Merge "Add zookeeper chart to osh-infra"

This commit is contained in:
Zuul 2019-11-17 08:45:01 +00:00 committed by Gerrit Code Review
commit d0b4803b3c
21 changed files with 918 additions and 5 deletions

View File

@ -0,0 +1,44 @@
#!/bin/bash
# Copyright 2019 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Lint and package chart
make zookeeper
#NOTE: Deploy command
helm upgrade --install zookeeper ./zookeeper \
--namespace=osh-infra
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh osh-infra
#NOTE: Validate Deployment info
helm status zookeeper
#NOTE: Sleep for 60 seconds to allow leader election to complete
sleep 60
#NOTE: Create arbitrary znode
ZOO_POD=$(kubectl -n osh-infra get pods -l='application=zookeeper,component=server' --output=jsonpath='{.items[0].metadata.name}')
kubectl exec $ZOO_POD -n osh-infra -- bash bin/zkCli.sh -server localhost:2181 create /OSHZnode “osh-infra_is_awesome”
#NOTE: Sleep for 10 seconds to ensure replication across members
sleep 10
#NOTE: Query separate zookeeper instance for presence of znode
ZOO_POD=$(kubectl -n osh-infra get pods -l='application=zookeeper,component=server' --output=jsonpath='{.items[2].metadata.name}')
kubectl exec $ZOO_POD -n osh-infra -- bash bin/zkCli.sh -server localhost:2181 stat /OSHZnode

View File

@ -0,0 +1 @@
../common/zookeeper.sh

24
zookeeper/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
# Copyright 2019 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm Zookeeper
name: zookeeper
version: 0.1.0
home: https://zookeeper.apache.org/
sources:
- https://github.com/apache/zookeeper
- https://opendev.org/openstack/openstack-helm-infra
maintainers:
- name: OpenStack-Helm Authors

View File

@ -0,0 +1,18 @@
# Copyright 2019 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

View File

@ -0,0 +1,30 @@
#!/bin/bash
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
HOST=$(hostname)
ID_FILE="$ZOO_DATA_DIR/myid"
if [[ $HOST =~ (.*)-([0-9]+)$ ]]; then
NAME=${BASH_REMATCH[1]}
ORD=${BASH_REMATCH[2]}
MY_ID=$((ORD+1))
echo $MY_ID > $ID_FILE
else
echo "Failed to extract ordinal from hostname $HOST"
exit 1
fi

View File

@ -0,0 +1,21 @@
#!/bin/sh
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
echo ruok | nc 127.0.0.1 ${ZOO_CLIENT_PORT}

View File

@ -0,0 +1,25 @@
#!/bin/bash
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
COMMAND="${@:-start}"
function stop () {
kill -TERM 1
}
$COMMAND

View File

@ -0,0 +1,35 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: zookeeper-bin
data:
zookeeper.sh: |
{{ tuple "bin/_zookeeper.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
generate-myid.sh: |
{{ tuple "bin/_generate-myid.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
zookeeper-liveness.sh: |
{{ tuple "bin/_zookeeper-probe.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
zookeeper-readiness.sh: |
{{ tuple "bin/_zookeeper-probe.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
{{- end }}

View File

@ -0,0 +1,28 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Secret
metadata:
name: zookeeper-etc
type: Opaque
data:
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.zookeeper.template "key" "zoo.cfg" "format" "Secret") | indent 2 }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress .Values.network.zookeeper.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendService" "zookeeper" "backendServiceType" "zookeeper" "backendPort" "client" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "zookeeper" -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

View File

@ -0,0 +1,19 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License. */}}
{{- if .Values.manifests.network_policy -}}
{{- $netpol_opts := dict "envAll" . "name" "application" "label" "zookeeper" -}}
{{ $netpol_opts | include "helm-toolkit.manifests.kubernetes_network_policy" }}
{{- end -}}

View File

@ -0,0 +1,19 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "zookeeper" "backendService" "zookeeper" ) }}
{{- end }}

View File

@ -0,0 +1,29 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_zookeeper }}
{{- $envAll := . }}
{{- $secretName := index $envAll.Values.secrets.zookeeper.admin }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
ZOOKEEPER_ADMIN_USERNAME: {{ .Values.endpoints.zookeeper.auth.admin.username | b64enc }}
ZOOKEEPER_ADMIN_PASSWORD: {{ .Values.endpoints.zookeeper.auth.admin.password | b64enc }}
{{- end }}

View File

@ -0,0 +1,40 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service_discovery }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "zookeeper" "discovery" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
labels:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
ports:
- name: client
targetPort: client
port: {{ tuple "zookeeper" "internal" "client" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- name: election
targetPort: election
port: {{ tuple "zookeeper" "internal" "election" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- name: server
targetPort: server
port: {{ tuple "zookeeper" "internal" "server" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
clusterIP: None
selector:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress .Values.network.zookeeper.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "zookeeper" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

View File

@ -0,0 +1,46 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "zookeeper" "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
labels:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
ports:
- name: client
port: {{ tuple "zookeeper" "internal" "client" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.zookeeper.node_port.enabled }}
nodePort: {{ .Values.network.zookeeper.node_port.port }}
{{ end }}
{{- if .Values.monitoring.prometheus.zookeeper.scrape }}
- name: zoo-exporter
port: {{ tuple "zookeeper" "internal" "zookeeper_exporter" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
{{- if .Values.monitoring.prometheus.jmx.scrape }}
- name: jmx-exporter
port: {{ tuple "zookeeper" "internal" "jmx_exporter" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
selector:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.zookeeper.node_port.enabled }}
type: NodePort
{{ end }}
{{- end }}

View File

@ -0,0 +1,225 @@
{{/*
Copyright 2019 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.statefulset }}
{{- $envAll := . }}
{{- $mounts_zookeeper := .Values.pod.mounts.zookeeper.zookeeper }}
{{- $mounts_zookeeper_init := .Values.pod.mounts.zookeeper.init_container }}
{{- $zookeeperUserSecret := .Values.secrets.zookeeper.admin }}
{{- $serviceAccountName := printf "%s-%s" .Release.Name "zookeeper" }}
{{ tuple $envAll "zookeeper" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: {{ $serviceAccountName }}
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/proxy
- services
- endpoints
- pods
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: {{ $serviceAccountName }}
subjects:
- kind: ServiceAccount
name: {{ $serviceAccountName }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ $serviceAccountName }}
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: zookeeper
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
serviceName: {{ tuple "zookeeper" "discovery" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
replicas: {{ .Values.pod.replicas.zookeeper }}
podManagementPolicy: Parallel
selector:
matchLabels:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple $envAll "zookeeper" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
{{ dict "envAll" $envAll "application" "zookeeper" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "zookeeper" "zookeeper" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.zookeeper.node_selector_key }}: {{ .Values.labels.zookeeper.node_selector_value | quote }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.zookeeper.timeout | default "30" }}
initContainers:
{{ tuple $envAll "zookeeper" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: zookeeper-perms
{{ tuple $envAll "zookeeper" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.zookeeper | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "zookeeper" "container" "zookeeper_perms" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- chown
- -R
- "zookeeper:"
- {{ .Values.conf.zookeeper.config.data_directory }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: data
mountPath: {{ .Values.conf.zookeeper.config.data_directory }}
- name: zookeeper-id
{{ tuple $envAll "zookeeper" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.zookeeper | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "zookeeper" "container" "zookeeper_perms" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/generate-myid.sh
env:
- name: ZOO_DATA_DIR
value: "{{ .Values.conf.zookeeper.config.data_directory }}"
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: zookeeper-bin
mountPath: /tmp/generate-myid.sh
subPath: generate-myid.sh
readOnly: true
- name: data
mountPath: {{ .Values.conf.zookeeper.config.data_directory }}
containers:
- name: zookeeper
{{ tuple $envAll "zookeeper" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.zookeeper | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "zookeeper" "container" "zookeeper" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
lifecycle:
preStop:
exec:
command:
- /tmp/zookeeper.sh
- stop
ports:
- name: client
containerPort: {{ tuple "zookeeper" "internal" "client" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- name: election
containerPort: {{ tuple "zookeeper" "internal" "election" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- name: server
containerPort: {{ tuple "zookeeper" "internal" "server" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
env:
- name: ZOO_DATA_DIR
value: "{{ .Values.conf.zookeeper.config.data_directory }}"
- name: ZOO_CLIENT_PORT
value: "{{ tuple "zookeeper" "internal" "client" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 2
successThreshold: 1
exec:
command:
- /tmp/zookeeper-readiness.sh
livenessProbe:
initialDelaySeconds: 20
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 2
successThreshold: 1
exec:
command:
- /tmp/zookeeper-liveness.sh
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: etczookeeper
mountPath: /etc/zookeeper
- name: zookeeper-etc
mountPath: /conf/zoo.cfg
subPath: zoo.cfg
- name: zookeeper-bin
mountPath: /tmp/zookeeper.sh
subPath: zookeeper.sh
readOnly: true
- name: zookeeper-bin
mountPath: /tmp/zookeeper-liveness.sh
subPath: zookeeper-liveness.sh
readOnly: true
- name: zookeeper-bin
mountPath: /tmp/zookeeper-readiness.sh
subPath: zookeeper-readiness.sh
readOnly: true
- name: data
mountPath: {{ .Values.conf.zookeeper.config.data_directory }}
{{ if $mounts_zookeeper.volumeMounts }}{{ toYaml $mounts_zookeeper.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: etczookeeper
emptyDir: {}
- name: zookeeper-etc
secret:
secretName: zookeeper-etc
defaultMode: 0444
- name: zookeeper-bin
configMap:
name: zookeeper-bin
defaultMode: 0555
{{ if $mounts_zookeeper.volumes }}{{ toYaml $mounts_zookeeper.volumes | indent 8 }}{{ end }}
{{- if not .Values.storage.enabled }}
- name: data
emptyDir: {}
{{- else }}
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: {{ .Values.storage.pvc.access_mode }}
resources:
requests:
storage: {{ .Values.storage.requests.storage }}
storageClassName: {{ .Values.storage.storage_class }}
{{- end }}
{{- end }}

247
zookeeper/values.yaml Normal file
View File

@ -0,0 +1,247 @@
# Copyright 2019 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for zookeeper.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
images:
tags:
zookeeper: docker.io/zookeeper:3.5.5
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
image_repo_sync: docker.io/docker:17.07.0
pull_policy: IfNotPresent
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
labels:
zookeeper:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
pod:
security_context:
zookeeper:
pod:
runAsUser: 1000
fsGroup: 1000
container:
zookeeper_perms:
runAsUser: 0
fsGroup: 1000
readOnlyRootFilesystem: false
zookeeper:
runAsUser: 1000
fsGroup: 1000
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
weight:
default: 10
mounts:
zookeeper:
zookeeper:
init_container: null
replicas:
zookeeper: 3
lifecycle:
upgrades:
statefulsets:
pod_replacement_strategy: RollingUpdate
termination_grace_period:
zookeeper:
timeout: 30
resources:
enabled: false
zookeeper:
limits:
memory: "1024Mi"
cpu: "2000m"
requests:
memory: "128Mi"
cpu: "500m"
jobs:
image_repo_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
zookeeper:
name: zookeeper
namespace: null
auth:
admin:
username: admin
password: changeme
hosts:
default: zookeeper-int
discovery: zookeeper-discovery
public: zookeeper
host_fqdn_override:
default: null
# NOTE(srwilkers): this chart supports TLS for fqdn over-ridden public
# endpoints using the following format:
# public:
# host: null
# tls:
# crt: null
# key: null
path:
default: null
scheme:
default: 'http'
port:
client:
default: 2181
election:
default: 3888
server:
default: 2888
jmx_exporter:
default: 9404
zookeeper_exporter:
default: 9141
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- zookeeper-image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
image_repo_sync:
services:
- endpoint: internal
service: local_image_registry
zookeeper:
services: null
monitoring:
prometheus:
enabled: true
zookeeper:
scrape: true
jmx:
scrape: true
network:
zookeeper:
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/affinity: cookie
nginx.ingress.kubernetes.io/session-cookie-name: kube-ingress-session-zookeeper
nginx.ingress.kubernetes.io/session-cookie-hash: sha1
nginx.ingress.kubernetes.io/session-cookie-expires: "600"
nginx.ingress.kubernetes.io/session-cookie-max-age: "600"
node_port:
enabled: false
port: 30981
network_policy:
zookeeper:
ingress:
- {}
egress:
- {}
secrets:
tls:
zookeeper:
zookeeper:
public: zookeeper-tls-public
zookeeper:
admin: zookeeper-admin-creds
storage:
enabled: true
pvc:
name: zookeeper-pvc
access_mode: [ "ReadWriteOnce" ]
requests:
storage: 5Gi
storage_class: general
manifests:
configmap_bin: true
configmap_etc: true
ingress: true
job_image_repo_sync: true
network_policy: false
secret_ingress_tls: true
secret_kafka: true
secret_zookeeper: true
service_discovery: true
service_ingress: true
service: true
statefulset: true
conf:
zookeeper:
config:
data_directory: /var/lib/zookeeper/data
data_log_directory: /var/lib/zookeeper/data/datalog
log_directory: /var/lib/zookeeper/data/logs
template: |
{{- $domain := tuple "zookeeper" "discovery" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
{{- $electionPort := tuple "zookeeper" "internal" "election" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $clientPort := tuple "zookeeper" "internal" "client" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $serverPort := tuple "zookeeper" "internal" "server" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
tickTime=2000
dataDir={{ .Values.conf.zookeeper.config.data_directory }}
dataLogDir={{ .Values.conf.zookeeper.config.data_log_directory }}
logDir={{ .Values.conf.zookeeper.config.log_directory }}
electionPort={{ $electionPort }}
serverPort={{ $serverPort }}
maxClientCnxns=10
initLimit=15
syncLimit=5
{{- range $podInt := until ( atoi (print .Values.pod.replicas.zookeeper ) ) }}
{{- $ensembleCount := add $podInt 1 }}
server.{{$ensembleCount}}=zookeeper-{{$podInt}}.{{$domain}}:{{$serverPort}}:{{$electionPort}}:participant;{{$clientPort}}
{{- end }}

View File

@ -66,6 +66,7 @@
- ./tools/deployment/multinode/130-fluentd-daemonset.sh
- ./tools/deployment/multinode/135-fluentd-deployment.sh
- ./tools/deployment/multinode/140-kibana.sh
- ./tools/deployment/multinode/160-zookeeper.sh
- ./tools/deployment/multinode/600-grafana-selenium.sh || true
- ./tools/deployment/multinode/610-nagios-selenium.sh || true
- ./tools/deployment/multinode/620-prometheus-selenium.sh || true

View File

@ -53,8 +53,9 @@
#- openstack-helm-infra-five-fedora
# NOTE(srwilkers): Disable centos experimental jobs until issues resolved
#- openstack-helm-infra-five-centos
- openstack-helm-infra-tenant-ceph
- openstack-helm-infra-elastic-beats
- openstack-helm-infra-armada-deploy
- openstack-helm-infra-armada-update-uuid
- openstack-helm-infra-armada-update-passwords
- openstack-helm-infra-five-ubuntu
# - openstack-helm-infra-tenant-ceph
# - openstack-helm-infra-elastic-beats
# - openstack-helm-infra-armada-deploy
# - openstack-helm-infra-armada-update-uuid
# - openstack-helm-infra-armada-update-passwords