": "$datasource", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "fontSize": "100%", + "gridPos": { + "h": 6, + "w": 24, + "x": 0, + "y": 15 + }, + "id": 4, + "links": [], + "pageSize": null, + "pluginVersion": "6.4.2", + "showHeader": true, + "sort": { + "col": 0, + "desc": true + }, + "styles": [ + { + "alias": "Time", + "align": "auto", + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "pattern": "Time", + "type": "date" + }, + { + "alias": "Type", + "align": "auto", + "colorMode": null, + "colors": [ + "#C4162A", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm:ss", + "decimals": 2, + "mappingType": 1, + "pattern": "events.type", + "thresholds": [], + "type": "string", + "unit": "short", + "valueMaps": [ + { + "text": "Net Char", + "value": "NETWORK-CHARACTERISTICS-UPDATE" + }, + { + "text": "Mobility", + "value": "MOBILITY" + } + ] + }, + { + "alias": "Description", + "align": "auto", + "colorMode": null, + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 2, + "mappingType": 1, + "pattern": "events.description", + "thresholds": [], + "type": "string", + "unit": "short", + "valueMaps": [] + } + ], + "targets": [ + { + "groupBy": [], + "hide": false, + "measurement": "events", + "orderByTime": "ASC", + "policy": "default", + "query": "SELECT type,description FROM $database.autogen.events WHERE (\"src\" =~ /^$src$/ AND (\"dest\" =~ /^$dest$/ OR \"dest\" = \'\')) AND $timeFilter ORDER BY time desc LIMIT 100", + "rawQuery": true, + "refId": "A", + "resultFormat": "time_series", + "select": [ + [ + { + "params": [ + "event" + ], + "type": "field" + } + ] + ], + "tags": [ + { + "key": "src", + "operator": "=~", + "value": "/^$src$/" + }, + { + "condition": "AND", + "key": "dest", + "operator": "=~", + "value": "/^$dest$/" + } + ] + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Events", + "transform": "timeseries_to_columns", + "type": "table-old" + } + ], + "refresh": "1s", + "schemaVersion": 26, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "meep-influxdb", + "value": "meep-influxdb" + }, + "error": null, + "hide": 0, + "includeAll": false, + "label": "", + "multi": false, + "name": "datasource", + "options": [], + "query": "influxdb", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + }, + { + "allValue": null, + "current": { + "selected": false, + "text": "demo1", + "value": "demo1" + }, + "datasource": "$datasource", + "definition": "show databases", + "error": null, + "hide": 0, + "includeAll": false, + "label": null, + "multi": false, + "name": "database", + "options": [], + "query": "show databases", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "isNone": true, + "selected": false, + "text": "None", + "value": "" + }, + "datasource": "$datasource", + "definition": "", + "error": null, + "hide": 0, + "includeAll": false, + "label": "", + "multi": false, + "name": "src", + "options": [], + "query": "show tag values on $database from gis with key = \"src\"", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + }, + { + "allValue": null, + "current": { + "isNone": true, + "selected": false, + "text": "None", + "value": "" + }, + "datasource": "$datasource", + "definition": "", + "error": null, + "hide": 0, + "includeAll": false, + "label": "", + "multi": false, + "name": "dest", + "options": [], + "query": "show tag values on $database from gis with key = \"dest\"", + "refresh": 2, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "tagValuesQuery": "", + "tags": [], + "tagsQuery": "", + "type": "query", + "useTags": false + } + ] + }, + "time": { + "from": "now-1m", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "1s", + "5s", + "10s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h", + "2h", + "1d" + ] + }, + "timezone": "", + "title": "Wireless Metrics Point-to-Point", + "uid": "5", + "version": 7 +} + diff --git a/charts/grafana/values.yaml b/charts/grafana/values.yaml index 7a59efc3753ecda462942910f967843f235ee00a..f5716ce3d122cf821f781dbc30ef1e1e850fb6fd 100644 --- a/charts/grafana/values.yaml +++ b/charts/grafana/values.yaml @@ -416,17 +416,21 @@ datasources: url: http://meep-prometheus-prometheus:9090 access: proxy isDefault: true + - name: Thanos + type: prometheus + url: http://meep-thanos-query:9090 + access: proxy + jsonData: + customQueryParameters: "max_source_resolution=1h" + disableMetricsLookup: true - name: meep-influxdb type: influxdb access: proxy database: _internal - # user: grafana url: "http://meep-influxdb:8086" jsonData: timeInterval: "10s" - # secureJsonData: - # password: grafana - + ## Configure notifiers ## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels ## diff --git a/charts/influxdb/templates/backup-cronjob.yaml b/charts/influxdb/templates/backup-cronjob.yaml index fed2d1884145fd931560c998594eb6e4db624888..50ee5eef5307873ea0794d66001eeaa919b96e17 100644 --- a/charts/influxdb/templates/backup-cronjob.yaml +++ b/charts/influxdb/templates/backup-cronjob.yaml @@ -10,6 +10,8 @@ metadata: {{- toYaml .Values.backup.annotations | nindent 4 }} spec: schedule: {{ .Values.backup.schedule | quote }} + successfulJobsHistoryLimit: 0 + failedJobsHistoryLimit: 0 startingDeadlineSeconds: {{ .Values.backup.startingDeadlineSeconds }} concurrencyPolicy: Forbid jobTemplate: diff --git a/charts/influxdb/templates/backup-retention-cronjob.yaml b/charts/influxdb/templates/backup-retention-cronjob.yaml index 388c62d3ed0341738ac7e3f3b1d90107a6dc0c74..a3b0bc524be296a86fc01348b3a8dd977dd3c108 100644 --- a/charts/influxdb/templates/backup-retention-cronjob.yaml +++ b/charts/influxdb/templates/backup-retention-cronjob.yaml @@ -10,6 +10,8 @@ metadata: {{- toYaml .Values.backupRetention.annotations | nindent 4 }} spec: schedule: {{ .Values.backupRetention.schedule | quote }} + successfulJobsHistoryLimit: 0 + failedJobsHistoryLimit: 0 startingDeadlineSeconds: {{ .Values.backupRetention.startingDeadlineSeconds }} concurrencyPolicy: Forbid jobTemplate: diff --git a/charts/influxdb/values.yaml b/charts/influxdb/values.yaml index 1a1ec6128cdfc585bf185bac482052b6db35fd53..8f578729b0f51e7237d907dc8969b0a6ba30125b 100644 --- a/charts/influxdb/values.yaml +++ b/charts/influxdb/values.yaml @@ -441,11 +441,11 @@ backup: ## Please look at https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html#cli-configure-files-where ## for the credentials format. ## The bucket should already exist. - # s3: - # credentialsSecret: aws-credentials-secret - # destination: s3://bucket/path - # ## Optional. Specify if you're using an alternate S3 endpoint. - # # endpointUrl: "" + s3: + credentialsSecret: meep-influx-objstore-config + destination: s3://influx + ## Optional. Specify if you're using an alternate S3 endpoint. + endpointUrl: "" backupRetention: enabled: false @@ -461,8 +461,8 @@ backupRetention: annotations: {} podAnnotations: {} daysToRetain: 7 - # s3: - # credentialsSecret: aws-credentials-secret - # bucketName: bucket - # ## Optional. Specify if you're using an alternate S3 endpoint. - # # endpointUrl: "" + s3: + credentialsSecret: meep-influx-objstore-config + bucketName: influx + ## Optional. Specify if you're using an alternate S3 endpoint. + endpointUrl: "" diff --git a/charts/kube-prometheus-stack/values.yaml b/charts/kube-prometheus-stack/values.yaml index d89b24b5cd7f20465cc016c5d7180be6c34a6d6b..65a75fa9acbdb1152c150a69a8d98838a476607a 100644 --- a/charts/kube-prometheus-stack/values.yaml +++ b/charts/kube-prometheus-stack/values.yaml @@ -1660,7 +1660,11 @@ prometheus: ## External labels to add to any time series or alerts when communicating with external systems ## - externalLabels: {} + # externalLabels: + # region: + # monitor: + # promenv: + # replica: ## Name of the external label used to denote replica name ## @@ -2095,11 +2099,25 @@ prometheus: ## This is experimental and may change significantly without backward compatibility in any release. ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#thanosspec ## - thanos: {} + # thanos: + # # image: quay.io/thanos/thanos + # # version: v0.8.1 + # objectStorageConfig: + # key: objstore.yml + # name: meep-objstore-config ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod. ## if using proxy extraContainer update targetPort with proxy container port - containers: [] + # containers: [] + # containers: + # - name: thanos-sidecar + # args: + # - "sidecar" + # - "--shipper.upload-compacted" + # - "--objstore.config=$(OBJSTORE_CONFIG)" + # - "--tsdb.path=/prometheus" + # - "--log.level=info" + # - "--log.format=logfmt" ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes ## (permissions, dir tree) on mounted volumes before starting prometheus diff --git a/charts/meep-ams/.helmignore b/charts/meep-ams/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..f0c13194444163d1cba5c67d9e79231a62bc8f44 --- /dev/null +++ b/charts/meep-ams/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/meep-ams/Chart.yaml b/charts/meep-ams/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..804c0e5c3e46a51ff6859db0b9502787e5d4204a --- /dev/null +++ b/charts/meep-ams/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0.0" +description: MEEP Application Mobility Service Helm chart for Kubernetes +name: meep-ams +version: 1.0.0 diff --git a/charts/meep-ams/templates/_helpers.tpl b/charts/meep-ams/templates/_helpers.tpl new file mode 100644 index 0000000000000000000000000000000000000000..d2ff058b1b6741ff605eb58d6f3034eb065329a5 --- /dev/null +++ b/charts/meep-ams/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "meep-ams.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "meep-ams.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "meep-ams.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/meep-ams/templates/clusterrolebinding.yaml b/charts/meep-ams/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f40b5f9ac1202fdc41bd0863cf109579345eeead --- /dev/null +++ b/charts/meep-ams/templates/clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: "{{ .Release.Namespace }}:{{ template "meep-ams.fullname" . }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: {{ template "meep-ams.fullname" . }} + namespace: {{ .Release.Namespace }} + diff --git a/charts/meep-platform-ctrl/templates/user-swagger-pv.yaml b/charts/meep-ams/templates/codecov-pv.yaml similarity index 59% rename from charts/meep-platform-ctrl/templates/user-swagger-pv.yaml rename to charts/meep-ams/templates/codecov-pv.yaml index 5883f4f7b9c489c5fbcb0aff8adbdd10887220e0..fc0c048328f5de631619723a74672c3b42a292b3 100644 --- a/charts/meep-platform-ctrl/templates/user-swagger-pv.yaml +++ b/charts/meep-ams/templates/codecov-pv.yaml @@ -1,31 +1,32 @@ -{{- if .Values.user.swagger.enabled}} +{{- if .Values.codecov.enabled}} kind: PersistentVolume apiVersion: v1 metadata: - name: meep-platform-ctrl-user-swagger-pv + name: meep-ams-codecov-pv spec: - storageClassName: meep-platform-ctrl-user-swagger-sc + storageClassName: meep-ams-codecov-sc capacity: storage: 100Mi accessModes: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: {{ .Values.user.swagger.location }} + path: {{ .Values.codecov.location }} + --- kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: - name: meep-platform-ctrl-user-swagger-sc + name: meep-ams-codecov-sc provisioner: kubernetes.io/no-provisioner volumeBindingMode: WaitForFirstConsumer --- kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: meep-platform-ctrl-user-swagger-pvc + name: meep-ams-codecov-pvc spec: - storageClassName: meep-platform-ctrl-user-swagger-sc + storageClassName: meep-ams-codecov-sc accessModes: - ReadWriteOnce resources: diff --git a/charts/meep-ams/templates/deployment.yaml b/charts/meep-ams/templates/deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5e5292e3f24821a9c19221126b446eb16290e889 --- /dev/null +++ b/charts/meep-ams/templates/deployment.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "meep-ams.fullname" . }} + labels: + app: {{ template "meep-ams.name" . }} + chart: {{ template "meep-ams.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} +spec: + replicas: {{ .Values.deployment.replicas }} + selector: + matchLabels: + app: {{ template "meep-ams.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "meep-ams.name" . }} + release: {{ .Release.Name }} + meepOrigin: {{ .Values.meepOrigin }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + {{- if .Values.codecov.enabled}} + volumes: + - name: codecov-storage + persistentVolumeClaim: + claimName: meep-ams-codecov-pvc + {{- end}} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- if .Values.codecov.enabled}} + command: [ "/meep-ams" ] + args: [ "-test.coverprofile=/codecov/codecov-meep-ams.out", "__DEVEL--code-cov" ] + {{- end}} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: {{ .Values.deployment.port }} + protocol: {{ .Values.deployment.protocol }} + env: + {{- range $key, $value := .Values.image.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.codecov.enabled}} + volumeMounts: + - name: codecov-storage + mountPath: /codecov + {{- end}} + terminationGracePeriodSeconds: 5 + initContainers: + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-ams/templates/ingress.yaml b/charts/meep-ams/templates/ingress.yaml new file mode 100755 index 0000000000000000000000000000000000000000..69d52e9e519c5a244a956af1442458853aa190e8 --- /dev/null +++ b/charts/meep-ams/templates/ingress.yaml @@ -0,0 +1,39 @@ +{{- if .Values.ingress.enabled -}} +{{- $serviceName := .Values.service.name -}} +{{- $servicePort := .Values.service.port -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $serviceName }} + labels: + app: {{ template "meep-ams.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.ingress.labels }} +{{ toYaml .Values.ingress.labels | indent 4 }} +{{- end }} + annotations: + {{- range $key, $value := .Values.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + {{- range .Values.ingress.hosts }} + - http: + paths: + {{- range $path := .paths }} + - path: {{ $path }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- if .name }} + host: {{ .name }} + {{- end }} + {{- end -}} + {{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/meep-ams/templates/monitor.yaml b/charts/meep-ams/templates/monitor.yaml new file mode 100644 index 0000000000000000000000000000000000000000..516630ba72851f95b961c56dcdb1263ea9a4001c --- /dev/null +++ b/charts/meep-ams/templates/monitor.yaml @@ -0,0 +1,33 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "meep-ams.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "meep-ams.name" . }} + chart: {{ template "meep-ams.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} + {{- if .Values.prometheus.monitor.additionalLabels }} +{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app: {{ template "meep-ams.name" . }} + release: {{ .Release.Name }} + endpoints: + - port: metrics + {{- if .Values.prometheus.monitor.interval }} + interval: {{ .Values.prometheus.monitor.interval }} + {{- end }} + {{- if .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }} + {{- end }} +{{- if .Values.prometheus.monitor.relabelings }} + relabelings: +{{ toYaml .Values.prometheus.monitor.relabelings | indent 6 }} +{{- end }} +{{- end }} diff --git a/charts/meep-ams/templates/service.yaml b/charts/meep-ams/templates/service.yaml new file mode 100644 index 0000000000000000000000000000000000000000..cc1b5a73370e276edb0275650b9b5eb024802176 --- /dev/null +++ b/charts/meep-ams/templates/service.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + labels: + app: {{ template "meep-ams.name" . }} + chart: {{ template "meep-ams.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} +spec: + type: {{ .Values.service.type }} + selector: + app: {{ template "meep-ams.name" . }} + release: {{ .Release.Name }} + ports: + - name: ams + port: {{ .Values.service.port }} + targetPort: {{ .Values.deployment.port }} + {{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- if .Values.prometheus.monitor.enabled}} + - name: metrics + port: {{ .Values.prometheus.monitor.port }} + targetPort: {{ .Values.prometheus.monitor.port }} + protocol: TCP + {{- end}} + diff --git a/charts/meep-ams/templates/serviceaccount.yaml b/charts/meep-ams/templates/serviceaccount.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ad7d59abc7f985f917b1ea3e43cb0247b7685a14 --- /dev/null +++ b/charts/meep-ams/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "meep-ams.fullname" . }} diff --git a/charts/meep-ams/values-template.yaml b/charts/meep-ams/values-template.yaml new file mode 100644 index 0000000000000000000000000000000000000000..32f0bf18b14199830052e8e35828f9f7b47070da --- /dev/null +++ b/charts/meep-ams/values-template.yaml @@ -0,0 +1,85 @@ +# Default values for meep-ams. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +deployment: + replicas: 1 + port: 80 + protocol: TCP + dependencies: + system: + {{- if not .IsMepService }} + - kube-dns + {{- end }} + namespace: + +image: + repository: meep-docker-registry:30001/meep-ams + tag: latest + pullPolicy: Always + env: + MEEP_INSTANCE_ID: {{.InstanceId}} + MEEP_SANDBOX_NAME: {{.SandboxName}} + MEEP_SVC_PATH: /amsi/v1 + MEEP_HOST_URL: {{.HostUrl}} + {{- if .IsMepService }} + MEEP_MEP_NAME: {{.MepName}} + {{- end }} + {{- if eq .AppEnablement "local" }} + MEEP_APP_ENABLEMENT: {{.MepName}}-meep-app-enablement + {{- else if eq .AppEnablement "global" }} + MEEP_APP_ENABLEMENT: meep-app-enablement + {{- end }} + {{- range .Env}} + {{.}} + {{- end}} + +service: + {{- if .IsMepService }} + name: {{.MepName}}-meep-ams + {{- else }} + name: meep-ams + {{- end }} + type: ClusterIP + port: 80 + +ingress: + enabled: true + hosts: + - name: '' + paths: + {{- if .IsMepService }} + - /{{.SandboxName}}/{{.MepName}}/amsi + {{- else }} + - /{{.SandboxName}}/amsi + {{- end }} + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/force-ssl-redirect: {{ .HttpsOnly }} + {{- if .IsMepService }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{.SandboxName}}/{{.MepName}}/amsi(/|$)(.*)$ /amsi/$2 break; + {{- else }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{.SandboxName}}/amsi(/|$)(.*)$ /amsi/$2 break; + {{- end }} + {{- if .AuthEnabled }} + nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-ams&sbox={{.SandboxName}}&mep={{.MepName}} + {{- end }} + labels: {} + tls: + +prometheus: + monitor: + enabled: true + port: 9000 + interval: 10s + additionalLabels: {} + relabelings: [] + scrapeTimeout: 5s + +codecov: + enabled: false + location: "/codecov/meep-ams" + +meepOrigin: core diff --git a/charts/meep-app-enablement/.helmignore b/charts/meep-app-enablement/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..f0c13194444163d1cba5c67d9e79231a62bc8f44 --- /dev/null +++ b/charts/meep-app-enablement/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/meep-app-enablement/Chart.yaml b/charts/meep-app-enablement/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..b0bfc6378b469cd6796ebadb0ba0c93ee83aa0e8 --- /dev/null +++ b/charts/meep-app-enablement/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0.0" +description: MEEP Edge Platform Application Enablement Service Helm chart for Kubernetes +name: meep-edge-platform-app-enablement +version: 1.0.0 diff --git a/charts/meep-app-enablement/templates/_helpers.tpl b/charts/meep-app-enablement/templates/_helpers.tpl new file mode 100644 index 0000000000000000000000000000000000000000..83b32cdf07f400a7a057dcef064f0584762b5946 --- /dev/null +++ b/charts/meep-app-enablement/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "meep-app-enablement.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "meep-app-enablement.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "meep-app-enablement.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/meep-app-enablement/templates/clusterrolebinding.yaml b/charts/meep-app-enablement/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e3031289e5e9664f1b50e71b71dd650064aa2afa --- /dev/null +++ b/charts/meep-app-enablement/templates/clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: "{{ .Release.Namespace }}:{{ template "meep-app-enablement.fullname" . }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: {{ template "meep-app-enablement.fullname" . }} + namespace: {{ .Release.Namespace }} + \ No newline at end of file diff --git a/charts/meep-app-enablement/templates/codecov-pv.yaml b/charts/meep-app-enablement/templates/codecov-pv.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9dce19e1b821ad95e4beeba777cc83f8c6716313 --- /dev/null +++ b/charts/meep-app-enablement/templates/codecov-pv.yaml @@ -0,0 +1,35 @@ +{{- if .Values.codecov.enabled}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: meep-app-enablement-codecov-pv +spec: + storageClassName: meep-app-enablement-codecov-sc + capacity: + storage: 100Mi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + hostPath: + path: "/home/englab/.meep/codecov/meep-app-enablement" + +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: meep-app-enablement-codecov-sc +provisioner: kubernetes.io/no-provisioner +volumeBindingMode: WaitForFirstConsumer +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: meep-app-enablement-codecov-pvc +spec: + storageClassName: meep-app-enablement-codecov-sc + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi +{{- end}} diff --git a/charts/meep-app-enablement/templates/deployment.yaml b/charts/meep-app-enablement/templates/deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..6e1b1c500386f718b4a14ae3fd46161eeb080037 --- /dev/null +++ b/charts/meep-app-enablement/templates/deployment.yaml @@ -0,0 +1,65 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "meep-app-enablement.fullname" . }} + labels: + app: {{ template "meep-app-enablement.name" . }} + chart: {{ template "meep-app-enablement.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} +spec: + replicas: {{ .Values.deployment.replicas }} + selector: + matchLabels: + app: {{ template "meep-app-enablement.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "meep-app-enablement.name" . }} + release: {{ .Release.Name }} + meepOrigin: {{ .Values.meepOrigin }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + {{- if .Values.codecov.enabled}} + volumes: + - name: codecov-storage + persistentVolumeClaim: + claimName: meep-app-enablement-codecov-pvc + {{- end}} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + {{- if .Values.codecov.enabled}} + command: [ "/meep-app-enablement" ] + args: [ "-test.coverprofile=/codecov/codecov-meep-app-enablement.out", "__DEVEL--code-cov" ] + {{- end}} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: {{ .Values.deployment.port }} + protocol: {{ .Values.deployment.protocol }} + env: + {{- range $key, $value := .Values.image.env }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.codecov.enabled}} + volumeMounts: + - name: codecov-storage + mountPath: /codecov + {{- end}} + terminationGracePeriodSeconds: 5 + initContainers: + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-app-enablement/templates/ingress.yaml b/charts/meep-app-enablement/templates/ingress.yaml new file mode 100755 index 0000000000000000000000000000000000000000..65a11f0ed7221d6cf8f9ffa8718fb048cc6da44e --- /dev/null +++ b/charts/meep-app-enablement/templates/ingress.yaml @@ -0,0 +1,39 @@ +{{- if .Values.ingress.enabled -}} +{{- $serviceName := .Values.service.name -}} +{{- $servicePort := .Values.service.port -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $serviceName }} + labels: + app: {{ template "meep-app-enablement.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.ingress.labels }} +{{ toYaml .Values.ingress.labels | indent 4 }} +{{- end }} + annotations: + {{- range $key, $value := .Values.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + {{- range .Values.ingress.hosts }} + - http: + paths: + {{- range $path := .paths }} + - path: {{ $path }} + backend: + serviceName: {{ $serviceName }} + servicePort: {{ $servicePort }} + {{- end -}} + {{- if .name }} + host: {{ .name }} + {{- end }} + {{- end -}} + {{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} diff --git a/charts/meep-app-enablement/templates/monitor.yaml b/charts/meep-app-enablement/templates/monitor.yaml new file mode 100644 index 0000000000000000000000000000000000000000..f1f7bbdd3b2da46a58f94720977147424f57d957 --- /dev/null +++ b/charts/meep-app-enablement/templates/monitor.yaml @@ -0,0 +1,33 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "meep-app-enablement.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "meep-app-enablement.name" . }} + chart: {{ template "meep-app-enablement.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} + {{- if .Values.prometheus.monitor.additionalLabels }} +{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app: {{ template "meep-app-enablement.name" . }} + release: {{ .Release.Name }} + endpoints: + - port: metrics + {{- if .Values.prometheus.monitor.interval }} + interval: {{ .Values.prometheus.monitor.interval }} + {{- end }} + {{- if .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }} + {{- end }} +{{- if .Values.prometheus.monitor.relabelings }} + relabelings: +{{ toYaml .Values.prometheus.monitor.relabelings | indent 6 }} +{{- end }} +{{- end }} diff --git a/charts/meep-app-enablement/templates/service.yaml b/charts/meep-app-enablement/templates/service.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5627b6ea84b13bb037f69d44d95fc1989099683f --- /dev/null +++ b/charts/meep-app-enablement/templates/service.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.service.name }} + labels: + app: {{ template "meep-app-enablement.name" . }} + chart: {{ template "meep-app-enablement.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + meepOrigin: {{ .Values.meepOrigin }} +spec: + type: {{ .Values.service.type }} + selector: + app: {{ template "meep-app-enablement.name" . }} + release: {{ .Release.Name }} + ports: + - name: app-enablement + port: {{ .Values.service.port }} + targetPort: {{ .Values.deployment.port }} + {{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- if .Values.prometheus.monitor.enabled}} + - name: metrics + port: {{ .Values.prometheus.monitor.port }} + targetPort: {{ .Values.prometheus.monitor.port }} + protocol: TCP + {{- end}} + diff --git a/charts/meep-app-enablement/templates/serviceaccount.yaml b/charts/meep-app-enablement/templates/serviceaccount.yaml new file mode 100644 index 0000000000000000000000000000000000000000..9350c9d7d07111807158317cf8ce6247e6ea7fd2 --- /dev/null +++ b/charts/meep-app-enablement/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "meep-app-enablement.fullname" . }} diff --git a/charts/meep-app-enablement/values-template.yaml b/charts/meep-app-enablement/values-template.yaml new file mode 100644 index 0000000000000000000000000000000000000000..7fc371b0e203df347a2a102cbcfd7676b2cf0fb5 --- /dev/null +++ b/charts/meep-app-enablement/values-template.yaml @@ -0,0 +1,83 @@ +# Default values for meep-app-enablement. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +deployment: + replicas: 1 + port: 80 + protocol: TCP + dependencies: + system: + {{- if not .IsMepService }} + - kube-dns + {{- end }} + namespace: + +image: + repository: meep-docker-registry:30001/meep-app-enablement + tag: latest + pullPolicy: Always + env: + MEEP_INSTANCE_ID: {{.InstanceId}} + MEEP_SANDBOX_NAME: {{.SandboxName}} + MEEP_SVC_PATH: /mec_app_support/v1 + MEEP_HOST_URL: {{.HostUrl}} + {{- if .IsMepService }} + MEEP_MEP_NAME: {{.MepName}} + {{- end }} + {{- range .Env}} + {{.}} + {{- end}} + +service: + {{- if .IsMepService }} + name: {{.MepName}}-meep-app-enablement + {{- else }} + name: meep-app-enablement + {{- end }} + type: ClusterIP + port: 80 + +ingress: + enabled: true + hosts: + - name: '' + paths: + {{- if .IsMepService }} + - /{{.SandboxName}}/{{.MepName}}/mec_app_support + - /{{.SandboxName}}/{{.MepName}}/mec_service_mgmt + {{- else }} + - /{{.SandboxName}}/mec_app_support + - /{{.SandboxName}}/mec_service_mgmt + {{- end }} + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/force-ssl-redirect: {{ .HttpsOnly }} + {{- if .IsMepService }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{ .SandboxName }}/{{.MepName}}/mec_app_support(/|$)(.*)$ /mec_app_support/$2 break; + rewrite ^/{{ .SandboxName }}/{{.MepName}}/mec_service_mgmt(/|$)(.*)$ /mec_service_mgmt/$2 break; + {{- else }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{ .SandboxName }}/mec_app_support(/|$)(.*)$ /mec_app_support/$2 break; + rewrite ^/{{ .SandboxName }}/mec_service_mgmt(/|$)(.*)$ /mec_service_mgmt/$2 break; + {{- end }} + {{- if .AuthEnabled }} + nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-app-enablement&sbox={{.SandboxName}}&mep={{.MepName}} + {{- end }} + labels: {} + tls: + +prometheus: + monitor: + enabled: true + port: 9000 + interval: 10s + additionalLabels: {} + relabelings: [] + scrapeTimeout: 5s + +codecov: + enabled: false + +meepOrigin: core diff --git a/charts/meep-auth-svc/templates/deployment.yaml b/charts/meep-auth-svc/templates/deployment.yaml index 526e93b72f627ec4597e26bc5bc6e9cd726a1b2b..6a17a800c8296d0343130e4f353e445cf7f8cd07 100644 --- a/charts/meep-auth-svc/templates/deployment.yaml +++ b/charts/meep-auth-svc/templates/deployment.yaml @@ -68,9 +68,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-auth-svc/values.yaml b/charts/meep-auth-svc/values.yaml index 0e3da78c0af6969eb8aa2c67e8ac49c6f37dc9ab..02d41615981c4a5345a313e476188e5de8591601 100644 --- a/charts/meep-auth-svc/values.yaml +++ b/charts/meep-auth-svc/values.yaml @@ -9,7 +9,10 @@ deployment: port: 80 protocol: TCP altPort: 8080 - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -24,6 +27,7 @@ image: tag: latest pullPolicy: Always env: + MEEP_SVC_PATH: /auth/v1 MEEP_MAX_SESSIONS: "10" MEEP_OAUTH_GITHUB_ENABLED: "false" MEEP_OAUTH_GITHUB_AUTH_URL: "" diff --git a/charts/meep-gis-engine/templates/codecov-pv.yaml b/charts/meep-gis-engine/templates/codecov-pv.yaml index 2f78d0b6080aa5852d854c99a3f87e4456558f19..361cc3449c0be61b28fcbda404c43df00bd35671 100644 --- a/charts/meep-gis-engine/templates/codecov-pv.yaml +++ b/charts/meep-gis-engine/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-gis-engine" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-gis-engine/templates/deployment.yaml b/charts/meep-gis-engine/templates/deployment.yaml index 52866a2d289913887e4ad592396696d051efe93c..38ab0cfe104b0c52df72e8befc714cd676b85d22 100644 --- a/charts/meep-gis-engine/templates/deployment.yaml +++ b/charts/meep-gis-engine/templates/deployment.yaml @@ -55,9 +55,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-gis-engine/values-template.yaml b/charts/meep-gis-engine/values-template.yaml index ca5edb526d12f7c4bbb6c96903accbb0cc846489..b143cfc735940289328929b95ebbb01325d3b78e 100644 --- a/charts/meep-gis-engine/values-template.yaml +++ b/charts/meep-gis-engine/values-template.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: image: repository: meep-docker-registry:30001/meep-gis-engine @@ -16,6 +19,7 @@ image: pullPolicy: Always env: MEEP_SANDBOX_NAME: {{ .SandboxName }} + MEEP_SVC_PATH: /gis/v1 service: name: meep-gis-engine @@ -50,6 +54,7 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-gis-engine" meepOrigin: core diff --git a/charts/meep-loc-serv/templates/clusterrolebinding.yaml b/charts/meep-loc-serv/templates/clusterrolebinding.yaml index efaddba1b89f550921b25da380869f89c27cf7d5..db2454f0cac77f87ea77031bb21aa7669632d7ef 100644 --- a/charts/meep-loc-serv/templates/clusterrolebinding.yaml +++ b/charts/meep-loc-serv/templates/clusterrolebinding.yaml @@ -1,13 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: "{{ .Release.Namespace }}:{{ .Values.serviceAccount }}" + name: "{{ .Release.Namespace }}:{{ template "meep-loc-serv.fullname" . }}" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ template "meep-loc-serv.fullname" . }} namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/meep-loc-serv/templates/codecov-pv.yaml b/charts/meep-loc-serv/templates/codecov-pv.yaml index 474bff5f179da82aedc33097caaa242b62a4fc5c..6cbcfb641e9d337932c265e4e77d300131055bb5 100644 --- a/charts/meep-loc-serv/templates/codecov-pv.yaml +++ b/charts/meep-loc-serv/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-loc-serv" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-loc-serv/templates/deployment.yaml b/charts/meep-loc-serv/templates/deployment.yaml index f19a673a74e7a6ad6b8c9f112b95dcac53d1192f..df9d9df477225444b65c1b76b49331a4c85441d8 100644 --- a/charts/meep-loc-serv/templates/deployment.yaml +++ b/charts/meep-loc-serv/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: env: {{- range $key, $value := .Values.image.env }} - name: {{ $key }} - value: {{ $value }} + value: {{ $value | quote }} {{- end }} {{- if .Values.codecov.enabled}} volumeMounts: @@ -51,8 +51,15 @@ spec: {{- end}} terminationGracePeriodSeconds: 5 initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-loc-serv/templates/ingress.yaml b/charts/meep-loc-serv/templates/ingress.yaml index b1d242978ad8fdb4e6dff7a5e7b0e63ac2a86983..73d4d48e9a24c2321e90a6c461b39fc136b07731 100755 --- a/charts/meep-loc-serv/templates/ingress.yaml +++ b/charts/meep-loc-serv/templates/ingress.yaml @@ -1,11 +1,10 @@ {{- if .Values.ingress.enabled -}} -{{- $serviceName := include "meep-loc-serv.fullname" . -}} +{{- $serviceName := .Values.service.name -}} {{- $servicePort := .Values.service.port -}} -{{- $path := .Values.ingress.path -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "meep-loc-serv.fullname" . }} + name: {{ $serviceName }} labels: app: {{ template "meep-loc-serv.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} diff --git a/charts/meep-loc-serv/templates/serviceaccount.yaml b/charts/meep-loc-serv/templates/serviceaccount.yaml index 86314d8cfa1f8f0ed58d7c5f42c0351c5db1eef2..422fa4e4d03040453b643a6bf06c5c5e1b0ab367 100644 --- a/charts/meep-loc-serv/templates/serviceaccount.yaml +++ b/charts/meep-loc-serv/templates/serviceaccount.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ template "meep-loc-serv.fullname" . }} diff --git a/charts/meep-loc-serv/values-template.yaml b/charts/meep-loc-serv/values-template.yaml index ef3412f2705f791e86c1ab7b745193a231974e33..de2eac438dd7ec021a3bdd91abf9e1df8bb31349 100644 --- a/charts/meep-loc-serv/values-template.yaml +++ b/charts/meep-loc-serv/values-template.yaml @@ -2,24 +2,44 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -serviceAccount: meep-loc-serv - deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + {{- if not .IsMepService }} + - kube-dns + {{- end }} + namespace: image: repository: meep-docker-registry:30001/meep-loc-serv tag: latest pullPolicy: Always env: - MEEP_SANDBOX_NAME: {{ .SandboxName }} - MEEP_HOST_URL: {{ .HostUrl }} + MEEP_INSTANCE_ID: {{.InstanceId}} + MEEP_SANDBOX_NAME: {{.SandboxName}} + MEEP_SVC_PATH: /location/v2 + MEEP_HOST_URL: {{.HostUrl}} + {{- if .IsMepService }} + MEEP_MEP_NAME: {{.MepName}} + {{- end }} + {{- if eq .AppEnablement "local" }} + MEEP_APP_ENABLEMENT: {{.MepName}}-meep-app-enablement + {{- else if eq .AppEnablement "global" }} + MEEP_APP_ENABLEMENT: meep-app-enablement + {{- end }} + {{- range .Env}} + {{.}} + {{- end}} service: + {{- if .IsMepService }} + name: {{.MepName}}-meep-loc-serv + {{- else }} name: meep-loc-serv + {{- end }} type: ClusterIP port: 80 @@ -28,14 +48,23 @@ ingress: hosts: - name: '' paths: - - /{{ .SandboxName }}/location + {{- if .IsMepService }} + - /{{.SandboxName}}/{{.MepName}}/location + {{- else }} + - /{{.SandboxName}}/location + {{- end }} annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/force-ssl-redirect: {{ .HttpsOnly }} + {{- if .IsMepService }} nginx.ingress.kubernetes.io/configuration-snippet: | - rewrite ^/{{ .SandboxName }}/location(/|$)(.*)$ /location/$2 break; + rewrite ^/{{.SandboxName}}/{{.MepName}}/location(/|$)(.*)$ /location/$2 break; + {{- else }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{.SandboxName}}/location(/|$)(.*)$ /location/$2 break; + {{- end }} {{- if .AuthEnabled }} - nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-loc-serv&sbox={{ .SandboxName }} + nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-loc-serv&sbox={{.SandboxName}}&mep={{.MepName}} {{- end }} labels: {} tls: @@ -51,5 +80,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-loc-serv" meepOrigin: core diff --git a/charts/meep-metrics-engine/templates/codecov-pv.yaml b/charts/meep-metrics-engine/templates/codecov-pv.yaml index 1c8c6a7d9f08fde2f590b35fca9feaf6ba6fbaee..03a5f496f0fd79d54ec9bdf2a91e2f2166f87607 100644 --- a/charts/meep-metrics-engine/templates/codecov-pv.yaml +++ b/charts/meep-metrics-engine/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-metrics-engine" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-metrics-engine/templates/deployment.yaml b/charts/meep-metrics-engine/templates/deployment.yaml index 9fe61a01fa9b40245ad1add1e424e1eafd24b353..9c71278004abcc275adb21aae15f8e5a13440b1d 100644 --- a/charts/meep-metrics-engine/templates/deployment.yaml +++ b/charts/meep-metrics-engine/templates/deployment.yaml @@ -51,8 +51,15 @@ spec: {{- end}} terminationGracePeriodSeconds: 5 initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-metrics-engine/values-template.yaml b/charts/meep-metrics-engine/values-template.yaml index 6561020a87022a0624a530bd761e15e4a8ae34ce..4741ab88dcb8841aec368137c327018a34c255fb 100644 --- a/charts/meep-metrics-engine/values-template.yaml +++ b/charts/meep-metrics-engine/values-template.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: image: repository: meep-docker-registry:30001/meep-metrics-engine @@ -16,6 +19,7 @@ image: pullPolicy: Always env: MEEP_SANDBOX_NAME: {{ .SandboxName }} + MEEP_SVC_PATH: /metrics/v2 MEEP_HOST_URL: {{ .HostUrl }} service: @@ -51,5 +55,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-metrics-engine" meepOrigin: core diff --git a/charts/meep-mg-manager/templates/codecov-pv.yaml b/charts/meep-mg-manager/templates/codecov-pv.yaml index 4689ca4caba7f7d90330f0b5dd0401ce22604f39..11396dcc02723842e8272bafbfeac30f62e8a85d 100644 --- a/charts/meep-mg-manager/templates/codecov-pv.yaml +++ b/charts/meep-mg-manager/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-mg-manager" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-mg-manager/templates/deployment.yaml b/charts/meep-mg-manager/templates/deployment.yaml index 11f36a33e4bc23edce688725b07054a113a4d2ae..22629144f261790ea0b500bafb4c7cad5fbd9b2c 100644 --- a/charts/meep-mg-manager/templates/deployment.yaml +++ b/charts/meep-mg-manager/templates/deployment.yaml @@ -55,9 +55,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-mg-manager/values-template.yaml b/charts/meep-mg-manager/values-template.yaml index a684ce6d3161d367ca09b08e5ea8583cb4de8054..26cb8517d10a2732c4927f52c94f9e4b0235d478 100644 --- a/charts/meep-mg-manager/values-template.yaml +++ b/charts/meep-mg-manager/values-template.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -24,6 +27,7 @@ image: pullPolicy: Always env: MEEP_SANDBOX_NAME: {{ .SandboxName }} + MEEP_SVC_PATH: /mgm/v1 service: name: meep-mg-manager @@ -58,5 +62,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-mg-manager" meepOrigin: core diff --git a/charts/meep-mon-engine/templates/codecov-pv.yaml b/charts/meep-mon-engine/templates/codecov-pv.yaml index 3dc8532e0c4c57378f52637a881fa0c29fac8f2c..0095aff173cc7ca9f1e2eb8fcb5f1d7df631121d 100644 --- a/charts/meep-mon-engine/templates/codecov-pv.yaml +++ b/charts/meep-mon-engine/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-mon-engine" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-mon-engine/templates/deployment.yaml b/charts/meep-mon-engine/templates/deployment.yaml index a996b75fc9fa22b030ff74a18b708e2abacbd271..f7e192847b9658579c013e1e761a1b3788e04a97 100644 --- a/charts/meep-mon-engine/templates/deployment.yaml +++ b/charts/meep-mon-engine/templates/deployment.yaml @@ -63,10 +63,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-mon-engine/values.yaml b/charts/meep-mon-engine/values.yaml index 6091ed3bea550898a8bc6a2070f73ea6fb5bad6d..09b04dfb63a37a246532a3a713b3c5424924df69 100644 --- a/charts/meep-mon-engine/values.yaml +++ b/charts/meep-mon-engine/values.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -23,6 +26,7 @@ image: tag: latest pullPolicy: Always env: + MEEP_SVC_PATH: /mon-engine/v1 # Provide comma-separated list of expected pods to be monitored MEEP_DEPENDENCY_PODS: "" MEEP_CORE_PODS: "" @@ -54,5 +58,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-mon-engine" meepOrigin: core diff --git a/charts/meep-platform-ctrl/templates/deployment.yaml b/charts/meep-platform-ctrl/templates/deployment.yaml index a443899efa8901f6f508d4a149d02d08e41100dc..aef9d1788b0ae29f4d811e28f71006f814287cdd 100644 --- a/charts/meep-platform-ctrl/templates/deployment.yaml +++ b/charts/meep-platform-ctrl/templates/deployment.yaml @@ -33,11 +33,6 @@ spec: persistentVolumeClaim: claimName: meep-platform-ctrl-user-frontend-pvc {{- end}} - {{- if .Values.user.swagger.enabled}} - - name: user-swagger-storage - persistentVolumeClaim: - claimName: meep-platform-ctrl-user-swagger-pvc - {{- end}} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -68,7 +63,7 @@ spec: {{- end }} {{- if .Values.user.swagger.enabled}} - name: USER_SWAGGER - value: {{ .Values.user.swagger.mountpath }} + value: "true" {{- end }} volumeMounts: {{- if .Values.codecov.enabled}} @@ -79,19 +74,21 @@ spec: - name: user-frontend-storage mountPath: {{ .Values.user.frontend.mountpath }} {{- end}} - {{- if .Values.user.swagger.enabled}} - - name: user-swagger-storage - mountPath: {{ .Values.user.swagger.mountpath }} - {{- end}} terminationGracePeriodSeconds: 5 {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-platform-ctrl/values.yaml b/charts/meep-platform-ctrl/values.yaml index d1622848f76791eb58890dbb480b2be02ac46175..c81fa95684b4a8c43760b19fd804f39aeff761a6 100644 --- a/charts/meep-platform-ctrl/values.yaml +++ b/charts/meep-platform-ctrl/values.yaml @@ -9,7 +9,10 @@ deployment: port: 80 protocol: TCP altPort: 8080 - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -24,6 +27,7 @@ image: tag: latest pullPolicy: Always env: + MEEP_SVC_PATH: /platform-ctrl/v1 envSecret: service: @@ -36,6 +40,9 @@ ingress: - name: '' paths: - / + - /api + - /alt + - /alt/api - /platform-ctrl annotations: kubernetes.io/ingress.class: nginx @@ -68,7 +75,5 @@ user: swagger: enabled: false - location: "/user/swagger" - mountpath: "/user-swagger" meepOrigin: core diff --git a/charts/meep-rnis/templates/clusterrolebinding.yaml b/charts/meep-rnis/templates/clusterrolebinding.yaml index efaddba1b89f550921b25da380869f89c27cf7d5..e3a4d4728fa7c6fca9b723a8fc80ca9fd13fc6ca 100644 --- a/charts/meep-rnis/templates/clusterrolebinding.yaml +++ b/charts/meep-rnis/templates/clusterrolebinding.yaml @@ -1,13 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: "{{ .Release.Namespace }}:{{ .Values.serviceAccount }}" + name: "{{ .Release.Namespace }}:{{ template "meep-rnis.fullname" . }}" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ template "meep-rnis.fullname" . }} namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/meep-rnis/templates/codecov-pv.yaml b/charts/meep-rnis/templates/codecov-pv.yaml index 8e00d9b4312925d9c61e009b400f59fecc2c1fe3..11150ceeb4d7888e5716d6549b75ea57f174b709 100644 --- a/charts/meep-rnis/templates/codecov-pv.yaml +++ b/charts/meep-rnis/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-rnis" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-rnis/templates/deployment.yaml b/charts/meep-rnis/templates/deployment.yaml index 21cdf5578d7f43e4166c463e9267ed57f87eb19f..f5a3f0d68463ac41dc859e0adfadc1e7cf0c53db 100644 --- a/charts/meep-rnis/templates/deployment.yaml +++ b/charts/meep-rnis/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: env: {{- range $key, $value := .Values.image.env }} - name: {{ $key }} - value: {{ $value }} + value: {{ $value | quote }} {{- end }} {{- if .Values.codecov.enabled}} volumeMounts: @@ -51,8 +51,15 @@ spec: {{- end}} terminationGracePeriodSeconds: 5 initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-rnis/templates/ingress.yaml b/charts/meep-rnis/templates/ingress.yaml index ddcbf951e8517f1beb276c7a5a7eaecf799f48d0..a71305328bda70b5131d17cddee047c7ca28b471 100755 --- a/charts/meep-rnis/templates/ingress.yaml +++ b/charts/meep-rnis/templates/ingress.yaml @@ -1,11 +1,10 @@ {{- if .Values.ingress.enabled -}} -{{- $serviceName := include "meep-rnis.fullname" . -}} +{{- $serviceName := .Values.service.name -}} {{- $servicePort := .Values.service.port -}} -{{- $path := .Values.ingress.path -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "meep-rnis.fullname" . }} + name: {{ $serviceName }} labels: app: {{ template "meep-rnis.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} diff --git a/charts/meep-rnis/templates/service.yaml b/charts/meep-rnis/templates/service.yaml index 2d87bbb1699243651b9265d43c3b8d35e1eb8ac2..a62e0b736c9c8bfab73c8bfe4f77b2b42d086946 100644 --- a/charts/meep-rnis/templates/service.yaml +++ b/charts/meep-rnis/templates/service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "meep-rnis.fullname" . }} + name: {{ .Values.service.name }} labels: app: {{ template "meep-rnis.name" . }} chart: {{ template "meep-rnis.chart" . }} diff --git a/charts/meep-rnis/templates/serviceaccount.yaml b/charts/meep-rnis/templates/serviceaccount.yaml index 86314d8cfa1f8f0ed58d7c5f42c0351c5db1eef2..158578f9707aa58f886ac3e3376515600a895bf3 100644 --- a/charts/meep-rnis/templates/serviceaccount.yaml +++ b/charts/meep-rnis/templates/serviceaccount.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ template "meep-rnis.fullname" . }} diff --git a/charts/meep-rnis/values-template.yaml b/charts/meep-rnis/values-template.yaml index b514ef99741db00943f45841e932607ed6c18bc2..6e69b682ccdc0bfd008b07e13c01a00e545acd8b 100644 --- a/charts/meep-rnis/values-template.yaml +++ b/charts/meep-rnis/values-template.yaml @@ -2,26 +2,46 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -serviceAccount: meep-rnis - deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + {{- if not .IsMepService }} + - kube-dns + {{- end }} + namespace: image: repository: meep-docker-registry:30001/meep-rnis tag: latest pullPolicy: Always env: - MEEP_SANDBOX_NAME: {{ .SandboxName }} - MEEP_HOST_URL: {{ .HostUrl }} MEAS_REP_UE_PERIODIC_TRIGGER_INTERVAL: 1s NR_MEAS_REP_UE_PERIODIC_TRIGGER_INTERVAL: 1s + MEEP_INSTANCE_ID: {{.InstanceId}} + MEEP_SANDBOX_NAME: {{.SandboxName}} + MEEP_SVC_PATH: /rni/v2 + MEEP_HOST_URL: {{.HostUrl}} + {{- if .IsMepService }} + MEEP_MEP_NAME: {{.MepName}} + {{- end }} + {{- if eq .AppEnablement "local" }} + MEEP_APP_ENABLEMENT: {{.MepName}}-meep-app-enablement + {{- else if eq .AppEnablement "global" }} + MEEP_APP_ENABLEMENT: meep-app-enablement + {{- end }} + {{- range .Env}} + {{.}} + {{- end}} service: + {{- if .IsMepService }} + name: {{.MepName}}-meep-rnis + {{- else }} name: meep-rnis + {{- end }} type: ClusterIP port: 80 @@ -30,14 +50,23 @@ ingress: hosts: - name: '' paths: - - /{{ .SandboxName }}/rni + {{- if .IsMepService }} + - /{{.SandboxName}}/{{.MepName}}/rni + {{- else }} + - /{{.SandboxName}}/rni + {{- end }} annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/force-ssl-redirect: {{ .HttpsOnly }} + {{- if .IsMepService }} nginx.ingress.kubernetes.io/configuration-snippet: | - rewrite ^/{{ .SandboxName }}/rni(/|$)(.*)$ /rni/$2 break; + rewrite ^/{{.SandboxName}}/{{.MepName}}/rni(/|$)(.*)$ /rni/$2 break; + {{- else }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{.SandboxName}}/rni(/|$)(.*)$ /rni/$2 break; + {{- end }} {{- if .AuthEnabled }} - nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-rnis&sbox={{ .SandboxName }} + nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-rnis&sbox={{.SandboxName}}&mep={{.MepName}} {{- end }} labels: {} tls: @@ -53,5 +82,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-rnis" meepOrigin: core diff --git a/charts/meep-sandbox-ctrl/templates/codecov-pv.yaml b/charts/meep-sandbox-ctrl/templates/codecov-pv.yaml index 5b879ffe8a7f7043792c96b57e8d15b070533dc8..052357bac36ddbd0337cc2fbdb53e9e2c4baa067 100644 --- a/charts/meep-sandbox-ctrl/templates/codecov-pv.yaml +++ b/charts/meep-sandbox-ctrl/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-sandbox-ctrl" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-sandbox-ctrl/templates/deployment.yaml b/charts/meep-sandbox-ctrl/templates/deployment.yaml index ff6aa1a7d95008d81d93927e82b80f8ae7f33764..242a4c55bbb2b058abad14908422173f0ade4aaa 100644 --- a/charts/meep-sandbox-ctrl/templates/deployment.yaml +++ b/charts/meep-sandbox-ctrl/templates/deployment.yaml @@ -28,14 +28,6 @@ spec: persistentVolumeClaim: claimName: meep-sandbox-ctrl-codecov-pvc {{- end}} - {{- if .Values.user.swagger.enabled}} - - name: user-swagger - hostPath: - # directory location on host - path: {{ .Values.user.swagger.location }} - # this field is optional - type: DirectoryOrCreate - {{- end}} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -54,27 +46,28 @@ spec: {{- end }} {{- if .Values.user.swagger.enabled}} - name: USER_SWAGGER - value: {{ .Values.user.swagger.mountpath }} - - name: USER_SWAGGER_SANDBOX - value: {{ .Values.user.swagger.servepath }} + value: "true" {{- end }} volumeMounts: {{- if .Values.codecov.enabled}} - name: codecov-storage mountPath: /codecov {{- end}} - {{- if .Values.user.swagger.enabled}} - - name: user-swagger - mountPath: {{ .Values.user.swagger.mountpath }} - {{- end}} terminationGracePeriodSeconds: 5 {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-sandbox-ctrl/values-template.yaml b/charts/meep-sandbox-ctrl/values-template.yaml index 5f49db0a7a79f9c6eb804cec04f9e880078f0bda..db622614dd9a69de139f1eac7a8514f793c6171b 100644 --- a/charts/meep-sandbox-ctrl/values-template.yaml +++ b/charts/meep-sandbox-ctrl/values-template.yaml @@ -9,8 +9,10 @@ deployment: port: 80 protocol: TCP altPort: 8080 - dependency: kube-dns - + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -26,6 +28,7 @@ image: pullPolicy: Always env: MEEP_SANDBOX_NAME: {{ .SandboxName }} + MEEP_SVC_PATH: /sandbox-ctrl/v1 MEEP_HOST_URL: {{ .HostUrl }} service: @@ -67,10 +70,8 @@ prometheus: user: swagger: enabled: {{ .UserSwagger }} - location: {{ .UserSwaggerDir }} - mountpath: "/user-swagger" - servepath: "/user-swagger-sandbox" codecov: enabled: false + location: "/codecov/meep-sandbox-ctrl" meepOrigin: core diff --git a/charts/meep-tc-engine/templates/codecov-pv.yaml b/charts/meep-tc-engine/templates/codecov-pv.yaml index b54b4aedd269620b3b68a5e1c70f87666d5c8a16..97dbf28e879f07c78957f5c0927abd7eb577eb1a 100644 --- a/charts/meep-tc-engine/templates/codecov-pv.yaml +++ b/charts/meep-tc-engine/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-tc-engine" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-tc-engine/templates/deployment.yaml b/charts/meep-tc-engine/templates/deployment.yaml index e5a812c93413b6c600c58d828bce386a8b542b65..625a3eeb4f54720115a77f9182665128ce69401a 100644 --- a/charts/meep-tc-engine/templates/deployment.yaml +++ b/charts/meep-tc-engine/templates/deployment.yaml @@ -55,9 +55,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-tc-engine/values-template.yaml b/charts/meep-tc-engine/values-template.yaml index 96e1d24fdb2d0a0a6c4f58332a0ab4ad20611b81..6c14e3d043e05a88197a7182eaa61777fa287967 100644 --- a/charts/meep-tc-engine/values-template.yaml +++ b/charts/meep-tc-engine/values-template.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -32,5 +35,6 @@ service: codecov: enabled: false + location: "/codecov/meep-tc-engine" meepOrigin: core diff --git a/charts/meep-virt-engine/templates/codecov-pv.yaml b/charts/meep-virt-engine/templates/codecov-pv.yaml index 82a94ad5bc18d1184712840d36f390c96f9376b7..e22f620ea03c50d20298d50263840382b2f6ee55 100644 --- a/charts/meep-virt-engine/templates/codecov-pv.yaml +++ b/charts/meep-virt-engine/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-virt-engine" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-virt-engine/templates/deployment.yaml b/charts/meep-virt-engine/templates/deployment.yaml index 771965329ed912ff02af99f04f8e9741126f3630..7e98c5e0b6453db5099d733591225f7a3f4c1b19 100644 --- a/charts/meep-virt-engine/templates/deployment.yaml +++ b/charts/meep-virt-engine/templates/deployment.yaml @@ -79,9 +79,15 @@ spec: {{ toYaml .Values.affinity | indent 8 }} {{- end }} initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-virt-engine/values.yaml b/charts/meep-virt-engine/values.yaml index 297ac0133be17f0b5eef21999aac503442a6972b..2c3278049c0d7d8d429e708e2d436aff5aec4df3 100644 --- a/charts/meep-virt-engine/values.yaml +++ b/charts/meep-virt-engine/values.yaml @@ -8,7 +8,10 @@ deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + - kube-dns + namespace: affinity: nodeAffinity: @@ -27,7 +30,6 @@ image: MEEP_SANDBOX_PODS: "" MEEP_HOST_URL: "http://www.example.com" MEEP_USER_SWAGGER: "false" - MEEP_USER_SWAGGER_DIR: "/path/to/user/swagger" MEEP_HTTPS_ONLY: "false" MEEP_AUTH_ENABLED: "\"false\"" envSecret: @@ -61,5 +63,6 @@ user: codecov: enabled: false + location: "/codecov/meep-virt-engine" meepOrigin: core diff --git a/charts/meep-wais/templates/clusterrolebinding.yaml b/charts/meep-wais/templates/clusterrolebinding.yaml index efaddba1b89f550921b25da380869f89c27cf7d5..478ab38c363400948ea84db51f0bd49b230e1b1a 100644 --- a/charts/meep-wais/templates/clusterrolebinding.yaml +++ b/charts/meep-wais/templates/clusterrolebinding.yaml @@ -1,13 +1,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: "{{ .Release.Namespace }}:{{ .Values.serviceAccount }}" + name: "{{ .Release.Namespace }}:{{ template "meep-wais.fullname" . }}" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ template "meep-wais.fullname" . }} namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/meep-wais/templates/codecov-pv.yaml b/charts/meep-wais/templates/codecov-pv.yaml index 5311dfd3692cf326abe988a1c82f2c404c78cc9e..5935763ac21c7921ba523a5d093b779b98964fc3 100644 --- a/charts/meep-wais/templates/codecov-pv.yaml +++ b/charts/meep-wais/templates/codecov-pv.yaml @@ -11,7 +11,7 @@ spec: - ReadWriteOnce persistentVolumeReclaimPolicy: Retain hostPath: - path: "/home/englab/.meep/codecov/meep-wais" + path: {{ .Values.codecov.location }} --- kind: StorageClass diff --git a/charts/meep-wais/templates/deployment.yaml b/charts/meep-wais/templates/deployment.yaml index 94f01983a351425f12199e85a5f0379239e10363..39801fbea9b99e706726fc06bf7940ec612b1645 100644 --- a/charts/meep-wais/templates/deployment.yaml +++ b/charts/meep-wais/templates/deployment.yaml @@ -42,7 +42,7 @@ spec: env: {{- range $key, $value := .Values.image.env }} - name: {{ $key }} - value: {{ $value }} + value: {{ $value | quote }} {{- end }} {{- if .Values.codecov.enabled}} volumeMounts: @@ -51,8 +51,15 @@ spec: {{- end}} terminationGracePeriodSeconds: 5 initContainers: - - name: init-{{ .Values.deployment.dependency }} + {{- range $value := .Values.deployment.dependencies.system }} + - name: init-system-{{ $value }} image: busybox:1.28 imagePullPolicy: IfNotPresent - command: ['sh', '-c', 'until nslookup {{ .Values.deployment.dependency }}.kube-system ; do echo waiting for {{ .Values.deployment.dependency }}; sleep 0.25; done;'] - + command: ['sh', '-c', 'until nslookup {{ $value }}.kube-system ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} + {{- range $value := .Values.deployment.dependencies.namespace }} + - name: init-{{ $value }} + image: busybox:1.28 + imagePullPolicy: IfNotPresent + command: ['sh', '-c', 'until nslookup {{ $value }} ; do echo waiting for {{ $value }}; sleep 0.25; done;'] + {{- end}} diff --git a/charts/meep-wais/templates/ingress.yaml b/charts/meep-wais/templates/ingress.yaml index c9cf0982d5fc863ba98e65e146756998c3f975e5..9f2c59adbfca31a67e7dcb93546759ad35419451 100755 --- a/charts/meep-wais/templates/ingress.yaml +++ b/charts/meep-wais/templates/ingress.yaml @@ -1,11 +1,10 @@ {{- if .Values.ingress.enabled -}} -{{- $serviceName := include "meep-wais.fullname" . -}} +{{- $serviceName := .Values.service.name -}} {{- $servicePort := .Values.service.port -}} -{{- $path := .Values.ingress.path -}} apiVersion: extensions/v1beta1 kind: Ingress metadata: - name: {{ template "meep-wais.fullname" . }} + name: {{ $serviceName }} labels: app: {{ template "meep-wais.name" . }} chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} diff --git a/charts/meep-wais/templates/service.yaml b/charts/meep-wais/templates/service.yaml index ae812177866b68b32e5f31b0896f483ec8113009..21f511904d76d519c9c1ca4ff22238d8bfbfe901 100644 --- a/charts/meep-wais/templates/service.yaml +++ b/charts/meep-wais/templates/service.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: {{ template "meep-wais.fullname" . }} + name: {{ .Values.service.name }} labels: app: {{ template "meep-wais.name" . }} chart: {{ template "meep-wais.chart" . }} diff --git a/charts/meep-wais/templates/serviceaccount.yaml b/charts/meep-wais/templates/serviceaccount.yaml index 86314d8cfa1f8f0ed58d7c5f42c0351c5db1eef2..ba9c94b28e6b5062d32868f8b4e7dd599d0eea25 100644 --- a/charts/meep-wais/templates/serviceaccount.yaml +++ b/charts/meep-wais/templates/serviceaccount.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ template "meep-wais.fullname" . }} diff --git a/charts/meep-wais/values-template.yaml b/charts/meep-wais/values-template.yaml index 287a8665969b2646a4fcebdf704fce69ea56a5e9..a517e763a7de6675980b587a802244d1827eeafe 100644 --- a/charts/meep-wais/values-template.yaml +++ b/charts/meep-wais/values-template.yaml @@ -2,24 +2,44 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -serviceAccount: meep-wais - deployment: replicas: 1 port: 80 protocol: TCP - dependency: kube-dns + dependencies: + system: + {{- if not .IsMepService }} + - kube-dns + {{- end }} + namespace: image: repository: meep-docker-registry:30001/meep-wais tag: latest pullPolicy: Always env: - MEEP_SANDBOX_NAME: {{ .SandboxName }} - MEEP_HOST_URL: {{ .HostUrl }} + MEEP_INSTANCE_ID: {{.InstanceId}} + MEEP_SANDBOX_NAME: {{.SandboxName}} + MEEP_SVC_PATH: /wai/v2 + MEEP_HOST_URL: {{.HostUrl}} + {{- if .IsMepService }} + MEEP_MEP_NAME: {{.MepName}} + {{- end }} + {{- if eq .AppEnablement "local" }} + MEEP_APP_ENABLEMENT: {{.MepName}}-meep-app-enablement + {{- else if eq .AppEnablement "global" }} + MEEP_APP_ENABLEMENT: meep-app-enablement + {{- end }} + {{- range .Env}} + {{.}} + {{- end}} service: + {{- if .IsMepService }} + name: {{.MepName}}-meep-wais + {{- else }} name: meep-wais + {{- end }} type: ClusterIP port: 80 @@ -28,14 +48,23 @@ ingress: hosts: - name: '' paths: - - /{{ .SandboxName }}/wai + {{- if .IsMepService }} + - /{{.SandboxName}}/{{.MepName}}/wai + {{- else }} + - /{{.SandboxName}}/wai + {{- end }} annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/force-ssl-redirect: {{ .HttpsOnly }} + {{- if .IsMepService }} nginx.ingress.kubernetes.io/configuration-snippet: | - rewrite ^/{{ .SandboxName }}/wai(/|$)(.*)$ /wai/$2 break; + rewrite ^/{{.SandboxName}}/{{.MepName}}/wai(/|$)(.*)$ /wai/$2 break; + {{- else }} + nginx.ingress.kubernetes.io/configuration-snippet: | + rewrite ^/{{.SandboxName}}/wai(/|$)(.*)$ /wai/$2 break; + {{- end }} {{- if .AuthEnabled }} - nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-wais&sbox={{ .SandboxName }} + nginx.ingress.kubernetes.io/auth-url: https://$http_host/auth/v1/authenticate?svc=meep-wais&sbox={{.SandboxName}}&mep={{.MepName}} {{- end }} labels: {} tls: @@ -51,5 +80,6 @@ prometheus: codecov: enabled: false + location: "/codecov/meep-wais" meepOrigin: core diff --git a/charts/minio/.helmignore b/charts/minio/.helmignore new file mode 100644 index 0000000000000000000000000000000000000000..a9fe727881178247058f26e06042e0381b39eb3b --- /dev/null +++ b/charts/minio/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# OWNERS file for Kubernetes +OWNERS \ No newline at end of file diff --git a/charts/minio/Chart.yaml b/charts/minio/Chart.yaml new file mode 100644 index 0000000000000000000000000000000000000000..299808ff5364f3e10eed6c8edbe3bba02d04f7de --- /dev/null +++ b/charts/minio/Chart.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +appVersion: master +description: High Performance, Kubernetes Native Object Storage +home: https://min.io +icon: https://min.io/resources/img/logo/MINIO_wordmark.png +keywords: +- storage +- object-storage +- S3 +maintainers: +- email: dev@minio.io + name: MinIO, Inc +name: minio +sources: +- https://github.com/minio/minio +version: 8.0.10 diff --git a/charts/minio/README.md b/charts/minio/README.md new file mode 100644 index 0000000000000000000000000000000000000000..e570e487964a5423047da82a7ebc245e08fb0f74 --- /dev/null +++ b/charts/minio/README.md @@ -0,0 +1,416 @@ +> NOTE: This helm chart is in code freeze i.e we will only update MinIO releases occastionally by bumping up the version. For latest features you are advised to start using our [MinIO operator](https://github.com/minio/operator). + +MinIO +===== + +[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads. + +MinIO supports [distributed mode](https://docs.minio.io/docs/distributed-minio-quickstart-guide). In distributed mode, you can pool multiple drives (even on different machines) into a single object storage server. + +For more detailed documentation please visit [here](https://docs.minio.io/) + +Introduction +------------ + +This chart bootstraps MinIO deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Prerequisites +------------- + +- Kubernetes 1.4+ with Beta APIs enabled for default standalone mode. +- Kubernetes 1.5+ with Beta APIs enabled to run MinIO in [distributed mode](#distributed-minio). +- PV provisioner support in the underlying infrastructure. + +Configure MinIO Helm repo +-------------------- +```bash +$ helm repo add minio https://helm.min.io/ +``` + +Installing the Chart +-------------------- + +Install this chart using: + +```bash +$ helm install --namespace minio --generate-name minio/minio +``` + +The command deploys MinIO on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +### Release name + +An instance of a chart running in a Kubernetes cluster is called a release. Each release is identified by a unique name within the cluster. Helm automatically assigns a unique release name after installing the chart. You can also set your preferred name by: + +```bash +$ helm install my-release minio/minio +``` + +### Access and Secret keys + +By default a pre-generated access and secret key will be used. To override the default keys, pass the access and secret keys as arguments to helm install. + +```bash +$ helm install --set accessKey=myaccesskey,secretKey=mysecretkey --generate-name minio/minio +``` + +### Updating MinIO configuration via Helm + +[ConfigMap](https://kubernetes.io/docs/user-guide/configmap/) allows injecting containers with configuration data even while a Helm release is deployed. + +To update your MinIO server configuration while it is deployed in a release, you need to + +1. Check all the configurable values in the MinIO chart using `helm inspect values minio/minio`. +2. Override the `minio_server_config` settings in a YAML formatted file, and then pass that file like this `helm upgrade -f config.yaml minio/minio`. +3. Restart the MinIO server(s) for the changes to take effect. + +You can also check the history of upgrades to a release using `helm history my-release`. Replace `my-release` with the actual release name. + +### Installing certificates from third party CAs + +MinIO can connect to other servers, including MinIO nodes or other server types such as NATs and Redis. If these servers use certificates that were not registered with a known CA, add trust for these certificates to MinIO Server by bundling these certificates into a Kubernetes secret and providing it to Helm via the `trustedCertsSecret` value. If `.Values.tls.enabled` is `true` and you're installing certificates for third party CAs, remember to include Minio's own certificate with key `public.crt`, if it also needs to be trusted. + +For instance, given that TLS is enabled and you need to add trust for Minio's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: + +``` +kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt +``` + +If TLS is not enabled, you would need only the third party CA: + +``` +kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt +``` + +The name of the generated secret can then be passed to Helm using a values file or the `--set` parameter: + +``` +trustedCertsSecret: "minio-trusted-certs" + +or + +--set trustedCertsSecret=minio-trusted-certs +``` + +Uninstalling the Chart +---------------------- + +Assuming your release is named as `my-release`, delete it using the command: + +```bash +$ helm delete my-release +``` + +or + +```bash +$ helm uninstall my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +Upgrading the Chart +------------------- + +You can use Helm to update MinIO version in a live release. Assuming your release is named as `my-release`, get the values using the command: + +```bash +$ helm get values my-release > old_values.yaml +``` + +Then change the field `image.tag` in `old_values.yaml` file with MinIO image tag you want to use. Now update the chart using + +```bash +$ helm upgrade -f old_values.yaml my-release minio/minio +``` + +Default upgrade strategies are specified in the `values.yaml` file. Update these fields if you'd like to use a different strategy. + +Configuration +------------- + +The following table lists the configurable parameters of the MinIO chart and their default values. + +| Parameter | Description | Default | +|:-------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------|:---------------------------------| +| `nameOverride` | Provide a name in place of `minio` | `""` | +| `fullnameOverride` | Provide a name to substitute for the full names of resources | `""` | +| `image.repository` | Image repository | `minio/minio` | +| `image.tag` | MinIO image tag. Possible values listed [here](https://hub.docker.com/r/minio/minio/tags/). | `RELEASE.2020-11-06T23-17-07Z` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `imagePullSecrets` | List of container registry secrets | `[]` | +| `mcImage.repository` | Client image repository | `minio/mc` | +| `mcImage.tag` | mc image tag. Possible values listed [here](https://hub.docker.com/r/minio/mc/tags/). | `RELEASE.2020-10-03T02-54-56Z` | +| `mcImage.pullPolicy` | mc Image pull policy | `IfNotPresent` | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.labels ` | Ingress labels | `{}` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.hosts` | Ingress accepted hostnames | `[]` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `trustedCertsSecret` | Kubernetes secret with trusted certificates to be mounted on `{{ .Values.certsPath }}/CAs` | `""` | +| `mode` | MinIO server mode (`standalone` or `distributed`) | `standalone` | +| `extraArgs` | Additional command line arguments to pass to the MinIO server | `[]` | +| `replicas` | Number of nodes (applicable only for MinIO distributed mode). | `4` | +| `zones` | Number of zones (applicable only for MinIO distributed mode). | `1` | +| `drivesPerNode` | Number of drives per node (applicable only for MinIO distributed mode). | `1` | +| `existingSecret` | Name of existing secret with access and secret key. | `""` | +| `accessKey` | Default access key (5 to 20 characters) | random 20 chars | +| `secretKey` | Default secret key (8 to 40 characters) | random 40 chars | +| `certsPath` | Default certs path location | `/etc/minio/certs` | +| `configPathmc` | Default config file location for MinIO client - mc | `/etc/minio/mc` | +| `mountPath` | Default mount location for persistent drive | `/export` | +| `bucketRoot` | Directory from where minio should serve buckets. | Value of `.mountPath` | +| `clusterDomain` | domain name of kubernetes cluster where pod is running. | `cluster.local` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.port` | Kubernetes port where service is exposed | `9000` | +| `service.externalIPs` | service external IP addresses | `nil` | +| `service.annotations` | Service annotations | `{}` | +| `serviceAccount.create` | Toggle creation of new service account | `true` | +| `serviceAccount.name` | Name of service account to create and/or use | `""` | +| `persistence.enabled` | Use persistent volume to store data | `true` | +| `persistence.size` | Size of persistent volume claim | `500Gi` | +| `persistence.existingClaim` | Use an existing PVC to persist data | `nil` | +| `persistence.storageClass` | Storage class name of PVC | `nil` | +| `persistence.accessMode` | ReadWriteOnce or ReadOnly | `ReadWriteOnce` | +| `persistence.subPath` | Mount a sub directory of the persistent volume if set | `""` | +| `resources.requests.memory` | Memory resource requests | Memory: `4Gi` | +| `priorityClassName` | Pod priority settings | `""` | +| `securityContext.enabled` | Enable to run containers as non-root. NOTE: if `persistence.enabled=false` then securityContext will be automatically disabled | `true` | +| `securityContext.runAsUser` | User id of the user for the container | `1000` | +| `securityContext.runAsGroup` | Group id of the user for the container | `1000` | +| `securityContext.fsGroup` | Group id of the persistent volume mount for the container | `1000` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `affinity` | Affinity settings for pod assignment | `{}` | +| `tolerations` | Toleration labels for pod assignment | `[]` | +| `additionalLabels` | Additional labels for Deployment in standalone mode or StatefulSet in distributed mode | `[]` | +| `additionalAnnotations` | Additional annotations for Deployment in standalone mode or StatefulSet in distributed mode | `[]` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod Labels | `{}` | +| `tls.enabled` | Enable TLS for MinIO server | `false` | +| `tls.certSecret` | Kubernetes Secret with `public.crt` and `private.key` files. | `""` | +| `defaultBucket.enabled` | If set to true, a bucket will be created after MinIO install | `false` | +| `defaultBucket.name` | Bucket name | `bucket` | +| `defaultBucket.policy` | Bucket policy | `none` | +| `defaultBucket.purge` | Purge the bucket if already exists | `false` | +| `defaultBucket.versioning` | Enable / Suspend versioning for bucket | `nil` | +| `buckets` | List of buckets to create after MinIO install | `[]` | +| `makeBucketJob.annotations` | Additional annotations for the Kubernetes Batch (make-bucket-job) | `""` | +| `makeBucketJob.podAnnotations` | Additional annotations for the pods of the Kubernetes Batch (make-bucket-job) | `""` | +| `makeBucketJob.securityContext.enabled` | Enable to run Kubernetes Batch (make-bucket-job) containers as non-root. | `false` | +| `makeBucketJob.securityContext.runAsUser` | User id of the user for the container | `1000` | +| `makeBucketJob.securityContext.runAsGroup` | Group id of the user for the container | `1000` | +| `makeBucketJob.securityContext.fsGroup` | Group id of the persistent volume mount for the container | `1000` | +| `makeBucketJob.resources.requests.memory` | Memory resource requests for 'make bucket' job | `128Mi` | +| `updatePrometheusJob.podAnnotations` | Additional annotations for the pods of the Kubernetes Batch (update-prometheus-secret) | `""` | +| `updatePrometheusJob.securityContext.enabled` | Enable to run Kubernetes Batch (update-prometheus-secret) containers as non-root. | `false` | +| `updatePrometheusJob.securityContext.runAsUser` | User id of the user for the container | `1000` | +| `updatePrometheusJob.securityContext.runAsGroup` | Group id of the user for the container | `1000` | +| `updatePrometheusJob.securityContext.fsGroup` | Group id of the persistent volume mount for the container | `1000` | +| `s3gateway.enabled` | Use MinIO as a [s3 gateway](https://github.com/minio/minio/blob/master/docs/gateway/s3.md) | `false` | +| `s3gateway.replicas` | Number of s3 gateway instances to run in parallel | `4` | +| `s3gateway.serviceEndpoint` | Endpoint to the S3 compatible service | `""` | +| `s3gateway.accessKey` | Access key of S3 compatible service | `""` | +| `s3gateway.secretKey` | Secret key of S3 compatible service | `""` | +| `azuregateway.enabled` | Use MinIO as an [azure gateway](https://docs.minio.io/docs/minio-gateway-for-azure) | `false` | +| `azuregateway.replicas` | Number of azure gateway instances to run in parallel | `4` | +| `gcsgateway.enabled` | Use MinIO as a [Google Cloud Storage gateway](https://docs.minio.io/docs/minio-gateway-for-gcs) | `false` | +| `gcsgateway.gcsKeyJson` | credential json file of service account key | `""` | +| `gcsgateway.projectId` | Google cloud project id | `""` | +| `nasgateway.enabled` | Use MinIO as a [NAS gateway](https://docs.MinIO.io/docs/minio-gateway-for-nas) | `false` | +| `nasgateway.replicas` | Number of NAS gateway instances to be run in parallel on a PV | `4` | +| `environment` | Set MinIO server relevant environment variables in `values.yaml` file. MinIO containers will be passed these variables when they start. | `MINIO_STORAGE_CLASS_STANDARD: EC:4"` | +| `metrics.serviceMonitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | +| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.namespace` | Optional namespace in which to create ServiceMonitor | `nil` | +| `metrics.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used | `nil` | +| `metrics.serviceMonitor.scrapeTimeout` | Scrape timeout. If not set, the Prometheus default scrape timeout is used | `nil` | +| `metrics.serviceMonitor.relabelConfigs` | Relabel configs that can be used on Endpoints | `{}` | +| `etcd.endpoints` | Endpoints of etcd | `[]` | +| `etcd.pathPrefix` | Prefix for all etcd keys | `""` | +| `etcd.corednsPathPrefix` | Prefix for all CoreDNS etcd keys | `""` | +| `etcd.clientCert` | Certificate used for SSL/TLS connections to etcd [(etcd Security)](https://etcd.io/docs/latest/op-guide/security/) | `""` | +| `etcd.clientCertKey` | Key for the certificate [(etcd Security)](https://etcd.io/docs/latest/op-guide/security/) | `""` | + +Some of the parameters above map to the env variables defined in the [MinIO DockerHub image](https://hub.docker.com/r/minio/minio/). + +You can specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```bash +$ helm install --name my-release --set persistence.size=1Ti minio/minio +``` + +The above command deploys MinIO server with a 1Ti backing persistent volume. + +Alternately, you can provide a YAML file that specifies parameter values while installing the chart. For example, + +```bash +$ helm install --name my-release -f values.yaml minio/minio +``` + +> **Tip**: You can use the default [values.yaml](minio/values.yaml) + +Distributed MinIO +----------- + +This chart provisions a MinIO server in standalone mode, by default. To provision MinIO server in [distributed mode](https://docs.minio.io/docs/distributed-minio-quickstart-guide), set the `mode` field to `distributed`, + +```bash +$ helm install --set mode=distributed minio/minio +``` + +This provisions MinIO server in distributed mode with 4 nodes. To change the number of nodes in your distributed MinIO server, set the `replicas` field, + +```bash +$ helm install --set mode=distributed,replicas=8 minio/minio +``` + +This provisions MinIO server in distributed mode with 8 nodes. Note that the `replicas` value should be a minimum value of 4, there is no limit on number of servers you can run. + +You can also expand an existing deployment by adding new zones, following command will create a total of 16 nodes with each zone running 8 nodes. + +```bash +$ helm install --set mode=distributed,replicas=8,zones=2 minio/minio +``` + +### StatefulSet [limitations](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/#limitations) applicable to distributed MinIO + +1. StatefulSets need persistent storage, so the `persistence.enabled` flag is ignored when `mode` is set to `distributed`. +2. When uninstalling a distributed MinIO release, you'll need to manually delete volumes associated with the StatefulSet. + +NAS Gateway +----------- + +### Prerequisites + +MinIO in [NAS gateway mode](https://docs.minio.io/docs/minio-gateway-for-nas) can be used to create multiple MinIO instances backed by single PV in `ReadWriteMany` mode. Currently few [Kubernetes volume plugins](https://kubernetes.io/docs/user-guide/persistent-volumes/#access-modes) support `ReadWriteMany` mode. To deploy MinIO NAS gateway with Helm chart you'll need to have a Persistent Volume running with one of the supported volume plugins. [This document](https://kubernetes.io/docs/user-guide/volumes/#nfs) +outlines steps to create a NFS PV in Kubernetes cluster. + +### Provision NAS Gateway MinIO instances + +To provision MinIO servers in [NAS gateway mode](https://docs.minio.io/docs/minio-gateway-for-nas), set the `nasgateway.enabled` field to `true`, + +```bash +$ helm install --set nasgateway.enabled=true minio/minio +``` + +This provisions 4 MinIO NAS gateway instances backed by single storage. To change the number of instances in your MinIO deployment, set the `replicas` field, + +```bash +$ helm install --set nasgateway.enabled=true,nasgateway.replicas=8 minio/minio +``` + +This provisions MinIO NAS gateway with 8 instances. + +Persistence +----------- + +This chart provisions a PersistentVolumeClaim and mounts corresponding persistent volume to default location `/export`. You'll need physical storage available in the Kubernetes cluster for this to work. If you'd rather use `emptyDir`, disable PersistentVolumeClaim by: + +```bash +$ helm install --set persistence.enabled=false minio/minio +``` + +> *"An emptyDir volume is first created when a Pod is assigned to a Node, and exists as long as that Pod is running on that node. When a Pod is removed from a node for any reason, the data in the emptyDir is deleted forever."* + +Existing PersistentVolumeClaim +------------------------------ + +If a Persistent Volume Claim already exists, specify it during installation. + +1. Create the PersistentVolume +2. Create the PersistentVolumeClaim +3. Install the chart + +```bash +$ helm install --set persistence.existingClaim=PVC_NAME minio/minio +``` + +NetworkPolicy +------------- + +To enable network policy for MinIO, +install [a networking plugin that implements the Kubernetes +NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), +and set `networkPolicy.enabled` to `true`. + +For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting +the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace: + + kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}" + +With NetworkPolicy enabled, traffic will be limited to just port 9000. + +For more precise policy, set `networkPolicy.allowExternal=true`. This will +only allow pods with the generated client label to connect to MinIO. +This label will be displayed in the output of a successful install. + +Existing secret +--------------- + +Instead of having this chart create the secret for you, you can supply a preexisting secret, much +like an existing PersistentVolumeClaim. + +First, create the secret: +```bash +$ kubectl create secret generic my-minio-secret --from-literal=accesskey=foobarbaz --from-literal=secretkey=foobarbazqux +``` + +Then install the chart, specifying that you want to use an existing secret: +```bash +$ helm install --set existingSecret=my-minio-secret minio/minio +``` + +The following fields are expected in the secret: + +| .data. in Secret | Corresponding variable | Description | +|:---------------------------|:------------------------|:----------------------------------------------------------------------------------| +| `accesskey` | `accessKey` | Access key ID. Mandatory. | +| `secretkey` | `secretKey` | Secret key. Mandatory. | +| `gcs_key.json` | `gcsgateway.gcsKeyJson` | GCS key if you are using the GCS gateway feature. Optional | +| `awsAccessKeyId` | `s3gateway.accessKey` | S3 access key if you are using the S3 gateway feature. Optional | +| `awsSecretAccessKey` | `s3gateway.secretKey` | S3 secret key if you are using the S3 gateway feature. Optional | +| `etcd_client_cert.pem` | `etcd.clientCert` | Certificate for SSL/TLS connections to etcd. Optional | +| `etcd_client_cert_key.pem` | `etcd.clientCertKey` | Corresponding key for certificate above. Mandatory when etcd certificate defined. | + +All corresponding variables will be ignored in values file. + +Configure TLS +------------- + +To enable TLS for MinIO containers, acquire TLS certificates from a CA or create self-signed certificates. While creating / acquiring certificates ensure the corresponding domain names are set as per the standard [DNS naming conventions](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity) in a Kubernetes StatefulSet (for a distributed MinIO setup). Then create a secret using + +```bash +$ kubectl create secret generic tls-ssl-minio --from-file=path/to/private.key --from-file=path/to/public.crt +``` + +Then install the chart, specifying that you want to use the TLS secret: + +```bash +$ helm install --set tls.enabled=true,tls.certSecret=tls-ssl-minio minio/minio +``` + +Pass environment variables to MinIO containers +---------------------------------------------- + +To pass environment variables to MinIO containers when deploying via Helm chart, use the below command line format + +```bash +$ helm install --set environment.MINIO_BROWSER=on,environment.MINIO_DOMAIN=domain-name minio/minio +``` + +You can add as many environment variables as required, using the above format. Just add `environment.=` under `set` flag. + +Create buckets after install +--------------------------- + +Install the chart, specifying the buckets you want to create after install: + +```bash +$ helm install --set buckets[0].name=bucket1,buckets[0].policy=none,buckets[0].purge=false minio/minio +``` + +Description of the configuration parameters used above - + +- `buckets[].name` - name of the bucket to create, must be a string with length > 0 +- `buckets[].policy` - can be one of none|download|upload|public +- `buckets[].purge` - purge if bucket exists already diff --git a/charts/minio/ci/distributed-values.yaml b/charts/minio/ci/distributed-values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..e6c4673808725cb2a27a482a0c8159697611a375 --- /dev/null +++ b/charts/minio/ci/distributed-values.yaml @@ -0,0 +1 @@ +mode: distributed diff --git a/charts/minio/templates/NOTES.txt b/charts/minio/templates/NOTES.txt new file mode 100644 index 0000000000000000000000000000000000000000..679f1ea8a64f4359aef64e86747fe76ee3da8d61 --- /dev/null +++ b/charts/minio/templates/NOTES.txt @@ -0,0 +1,47 @@ +{{- if eq .Values.service.type "ClusterIP" "NodePort" }} +Minio can be accessed via port {{ .Values.service.port }} on the following DNS name from within your cluster: +{{ template "minio.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local + +To access Minio from localhost, run the below commands: + + 1. export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + + 2. kubectl port-forward $POD_NAME 9000 --namespace {{ .Release.Namespace }} + +Read more about port forwarding here: http://kubernetes.io/docs/user-guide/kubectl/kubectl_port-forward/ + +You can now access Minio server on http://localhost:9000. Follow the below steps to connect to Minio server with mc client: + + 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide + + 2. Get the ACCESS_KEY=$(kubectl get secret {{ template "minio.secretName" . }} -o jsonpath="{.data.accesskey}" | base64 --decode) and the SECRET_KEY=$(kubectl get secret {{ template "minio.secretName" . }} -o jsonpath="{.data.secretkey}" | base64 --decode) + + 3. mc alias set {{ template "minio.fullname" . }}-local http://localhost:{{ .Values.service.port }} "$ACCESS_KEY" "$SECRET_KEY" --api s3v4 + + 4. mc ls {{ template "minio.fullname" . }}-local + +Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17 +{{- end }} +{{- if eq .Values.service.type "LoadBalancer" }} +Minio can be accessed via port {{ .Values.service.port }} on an external IP address. Get the service external IP address by: +kubectl get svc --namespace {{ .Release.Namespace }} -l app={{ template "minio.fullname" . }} + +Note that the public IP may take a couple of minutes to be available. + +You can now access Minio server on http://:9000. Follow the below steps to connect to Minio server with mc client: + + 1. Download the Minio mc client - https://docs.minio.io/docs/minio-client-quickstart-guide + + 2. Get the ACCESS_KEY=$(kubectl get secret {{ template "minio.secretName" . }} --namespace {{ .Release.Namespace }} -o jsonpath="{.data.accesskey}" | base64 --decode) and the SECRET_KEY=$(kubectl get secret {{ template "minio.secretName" . }} --namespace {{ .Release.Namespace }} -o jsonpath="{.data.secretkey}" | base64 --decode) + 3. mc alias set {{ template "minio.fullname" . }} http://:{{ .Values.service.port }} "$ACCESS_KEY" "$SECRET_KEY" --api s3v4 + + 4. mc ls {{ template "minio.fullname" . }} + +Alternately, you can use your browser or the Minio SDK to access the server - https://docs.minio.io/categories/17 +{{- end }} + +{{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} +Note: Since NetworkPolicy is enabled, only pods with label +{{ template "minio.fullname" . }}-client=true" +will be able to connect to this minio cluster. +{{- end }} diff --git a/charts/minio/templates/_helper_create_bucket.txt b/charts/minio/templates/_helper_create_bucket.txt new file mode 100644 index 0000000000000000000000000000000000000000..ad2f546b7581ad15dd56aaf8c5bdce4d3c959449 --- /dev/null +++ b/charts/minio/templates/_helper_create_bucket.txt @@ -0,0 +1,111 @@ +#!/bin/sh +set -e ; # Have script exit in the event of a failed command. + +{{- if .Values.configPathmc }} +MC_CONFIG_DIR="{{ .Values.configPathmc }}" +MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}" +{{- else }} +MC="/usr/bin/mc --insecure" +{{- end }} + +# connectToMinio +# Use a check-sleep-check loop to wait for Minio service to be available +connectToMinio() { + SCHEME=$1 + ATTEMPTS=0 ; LIMIT=29 ; # Allow 30 attempts + set -e ; # fail if we can't read the keys. + ACCESS=$(cat /config/accesskey) ; SECRET=$(cat /config/secretkey) ; + set +e ; # The connections to minio are allowed to fail. + echo "Connecting to Minio server: $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT" ; + MC_COMMAND="${MC} config host add myminio $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT $ACCESS $SECRET" ; + $MC_COMMAND ; + STATUS=$? ; + until [ $STATUS = 0 ] + do + ATTEMPTS=`expr $ATTEMPTS + 1` ; + echo \"Failed attempts: $ATTEMPTS\" ; + if [ $ATTEMPTS -gt $LIMIT ]; then + exit 1 ; + fi ; + sleep 2 ; # 1 second intervals between attempts + $MC_COMMAND ; + STATUS=$? ; + done ; + set -e ; # reset `e` as active + return 0 +} + +# checkBucketExists ($bucket) +# Check if the bucket exists, by using the exit code of `mc ls` +checkBucketExists() { + BUCKET=$1 + CMD=$(${MC} ls myminio/$BUCKET > /dev/null 2>&1) + return $? +} + +# createBucket ($bucket, $policy, $purge) +# Ensure bucket exists, purging if asked to +createBucket() { + BUCKET=$1 + POLICY=$2 + PURGE=$3 + VERSIONING=$4 + + # Purge the bucket, if set & exists + # Since PURGE is user input, check explicitly for `true` + if [ $PURGE = true ]; then + if checkBucketExists $BUCKET ; then + echo "Purging bucket '$BUCKET'." + set +e ; # don't exit if this fails + ${MC} rm -r --force myminio/$BUCKET + set -e ; # reset `e` as active + else + echo "Bucket '$BUCKET' does not exist, skipping purge." + fi + fi + + # Create the bucket if it does not exist + if ! checkBucketExists $BUCKET ; then + echo "Creating bucket '$BUCKET'" + ${MC} mb myminio/$BUCKET + else + echo "Bucket '$BUCKET' already exists." + fi + + + # set versioning for bucket + if [ ! -z $VERSIONING ] ; then + if [ $VERSIONING = true ] ; then + echo "Enabling versioning for '$BUCKET'" + ${MC} version enable myminio/$BUCKET + elif [ $VERSIONING = false ] ; then + echo "Suspending versioning for '$BUCKET'" + ${MC} version suspend myminio/$BUCKET + fi + else + echo "Bucket '$BUCKET' versioning unchanged." + fi + + # At this point, the bucket should exist, skip checking for existence + # Set policy on the bucket + echo "Setting policy of bucket '$BUCKET' to '$POLICY'." + ${MC} policy set $POLICY myminio/$BUCKET +} + +# Try connecting to Minio instance +{{- if .Values.tls.enabled }} +scheme=https +{{- else }} +scheme=http +{{- end }} +connectToMinio $scheme + +{{- if or .Values.defaultBucket.enabled }} +# Create the bucket +createBucket {{ .Values.defaultBucket.name }} {{ .Values.defaultBucket.policy }} {{ .Values.defaultBucket.purge }} {{ .Values.defaultBucket.versioning }} +{{ else if .Values.buckets }} +# Create the buckets +{{- range .Values.buckets }} +createBucket {{ .name }} {{ .policy }} {{ .purge }} {{ .versioning }} +{{- end }} +{{- end }} diff --git a/charts/minio/templates/_helpers.tpl b/charts/minio/templates/_helpers.tpl new file mode 100644 index 0000000000000000000000000000000000000000..0b14618a0a34851a2e422d1cede03b7ac37e7810 --- /dev/null +++ b/charts/minio/templates/_helpers.tpl @@ -0,0 +1,182 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "minio.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "minio.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "minio.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "minio.networkPolicy.apiVersion" -}} +{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.Version -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "^1.7-0" .Capabilities.KubeVersion.Version -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for deployment. +*/}} +{{- define "minio.deployment.apiVersion" -}} +{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.Version -}} +{{- print "apps/v1beta2" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for statefulset. +*/}} +{{- define "minio.statefulset.apiVersion" -}} +{{- if semverCompare "<1.16-0" .Capabilities.KubeVersion.Version -}} +{{- print "apps/v1beta2" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for ingress. +*/}} +{{- define "minio.ingress.apiVersion" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- end -}} +{{- end -}} + +{{/* +Determine secret name. +*/}} +{{- define "minio.secretName" -}} +{{- if .Values.existingSecret -}} +{{- .Values.existingSecret }} +{{- else -}} +{{- include "minio.fullname" . -}} +{{- end -}} +{{- end -}} + +{{/* +Determine service account name for deployment or statefulset. +*/}} +{{- define "minio.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} +{{- default (include "minio.fullname" .) .Values.serviceAccount.name | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- default "default" .Values.serviceAccount.name -}} +{{- end -}} +{{- end -}} + +{{/* +Determine name for scc role and rolebinding +*/}} +{{- define "minio.sccRoleName" -}} +{{- printf "%s-%s" "scc" (include "minio.fullname" .) | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Properly format optional additional arguments to Minio binary +*/}} +{{- define "minio.extraArgs" -}} +{{- range .Values.extraArgs -}} +{{ " " }}{{ . }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "minio.imagePullSecrets" -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. +Also, we can not use a single if because lazy evaluation is not an option +*/}} +{{- if .Values.global }} +{{- if .Values.global.imagePullSecrets }} +imagePullSecrets: +{{- range .Values.global.imagePullSecrets }} + - name: {{ . }} +{{- end }} +{{- else if .Values.imagePullSecrets }} +imagePullSecrets: + {{ toYaml .Values.imagePullSecrets }} +{{- end -}} +{{- else if .Values.imagePullSecrets }} +imagePullSecrets: + {{ toYaml .Values.imagePullSecrets }} +{{- end -}} +{{- end -}} + +{{/* +Formats volumeMount for Minio tls keys and trusted certs +*/}} +{{- define "minio.tlsKeysVolumeMount" -}} +{{- if .Values.tls.enabled }} +- name: cert-secret-volume + mountPath: {{ .Values.certsPath }} +{{- end }} +{{- if or .Values.tls.enabled (ne .Values.trustedCertsSecret "") }} +{{- $casPath := printf "%s/CAs" .Values.certsPath | clean }} +- name: trusted-cert-secret-volume + mountPath: {{ $casPath }} +{{- end }} +{{- end -}} + +{{/* +Formats volume for Minio tls keys and trusted certs +*/}} +{{- define "minio.tlsKeysVolume" -}} +{{- if .Values.tls.enabled }} +- name: cert-secret-volume + secret: + secretName: {{ .Values.tls.certSecret }} + items: + - key: {{ .Values.tls.publicCrt }} + path: public.crt + - key: {{ .Values.tls.privateKey }} + path: private.key +{{- end }} +{{- if or .Values.tls.enabled (ne .Values.trustedCertsSecret "") }} +{{- $certSecret := eq .Values.trustedCertsSecret "" | ternary .Values.tls.certSecret .Values.trustedCertsSecret }} +{{- $publicCrt := eq .Values.trustedCertsSecret "" | ternary .Values.tls.publicCrt "" }} +- name: trusted-cert-secret-volume + secret: + secretName: {{ $certSecret }} + {{- if ne $publicCrt "" }} + items: + - key: {{ $publicCrt }} + path: public.crt + {{- end }} +{{- end }} +{{- end -}} diff --git a/charts/minio/templates/clusterroles.yaml b/charts/minio/templates/clusterroles.yaml new file mode 100644 index 0000000000000000000000000000000000000000..c4d9a9371b57bfa7dc3b0d48e6eb61cef9340d1f --- /dev/null +++ b/charts/minio/templates/clusterroles.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.securityContext.enabled .Values.persistence.enabled (.Capabilities.APIVersions.Has "security.openshift.io/v1") }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "minio.serviceAccountName" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - security.openshift.io + resources: + - securitycontextconstraints + resourceNames: + - {{ template "minio.fullname" . }} + verbs: + - use +{{- end }} diff --git a/charts/minio/templates/configmap.yaml b/charts/minio/templates/configmap.yaml new file mode 100644 index 0000000000000000000000000000000000000000..cb11fcd7dda2dd947603d4e91303dd1411cfdba3 --- /dev/null +++ b/charts/minio/templates/configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + initialize: |- +{{ include (print $.Template.BasePath "/_helper_create_bucket.txt") . | indent 4 }} diff --git a/charts/minio/templates/deployment.yaml b/charts/minio/templates/deployment.yaml new file mode 100644 index 0000000000000000000000000000000000000000..8df0e74105bdfd1f5578909f7f501d2533ff4daf --- /dev/null +++ b/charts/minio/templates/deployment.yaml @@ -0,0 +1,210 @@ +{{- if eq .Values.mode "standalone" }} +{{ $scheme := "http" }} +{{- if .Values.tls.enabled }} +{{ $scheme = "https" }} +{{ end }} +{{ $bucketRoot := or ($.Values.bucketRoot) ($.Values.mountPath) }} +apiVersion: {{ template "minio.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.additionalLabels }} +{{ toYaml .Values.additionalLabels | trimSuffix "\n" | indent 4 }} +{{- end }} +{{- if .Values.additionalAnnotations }} + annotations: +{{ toYaml .Values.additionalAnnotations | trimSuffix "\n" | indent 4 }} +{{- end }} +spec: + strategy: + type: {{ .Values.DeploymentUpdate.type }} + {{- if eq .Values.DeploymentUpdate.type "RollingUpdate" }} + rollingUpdate: + maxSurge: {{ .Values.DeploymentUpdate.maxSurge }} + maxUnavailable: {{ .Values.DeploymentUpdate.maxUnavailable }} + {{- end}} + {{- if .Values.nasgateway.enabled }} + replicas: {{ .Values.nasgateway.replicas }} + {{- end }} + {{- if .Values.s3gateway.enabled }} + replicas: {{ .Values.s3gateway.replicas }} + {{- end }} + {{- if .Values.azuregateway.enabled }} + replicas: {{ .Values.azuregateway.replicas }} + {{- end }} + {{- if .Values.gcsgateway.enabled }} + replicas: {{ .Values.gcsgateway.replicas }} + {{- end }} + selector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + template: + metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} +{{- end }} + annotations: + checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} +{{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | trimSuffix "\n" | indent 8 }} +{{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + serviceAccountName: {{ include "minio.serviceAccountName" . | quote }} +{{- if and .Values.securityContext.enabled .Values.persistence.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup }} + fsGroup: {{ .Values.securityContext.fsGroup }} +{{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.s3gateway.enabled }} + command: + - "/bin/sh" + - "-ce" + - "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} gateway s3 {{ .Values.s3gateway.serviceEndpoint }} {{- template "minio.extraArgs" . }}" + {{- else }} + {{- if .Values.azuregateway.enabled }} + command: + - "/bin/sh" + - "-ce" + - "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} gateway azure {{- template "minio.extraArgs" . }}" + {{- else }} + {{- if .Values.gcsgateway.enabled }} + command: + - "/bin/sh" + - "-ce" + - "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} gateway gcs {{ .Values.gcsgateway.projectId }} {{- template "minio.extraArgs" . }}" + {{- else }} + {{- if .Values.nasgateway.enabled }} + command: + - "/bin/sh" + - "-ce" + - "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} gateway nas {{ $bucketRoot }} {{- template "minio.extraArgs" . }}" + {{- else }} + command: + - "/bin/sh" + - "-ce" + - "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} server {{ $bucketRoot }} {{- template "minio.extraArgs" . }}" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + volumeMounts: + {{- if and .Values.persistence.enabled (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }} + - name: export + mountPath: {{ .Values.mountPath }} + {{- if .Values.persistence.subPath }} + subPath: "{{ .Values.persistence.subPath }}" + {{- end }} + {{- end }} + {{- if or .Values.gcsgateway.enabled .Values.etcd.clientCert .Values.etcd.clientCertKey }} + - name: minio-user + mountPath: "/etc/credentials" + readOnly: true + {{- end }} + {{- include "minio.tlsKeysVolumeMount" . | indent 12 }} + ports: + - name: {{ $scheme }} + containerPort: 9000 + env: + - name: MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: accesskey + - name: MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: secretkey + {{- if and .Values.gcsgateway.enabled .Values.gcsgateway.gcsKeyJson }} + - name: GOOGLE_APPLICATION_CREDENTIALS + value: "/etc/credentials/gcs_key.json" + {{- end }} + {{- if .Values.etcd.endpoints }} + - name: MINIO_ETCD_ENDPOINTS + value: {{ join "," .Values.etcd.endpoints | quote }} + {{- if .Values.etcd.clientCert }} + - name: MINIO_ETCD_CLIENT_CERT + value: "/etc/credentials/etcd_client_cert.pem" + {{- end }} + {{- if .Values.etcd.clientCertKey }} + - name: MINIO_ETCD_CLIENT_CERT_KEY + value: "/etc/credentials/etcd_client_cert_key.pem" + {{- end }} + {{- if .Values.etcd.pathPrefix }} + - name: MINIO_ETCD_PATH_PREFIX + value: {{ .Values.etcd.pathPrefix }} + {{- end }} + {{- if .Values.etcd.corednsPathPrefix }} + - name: MINIO_ETCD_COREDNS_PATH + value: {{ .Values.etcd.corednsPathPrefix }} + {{- end }} + {{- end }} + {{- if .Values.s3gateway.enabled -}} + {{- if or .Values.s3gateway.accessKey .Values.existingSecret }} + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: awsAccessKeyId + {{- end }} + {{- if or .Values.s3gateway.secretKey .Values.existingSecret }} + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: awsSecretAccessKey + {{- end }} + {{- end }} + {{- range $key, $val := .Values.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + resources: +{{ toYaml .Values.resources | indent 12 }} +{{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} +{{- end }} +{{- include "minio.imagePullSecrets" . | indent 6 }} +{{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} + volumes: + {{- if and (not .Values.gcsgateway.enabled) (not .Values.azuregateway.enabled) (not .Values.s3gateway.enabled) }} + - name: export + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.existingClaim | default (include "minio.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} + {{- end }} + - name: minio-user + secret: + secretName: {{ template "minio.secretName" . }} + {{- include "minio.tlsKeysVolume" . | indent 8 }} +{{- end }} diff --git a/charts/minio/templates/ingress.yaml b/charts/minio/templates/ingress.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ba9e61cb1fcfa8f21f7d573adc9dc55d394a2553 --- /dev/null +++ b/charts/minio/templates/ingress.yaml @@ -0,0 +1,46 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "minio.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +apiVersion: {{ template "minio.ingress.apiVersion" . }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.labels }} +{{ toYaml . | indent 4 }} +{{- end }} + +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - http: + paths: + {{- range $path := .paths }} + - path: {{ $path }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} + {{- if .name }} + host: {{ .name }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/minio/templates/networkpolicy.yaml b/charts/minio/templates/networkpolicy.yaml new file mode 100644 index 0000000000000000000000000000000000000000..de57f485fee036542cbbb39d8c88f76716ed9688 --- /dev/null +++ b/charts/minio/templates/networkpolicy.yaml @@ -0,0 +1,25 @@ +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ template "minio.networkPolicy.apiVersion" . }} +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + podSelector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + ingress: + - ports: + - port: {{ .Values.service.port }} + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "minio.name" . }}-client: "true" + {{- end }} +{{- end }} diff --git a/charts/minio/templates/poddisruptionbudget.yaml b/charts/minio/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000000000000000000000000000000000000..1de813b8b8002eb9e20e5dec9f96fd76e1d3f279 --- /dev/null +++ b/charts/minio/templates/poddisruptionbudget.yaml @@ -0,0 +1,13 @@ +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: minio + labels: + app: {{ template "minio.name" . }} +spec: + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + selector: + matchLabels: + app: {{ template "minio.name" . }} +{{- end }} \ No newline at end of file diff --git a/charts/minio/templates/post-install-create-bucket-job.yaml b/charts/minio/templates/post-install-create-bucket-job.yaml new file mode 100644 index 0000000000000000000000000000000000000000..27e30d4ab73bdeb4cc618358c5d697225d5c5608 --- /dev/null +++ b/charts/minio/templates/post-install-create-bucket-job.yaml @@ -0,0 +1,87 @@ +{{- if or .Values.defaultBucket.enabled .Values.buckets }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "minio.fullname" . }}-make-bucket-job + labels: + app: {{ template "minio.name" . }}-make-bucket-job + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation +{{- with .Values.makeBucketJob.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +spec: + template: + metadata: + labels: + app: {{ template "minio.name" . }}-job + release: {{ .Release.Name }} +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} +{{- end }} +{{- if .Values.makeBucketJob.podAnnotations }} + annotations: +{{ toYaml .Values.makeBucketJob.podAnnotations | indent 8 }} +{{- end }} + spec: + restartPolicy: OnFailure +{{- include "minio.imagePullSecrets" . | indent 6 }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} +{{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.makeBucketJob.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.makeBucketJob.securityContext.runAsUser }} + runAsGroup: {{ .Values.makeBucketJob.securityContext.runAsGroup }} + fsGroup: {{ .Values.makeBucketJob.securityContext.fsGroup }} +{{- end }} + volumes: + - name: minio-configuration + projected: + sources: + - configMap: + name: {{ template "minio.fullname" . }} + - secret: + name: {{ template "minio.secretName" . }} + {{- if .Values.tls.enabled }} + - name: cert-secret-volume-mc + secret: + secretName: {{ .Values.tls.certSecret }} + items: + - key: {{ .Values.tls.publicCrt }} + path: CAs/public.crt + {{ end }} + serviceAccountName: {{ include "minio.serviceAccountName" . | quote }} + containers: + - name: minio-mc + image: "{{ .Values.mcImage.repository }}:{{ .Values.mcImage.tag }}" + imagePullPolicy: {{ .Values.mcImage.pullPolicy }} + command: ["/bin/sh", "/config/initialize"] + env: + - name: MINIO_ENDPOINT + value: {{ template "minio.fullname" . }} + - name: MINIO_PORT + value: {{ .Values.service.port | quote }} + volumeMounts: + - name: minio-configuration + mountPath: /config + {{- if .Values.tls.enabled }} + - name: cert-secret-volume-mc + mountPath: {{ .Values.configPathmc }}certs + {{ end }} + resources: +{{ toYaml .Values.makeBucketJob.resources | indent 10 }} +{{- end }} diff --git a/charts/minio/templates/post-install-prometheus-metrics-job.yaml b/charts/minio/templates/post-install-prometheus-metrics-job.yaml new file mode 100644 index 0000000000000000000000000000000000000000..d7590db7c9c74487c2c836aaba32c774a9f77c58 --- /dev/null +++ b/charts/minio/templates/post-install-prometheus-metrics-job.yaml @@ -0,0 +1,135 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +{{- $fullName := include "minio.fullname" . -}} +{{ $scheme := "http" }} +{{- if .Values.tls.enabled }} +{{ $scheme = "https" }} +{{ end }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $fullName }}-update-prometheus-secret + labels: + app: {{ template "minio.name" . }}-update-prometheus-secret + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation + {{ toYaml .Values.updatePrometheusJob.annotations | indent 4 }} +spec: + template: + metadata: + labels: + app: {{ template "minio.name" . }}-update-prometheus-secret + release: {{ .Release.Name }} +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} +{{- end }} +{{- if .Values.updatePrometheusJob.podAnnotations }} + annotations: +{{ toYaml .Values.updatePrometheusJob.podAnnotations | indent 8 }} +{{- end }} + spec: +{{- if .Values.serviceAccount.create }} + serviceAccountName: {{ $fullName }}-update-prometheus-secret +{{- end }} + restartPolicy: OnFailure +{{- include "minio.imagePullSecrets" . | indent 6 }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} +{{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} +{{- end }} +{{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} +{{- end }} +{{- if .Values.updatePrometheusJob.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.updatePrometheusJob.securityContext.runAsUser }} + runAsGroup: {{ .Values.updatePrometheusJob.securityContext.runAsGroup }} + fsGroup: {{ .Values.updatePrometheusJob.securityContext.fsGroup }} +{{- end }} + volumes: + - name: workdir + emptyDir: {} + initContainers: + - name: minio-mc + image: "{{ .Values.mcImage.repository }}:{{ .Values.mcImage.tag }}" + imagePullPolicy: {{ .Values.mcImage.pullPolicy }} + command: + - /bin/sh + - "-c" + - mc --config-dir {{ .Values.configPathmc }} admin prometheus generate target --json --no-color -q > /workdir/mc.json + env: + - name: MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: accesskey + - name: MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: secretkey + # mc admin prometheus generate don't really connect to remote server, TLS cert isn't required + - name: MC_HOST_target + value: {{ $scheme }}://$(MINIO_ACCESS_KEY):$(MINIO_SECRET_KEY)@{{ $fullName }}:{{ .Values.service.port }} + volumeMounts: + - name: workdir + mountPath: /workdir + resources: +{{ toYaml .Values.resources | indent 12 }} + # extract bearerToken from mc admin output + - name: jq + image: "{{ .Values.helmKubectlJqImage.repository }}:{{ .Values.helmKubectlJqImage.tag }}" + imagePullPolicy: {{ .Values.helmKubectlJqImage.pullPolicy }} + command: + - /bin/sh + - "-c" + - jq -e -c -j -r .bearerToken < /workdir/mc.json > /workdir/token + volumeMounts: + - name: workdir + mountPath: /workdir + resources: +{{ toYaml .Values.resources | indent 12 }} + - name: kubectl-create + image: "{{ .Values.helmKubectlJqImage.repository }}:{{ .Values.helmKubectlJqImage.tag }}" + imagePullPolicy: {{ .Values.helmKubectlJqImage.pullPolicy }} + command: + - /bin/sh + - "-c" + # The following script does: + # - get the servicemonitor that need this secret and copy some metadata and create the ownerreference for the secret file + # - create the secret + # - merge both json + - > + kubectl -n {{ .Release.Namespace }} get servicemonitor {{ $fullName }} -o json | + jq -c '{metadata: {name: "{{ $fullName }}-prometheus", namespace: .metadata.namespace, labels: {app: .metadata.labels.app, release: .metadata.labels.release}, ownerReferences: [{apiVersion: .apiVersion, kind: .kind, blockOwnerDeletion: true, controller: true, uid: .metadata.uid, name: .metadata.name}]}}' > /workdir/metadata.json && + kubectl create secret generic {{ $fullName }}-prometheus --from-file=token=/workdir/token --dry-run -o json > /workdir/secret.json && + cat /workdir/secret.json /workdir/metadata.json | jq -s add > /workdir/object.json + volumeMounts: + - name: workdir + mountPath: /workdir + resources: +{{ toYaml .Values.resources | indent 12 }} + containers: + - name: kubectl-apply + image: "{{ .Values.helmKubectlJqImage.repository }}:{{ .Values.helmKubectlJqImage.tag }}" + imagePullPolicy: {{ .Values.helmKubectlJqImage.pullPolicy }} + command: + - kubectl + - apply + - "-f" + - /workdir/object.json + volumeMounts: + - name: workdir + mountPath: /workdir + resources: +{{ toYaml .Values.resources | indent 12 }} +{{- end }} diff --git a/charts/minio/templates/post-install-prometheus-metrics-role.yaml b/charts/minio/templates/post-install-prometheus-metrics-role.yaml new file mode 100644 index 0000000000000000000000000000000000000000..26c0ce7edc44844420356243333264d37fe51364 --- /dev/null +++ b/charts/minio/templates/post-install-prometheus-metrics-role.yaml @@ -0,0 +1,38 @@ +{{- if .Values.serviceAccount.create -}} +{{- $fullName := include "minio.fullname" . -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ $fullName }}-update-prometheus-secret + labels: + app: {{ template "minio.name" . }}-update-prometheus-secret + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - create + - update + - patch + resourceNames: + - {{ $fullName }}-prometheus + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + resourceNames: + - {{ $fullName }} +{{- end -}} \ No newline at end of file diff --git a/charts/minio/templates/post-install-prometheus-metrics-rolebinding.yaml b/charts/minio/templates/post-install-prometheus-metrics-rolebinding.yaml new file mode 100644 index 0000000000000000000000000000000000000000..7d0ea75b7524e1a407652fd33c8ac7d05677be1f --- /dev/null +++ b/charts/minio/templates/post-install-prometheus-metrics-rolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.serviceAccount.create -}} +{{- $fullName := include "minio.fullname" . -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ $fullName }}-update-prometheus-secret + labels: + app: {{ template "minio.name" . }}-update-prometheus-secret + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ $fullName }}-update-prometheus-secret +subjects: + - kind: ServiceAccount + name: {{ $fullName }}-update-prometheus-secret + namespace: {{ .Release.Namespace | quote }} +{{- end -}} \ No newline at end of file diff --git a/charts/minio/templates/post-install-prometheus-metrics-serviceaccount.yaml b/charts/minio/templates/post-install-prometheus-metrics-serviceaccount.yaml new file mode 100644 index 0000000000000000000000000000000000000000..050d368a5623edf5b52a04ea1bb91a4b024a4462 --- /dev/null +++ b/charts/minio/templates/post-install-prometheus-metrics-serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +{{- $fullName := include "minio.fullname" . -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ $fullName }}-update-prometheus-secret + labels: + app: {{ template "minio.name" . }}-update-prometheus-secret + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end -}} \ No newline at end of file diff --git a/charts/minio/templates/pv.yaml b/charts/minio/templates/pv.yaml new file mode 100755 index 0000000000000000000000000000000000000000..3f7b2f50f083fe7cc46abafa856dacefe05c8766 --- /dev/null +++ b/charts/minio/templates/pv.yaml @@ -0,0 +1,22 @@ +{{- if eq .Values.mode "standalone" }} +{{- if .Values.persistence.enabled}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.reclaimPolicy }} + hostPath: + path: "{{.Values.persistence.location}}" + storageClassName: {{ template "minio.fullname" . }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/minio/templates/pvc.yaml b/charts/minio/templates/pvc.yaml new file mode 100755 index 0000000000000000000000000000000000000000..1434506b158edae697f25d1f407fc43f5e5bce5c --- /dev/null +++ b/charts/minio/templates/pvc.yaml @@ -0,0 +1,32 @@ +{{- if eq .Values.mode "standalone" }} +{{- if .Values.persistence.enabled }} +{{- if not .Values.persistence.existingClaim -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.fullname" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} +{{- if (eq "fullname" .Values.persistence.storageClass) }} + storageClassName: "{{ template "minio.fullname" . }}" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/minio/templates/rolebindings.yaml b/charts/minio/templates/rolebindings.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ea8b98c58578779c0889292cd39ee92caa8b2fa6 --- /dev/null +++ b/charts/minio/templates/rolebindings.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.securityContext.enabled .Values.persistence.enabled (.Capabilities.APIVersions.Has "security.openshift.io/v1") }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "minio.serviceAccountName" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + namespace: {{ .Release.Namespace | quote }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "minio.serviceAccountName" . }} +subjects: +- kind: ServiceAccount + name: {{ template "minio.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/charts/minio/templates/secrets.yaml b/charts/minio/templates/secrets.yaml new file mode 100644 index 0000000000000000000000000000000000000000..c254142f92b587e2ba2e803e2fb1abacc0b821f0 --- /dev/null +++ b/charts/minio/templates/secrets.yaml @@ -0,0 +1,32 @@ +{{- if not .Values.existingSecret }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "minio.secretName" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} + secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }} +{{- if and .Values.gcsgateway.enabled .Values.gcsgateway.gcsKeyJson }} + gcs_key.json: {{ .Values.gcsgateway.gcsKeyJson | toString | b64enc }} +{{- end }} +{{- if .Values.s3gateway.enabled -}} +{{- if .Values.s3gateway.accessKey }} + awsAccessKeyId: {{ .Values.s3gateway.accessKey | toString | b64enc | quote }} +{{- end }} +{{- if .Values.s3gateway.secretKey }} + awsSecretAccessKey: {{ .Values.s3gateway.secretKey | toString | b64enc | quote }} +{{- end }} +{{- end }} +{{- if .Values.etcd.clientCert }} + etcd_client_cert.pem: {{ .Values.etcd.clientCert | toString | b64enc | quote }} +{{- end }} +{{- if .Values.etcd.clientCertKey }} + etcd_client_cert_key.pem: {{ .Values.etcd.clientCertKey | toString | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/charts/minio/templates/securitycontextconstraints.yaml b/charts/minio/templates/securitycontextconstraints.yaml new file mode 100644 index 0000000000000000000000000000000000000000..4bac7e3728fe9bfdf126c940767c4c2d8be83fae --- /dev/null +++ b/charts/minio/templates/securitycontextconstraints.yaml @@ -0,0 +1,45 @@ +{{- if and .Values.securityContext.enabled .Values.persistence.enabled (.Capabilities.APIVersions.Has "security.openshift.io/v1") }} +apiVersion: security.openshift.io/v1 +kind: SecurityContextConstraints +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +allowHostDirVolumePlugin: false +allowHostIPC: false +allowHostNetwork: false +allowHostPID: false +allowHostPorts: false +allowPrivilegeEscalation: true +allowPrivilegedContainer: false +allowedCapabilities: [] +readOnlyRootFilesystem: false +defaultAddCapabilities: [] +requiredDropCapabilities: +- KILL +- MKNOD +- SETUID +- SETGID +fsGroup: + type: MustRunAs + ranges: + - max: {{ .Values.securityContext.fsGroup }} + min: {{ .Values.securityContext.fsGroup }} +runAsUser: + type: MustRunAs + uid: {{ .Values.securityContext.runAsUser }} +seLinuxContext: + type: MustRunAs +supplementalGroups: + type: RunAsAny +volumes: +- configMap +- downwardAPI +- emptyDir +- persistentVolumeClaim +- projected +- secret +{{- end }} diff --git a/charts/minio/templates/service.yaml b/charts/minio/templates/service.yaml new file mode 100644 index 0000000000000000000000000000000000000000..ea681e22079c002f2560435452f67e52ea666d1d --- /dev/null +++ b/charts/minio/templates/service.yaml @@ -0,0 +1,47 @@ +{{ $scheme := "http" }} +{{- if .Values.tls.enabled }} +{{ $scheme = "https" }} +{{ end }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} +spec: +{{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }} + type: ClusterIP + {{- if not (empty .Values.service.clusterIP) }} + clusterIP: {{ .Values.service.clusterIP }} + {{end}} +{{- else if eq .Values.service.type "LoadBalancer" }} + type: {{ .Values.service.type }} + loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} +{{- else }} + type: {{ .Values.service.type }} +{{- end }} + ports: + - name: {{ $scheme }} + port: {{ .Values.service.port }} + protocol: TCP +{{- if (and (eq .Values.service.type "NodePort") ( .Values.service.nodePort)) }} + nodePort: {{ .Values.service.nodePort }} +{{- else }} + targetPort: 9000 +{{- end}} +{{- if .Values.service.externalIPs }} + externalIPs: +{{- range $i , $ip := .Values.service.externalIPs }} + - {{ $ip }} +{{- end }} +{{- end }} + selector: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} diff --git a/charts/minio/templates/serviceaccount.yaml b/charts/minio/templates/serviceaccount.yaml new file mode 100644 index 0000000000000000000000000000000000000000..243dfef538f1a468293757b39cf7e9550c7c39a1 --- /dev/null +++ b/charts/minio/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "minio.serviceAccountName" . | quote }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: "{{ .Release.Name }}" +{{- end -}} diff --git a/charts/minio/templates/servicemonitor.yaml b/charts/minio/templates/servicemonitor.yaml new file mode 100644 index 0000000000000000000000000000000000000000..2f474cbabf8340488055669451c596aa831d265c --- /dev/null +++ b/charts/minio/templates/servicemonitor.yaml @@ -0,0 +1,44 @@ +{{- if .Values.metrics.serviceMonitor.enabled }} +{{ $scheme := "http" }} +{{- if .Values.tls.enabled }} +{{ $scheme = "https" }} +{{ end }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "minio.fullname" . }} + {{- if .Values.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.metrics.serviceMonitor.namespace }} + {{- end }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + {{- if .Values.metrics.serviceMonitor.additionalLabels }} +{{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ $scheme }} + path: /minio/prometheus/metrics + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelConfigs }} +{{ toYaml .Values.metrics.serviceMonitor.relabelConfigs | indent 6 }} + {{- end }} + bearerTokenSecret: + name: {{ template "minio.fullname" . }}-prometheus + key: token + namespaceSelector: + matchNames: + - {{ .Release.Namespace | quote }} + selector: + matchLabels: + app: {{ include "minio.name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/charts/minio/templates/statefulset.yaml b/charts/minio/templates/statefulset.yaml new file mode 100644 index 0000000000000000000000000000000000000000..864b9558b27bca01fccb47064900f5b26ec2a43e --- /dev/null +++ b/charts/minio/templates/statefulset.yaml @@ -0,0 +1,181 @@ +{{- if eq .Values.mode "distributed" }} +{{ $zoneCount := .Values.zones | int }} +{{ $nodeCount := .Values.replicas | int }} +{{ $drivesPerNode := .Values.drivesPerNode | int }} +{{ $scheme := "http" }} +{{- if .Values.tls.enabled }} +{{ $scheme = "https" }} +{{ end }} +{{ $mountPath := .Values.mountPath }} +{{ $bucketRoot := or ($.Values.bucketRoot) ($.Values.mountPath) }} +{{ $subPath := .Values.persistence.subPath }} +{{ $penabled := .Values.persistence.enabled }} +{{ $accessMode := .Values.persistence.accessMode }} +{{ $storageClass := .Values.persistence.storageClass }} +{{ $psize := .Values.persistence.size }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "minio.fullname" . }}-svc + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + publishNotReadyAddresses: true + clusterIP: None + ports: + - name: {{ $scheme }} + port: {{ .Values.service.port }} + protocol: TCP + selector: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} +--- +apiVersion: {{ template "minio.statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + chart: {{ template "minio.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.additionalLabels }} +{{ toYaml .Values.additionalLabels | trimSuffix "\n" | indent 4 }} +{{- end }} +{{- if .Values.additionalAnnotations }} + annotations: +{{ toYaml .Values.additionalAnnotations | trimSuffix "\n" | indent 4 }} +{{- end }} +spec: + updateStrategy: + type: {{ .Values.StatefulSetUpdate.updateStrategy }} + podManagementPolicy: "Parallel" + serviceName: {{ template "minio.fullname" . }}-svc + replicas: {{ mul $zoneCount $nodeCount }} + selector: + matchLabels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} + template: + metadata: + name: {{ template "minio.fullname" . }} + labels: + app: {{ template "minio.name" . }} + release: {{ .Release.Name }} +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | indent 8 }} +{{- end }} + annotations: + checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} +{{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | trimSuffix "\n" | indent 8 }} +{{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + serviceAccountName: {{ include "minio.serviceAccountName" . | quote }} +{{- if and .Values.securityContext.enabled .Values.persistence.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup }} + fsGroup: {{ .Values.securityContext.fsGroup }} +{{- end }} + containers: + - name: {{ .Chart.Name }} + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + + command: [ "/bin/sh", + "-ce", + "/usr/bin/docker-entrypoint.sh minio -S {{ .Values.certsPath }} server {{- range $i := until $zoneCount }}{{ $factor := mul $i $nodeCount }}{{ $endIndex := add $factor $nodeCount }}{{ $beginIndex := mul $i $nodeCount }} {{ $scheme }}://{{ template `minio.fullname` $ }}-{{ `{` }}{{ $beginIndex }}...{{ sub $endIndex 1 }}{{ `}`}}.{{ template `minio.fullname` $ }}-svc.{{ $.Release.Namespace }}.svc.{{ $.Values.clusterDomain }}{{if (gt $drivesPerNode 1)}}{{ $bucketRoot }}-{{ `{` }}0...{{ sub $drivesPerNode 1 }}{{ `}` }}{{else}}{{ $bucketRoot }}{{end}}{{- end}}{{- template `minio.extraArgs` . }}" ] + volumeMounts: + {{- if $penabled }} + {{- if (gt $drivesPerNode 1) }} + {{- range $i := until $drivesPerNode }} + - name: export-{{ $i }} + mountPath: {{ $mountPath }}-{{ $i }} + {{- if and $penabled $subPath }} + subPath: {{ $subPath }} + {{- end }} + {{- end }} + {{- else }} + - name: export + mountPath: {{ $mountPath }} + {{- if and $penabled $subPath }} + subPath: {{ $subPath }} + {{- end }} + {{- end }} + {{- end }} + {{- include "minio.tlsKeysVolumeMount" . | indent 12 }} + ports: + - name: {{ $scheme }} + containerPort: 9000 + env: + - name: MINIO_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: accesskey + - name: MINIO_SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ template "minio.secretName" . }} + key: secretkey + {{- range $key, $val := .Values.environment }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end}} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} +{{- include "minio.imagePullSecrets" . | indent 6 }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: minio-user + secret: + secretName: {{ template "minio.secretName" . }} + {{- include "minio.tlsKeysVolume" . | indent 8 }} +{{- if .Values.persistence.enabled }} + volumeClaimTemplates: + {{- if gt $drivesPerNode 1 }} + {{- range $diskId := until $drivesPerNode}} + - metadata: + name: export-{{ $diskId }} + spec: + accessModes: [ {{ $accessMode | quote }} ] + {{- if $storageClass }} + storageClassName: {{ $storageClass }} + {{- end }} + resources: + requests: + storage: {{ $psize }} + {{- end }} + {{- else }} + - metadata: + name: export + spec: + accessModes: [ {{ $accessMode | quote }} ] + {{- if $storageClass }} + storageClassName: {{ $storageClass }} + {{- end }} + resources: + requests: + storage: {{ $psize }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/minio/values.yaml b/charts/minio/values.yaml new file mode 100644 index 0000000000000000000000000000000000000000..79a7ad562d5faaf419372a2a9998044163f47f8e --- /dev/null +++ b/charts/minio/values.yaml @@ -0,0 +1,352 @@ +## Provide a name in place of minio for `app:` labels +## +nameOverride: "" + +## Provide a name to substitute for the full names of resources +## +fullnameOverride: "" + +## set kubernetes cluster domain where minio is running +## +clusterDomain: cluster.local + +## Set default image, imageTag, and imagePullPolicy. mode is used to indicate the +## +image: + repository: minio/minio + tag: RELEASE.2021-02-14T04-01-33Z + pullPolicy: IfNotPresent + +## Set default image, imageTag, and imagePullPolicy for the `mc` (the minio +## client used to create a default bucket). +## +mcImage: + repository: minio/mc + tag: RELEASE.2021-02-14T04-28-06Z + pullPolicy: IfNotPresent + +## Set default image, imageTag, and imagePullPolicy for the `jq` (the JSON +## process used to create secret for prometheus ServiceMonitor). +## +helmKubectlJqImage: + repository: bskim45/helm-kubectl-jq + tag: 3.1.0 + pullPolicy: IfNotPresent + +## minio server mode, i.e. standalone or distributed. +## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide +## +mode: standalone + +## Additional labels to include with deployment or statefulset +additionalLabels: [] + +## Additional annotations to include with deployment or statefulset +additionalAnnotations: [] + +## Additional arguments to pass to minio binary +extraArgs: [] + +## Update strategy for Deployments +DeploymentUpdate: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 100% + +## Update strategy for StatefulSets +StatefulSetUpdate: + updateStrategy: RollingUpdate + +## Pod priority settings +## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" + +## Set default accesskey, secretkey, Minio config file path, volume mount path and +## number of nodes (only used for Minio distributed mode) +## AccessKey and secretKey is generated when not set +## Distributed Minio ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide +## +accessKey: "" +secretKey: "" +certsPath: "/etc/minio/certs/" +configPathmc: "/etc/minio/mc/" +mountPath: "/export" + +## Use existing Secret that store following variables: +## +## | Chart var | .data. in Secret | +## |:----------------------|:-------------------------| +## | accessKey | accesskey | +## | secretKey | secretkey | +## | gcsgateway.gcsKeyJson | gcs_key.json | +## | s3gateway.accessKey | awsAccessKeyId | +## | s3gateway.secretKey | awsSecretAccessKey | +## | etcd.clientCert | etcd_client_cert.pem | +## | etcd.clientCertKey | etcd_client_cert_key.pem | +## +## All mentioned variables will be ignored in values file. +## .data.accesskey and .data.secretkey are mandatory, +## others depend on enabled status of corresponding sections. +existingSecret: "meep-minio-objstore-config" + +## Override the root directory which the minio server should serve from. +## If left empty, it defaults to the value of {{ .Values.mountPath }} +## If defined, it must be a sub-directory of the path specified in {{ .Values.mountPath }} +bucketRoot: "" + +# Number of drives attached to a node +drivesPerNode: 1 +# Number of MinIO containers running +replicas: 4 +# Number of expanded MinIO clusters +zones: 1 + +## TLS Settings for Minio +tls: + enabled: false + ## Create a secret with private.key and public.crt files and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret + certSecret: "" + publicCrt: public.crt + privateKey: private.key + +## Trusted Certificates Settings for Minio. Ref: https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls#install-certificates-from-third-party-cas +## Bundle multiple trusted certificates into one secret and pass that here. Ref: https://github.com/minio/minio/tree/master/docs/tls/kubernetes#2-create-kubernetes-secret +## When using self-signed certificates, remember to include Minio's own certificate in the bundle with key public.crt. +## If certSecret is left empty and tls is enabled, this chart installs the public certificate from .Values.tls.certSecret. +trustedCertsSecret: "" + +## Enable persistence using Persistent Volume Claims +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + enabled: true + reclaimPolicy: Retain + location: "/minio" + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + existingClaim: "" + + ## minio data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If set to "fullname", storageClassName: