diff --git a/library/ix-dev/charts/netdata/Chart.lock b/library/ix-dev/charts/netdata/Chart.lock index a6a3993477..4ed385158b 100644 --- a/library/ix-dev/charts/netdata/Chart.lock +++ b/library/ix-dev/charts/netdata/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common - repository: file://../../../common/2304.0.1 - version: 2304.0.1 -digest: sha256:1ed155c6760e1166e2cb75b52bc5e81c6bdf0252c16ff5ede001157077c41670 -generated: "2023-04-24T13:40:33.182127877+03:00" + repository: file://../../../common + version: 1.2.9 +digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c +generated: "2024-01-31T17:51:31.791327082+02:00" diff --git a/library/ix-dev/charts/netdata/Chart.yaml b/library/ix-dev/charts/netdata/Chart.yaml index e04524d5af..fad46b4a98 100644 --- a/library/ix-dev/charts/netdata/Chart.yaml +++ b/library/ix-dev/charts/netdata/Chart.yaml @@ -3,7 +3,7 @@ description: Real-time performance monitoring, done right! annotations: title: Netdata type: application -version: 1.0.40 +version: 2.0.0 apiVersion: v2 appVersion: v1.44.1 kubeVersion: '>=1.16.0-0' @@ -13,12 +13,14 @@ maintainers: email: dev@ixsystems.com dependencies: - name: common - repository: file://../../../common/2304.0.1 - version: 2304.0.1 + repository: file://../../../common + version: 1.2.9 home: https://www.netdata.cloud/ icon: https://media.sys.truenas.net/apps/netdata/icons/icon.png sources: + - https://www.netdata.cloud/ - https://github.com/netdata/helmchart + - https://hub.docker.com/r/netdata/netdata - https://github.com/netdata/netdata keywords: - alerting diff --git a/library/ix-dev/charts/netdata/README.md b/library/ix-dev/charts/netdata/README.md index 236b8a4f8b..1a4afa8d22 100755 --- a/library/ix-dev/charts/netdata/README.md +++ b/library/ix-dev/charts/netdata/README.md @@ -1,10 +1,3 @@ -Netdata -===== +# Netdata [Netdata](https://www.netdata.cloud/) is a fast, easy monitoring and troubleshooting system. - - -Introduction ------------- - -This chart bootstraps Netdata deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. diff --git a/library/ix-dev/charts/netdata/app-readme.md b/library/ix-dev/charts/netdata/app-readme.md index 09f11cfa63..1a4afa8d22 100644 --- a/library/ix-dev/charts/netdata/app-readme.md +++ b/library/ix-dev/charts/netdata/app-readme.md @@ -1 +1,3 @@ +# Netdata + [Netdata](https://www.netdata.cloud/) is a fast, easy monitoring and troubleshooting system. diff --git a/library/ix-dev/charts/netdata/charts/common-1.2.9.tgz b/library/ix-dev/charts/netdata/charts/common-1.2.9.tgz new file mode 100644 index 0000000000..8da115509f Binary files /dev/null and b/library/ix-dev/charts/netdata/charts/common-1.2.9.tgz differ diff --git a/library/ix-dev/charts/netdata/charts/common-2304.0.1.tgz b/library/ix-dev/charts/netdata/charts/common-2304.0.1.tgz deleted file mode 100644 index bbb9c0a380..0000000000 Binary files a/library/ix-dev/charts/netdata/charts/common-2304.0.1.tgz and /dev/null differ diff --git a/library/ix-dev/charts/netdata/ci/basic-values.yaml b/library/ix-dev/charts/netdata/ci/basic-values.yaml new file mode 100644 index 0000000000..4799b55e25 --- /dev/null +++ b/library/ix-dev/charts/netdata/ci/basic-values.yaml @@ -0,0 +1,10 @@ +netdataNetwork: + webPort: 30489 + +netdataStorage: + config: + type: pvc + cache: + type: pvc + lib: + type: pvc diff --git a/library/ix-dev/charts/netdata/ci/test-values.yaml b/library/ix-dev/charts/netdata/ci/test-values.yaml deleted file mode 100644 index 77e808072d..0000000000 --- a/library/ix-dev/charts/netdata/ci/test-values.yaml +++ /dev/null @@ -1,38 +0,0 @@ -appVolumeMounts: - netdatacache: - emptyDir: true - mountPath: /var/cache/netdata - netdataconfig: - emptyDir: true - mountPath: /etc/netdata - netdatalib: - emptyDir: true - mountPath: /var/lib/netdata -dnsConfig: - options: [] -environmentVariables: [] -extraAppVolumeMounts: [] -global: - ixChartContext: - isInstall: true - isUpdate: false - isUpgrade: false - operation: INSTALL - storageClassName: ix-storage-class-netdata - upgradeMetadata: {} -ixCertificateAuthorities: {} -ixCertificates: {} -ixChartContext: - isInstall: true - isUpdate: false - isUpgrade: false - operation: INSTALL - storageClassName: ix-storage-class-netdata - upgradeMetadata: {} -ixExternalInterfacesConfiguration: [] -ixExternalInterfacesConfigurationNames: [] -ixVolumes: [] -runAsGroup: 201 -runAsUser: 201 -service: - nodePort: 32189 diff --git a/library/ix-dev/charts/netdata/metadata.yaml b/library/ix-dev/charts/netdata/metadata.yaml index 23e0b3c191..95ca8c3945 100644 --- a/library/ix-dev/charts/netdata/metadata.yaml +++ b/library/ix-dev/charts/netdata/metadata.yaml @@ -7,34 +7,16 @@ runAsContext: capabilities: - name: CHOWN description: Netdata is able to chown files. - - name: FOWNER - description: Netdata is able to bypass permission checks for it's sub-processes. - - name: SYS_CHROOT - description: Netdata is able to use chroot. - - name: MKNOD - description: Netdata is able to create device nodes. - name: DAC_OVERRIDE description: Netdata is able to bypass permission checks. - - name: FSETID - description: Netdata is able to set file capabilities. - - name: KILL - description: Netdata is able to kill processes. + - name: FOWNER + description: Netdata is able to bypass permission checks for it's sub-processes. - name: SETGID description: Netdata is able to set group ID for it's sub-processes. - name: SETUID description: Netdata is able to set user ID for it's sub-processes. - - name: SETPCAP - description: Netdata is able to set process capabilities. - - name: NET_BIND_SERVICE - description: Netdata is able to bind to privileged ports. - - name: NET_RAW - description: Netdata is able to use raw sockets. - - name: SETFCAP - description: Netdata is able to set file capabilities. - - name: PTRACE + - name: SYS_PTRACE description: Netdata is able to trace processes. - - name: AUDIT_WRITE - description: Netdata is able to write to audit log. hostMounts: - hostPath: /etc/os-release description: Required to read the OS release information. @@ -44,3 +26,5 @@ hostMounts: description: Required to read the group information. - hostPath: /proc description: Required to read the processes information. + - hostPath: /sys + description: Required to read the system information. diff --git a/library/ix-dev/charts/netdata/migrations/migrate b/library/ix-dev/charts/netdata/migrations/migrate new file mode 100755 index 0000000000..04597984a0 --- /dev/null +++ b/library/ix-dev/charts/netdata/migrations/migrate @@ -0,0 +1,87 @@ +#!/usr/bin/python3 +import json +import os +import sys + +def migrate_volume(volume): + return { + 'type': 'hostPath', + 'hostPathConfig': { + 'hostPath': volume['hostPath'] + }, + } if volume.get('hostPathEnabled', False) else { + 'type': 'ixVolume', + 'ixVolumeConfig': { + 'datasetName': volume['datasetName'], + }, + } + +def migrate_common_lib(values): + delete_keys = [ + 'dnsConfig', 'environmentVariables', 'service', 'enableResourceLimits', + 'memLimit', 'cpuLimit', 'extraAppVolumeMounts', 'appVolumeMounts', + 'runAsGroup', 'runAsUser', + ] + + values.update({ + # Migrate Network + 'netdataNetwork': { + 'webPort': values['service']['nodePort'], + }, + # Migrate Resources + 'resources': { + 'limits': { + 'cpu': values.get('cpuLimit', '4000m'), + 'memory': values.get('memLimit', '8Gi'), + } + }, + # Migrate DNS + 'podOptions': { + 'dnsConfig': { + 'options': [ + {'name': opt['name'], 'value': opt['value']} + for opt in values.get('dnsConfig', {}).get('options', []) + ] + } + }, + # Migrate Config + 'netdataConfig': { + 'additionalEnvs': values.get('environmentVariables', []), + }, + # Migrate Storage + 'netdataStorage': { + 'config': migrate_volume(values['appVolumeMounts']['netdataconfig']), + 'cache': migrate_volume(values['appVolumeMounts']['netdatacache']), + 'lib': migrate_volume(values['appVolumeMounts']['netdatalib']), + 'additionalStorages': [ + { + 'type': 'hostPath', + 'hostPathConfig': {'hostPath': e['hostPath']}, + 'mountPath': e['mountPath'], + 'readOnly': e.get('readOnly', False), + } + for e in values.get('extraAppVolumeMounts', []) + ], + }, + }) + + for k in delete_keys: + values.pop(k, None) + + return values + +def migrate(values): + # If this missing, we have already migrated + if not 'appVolumeMounts' in values.keys(): + return values + + return migrate_common_lib(values) + + +if __name__ == '__main__': + if len(sys.argv) != 2: + exit(1) + + if os.path.exists(sys.argv[1]): + with open(sys.argv[1], 'r') as f: + print(json.dumps(migrate(json.loads(f.read())))) diff --git a/library/ix-dev/charts/netdata/questions.yaml b/library/ix-dev/charts/netdata/questions.yaml index a6cb16f845..50575c6307 100644 --- a/library/ix-dev/charts/netdata/questions.yaml +++ b/library/ix-dev/charts/netdata/questions.yaml @@ -1,253 +1,530 @@ groups: - - name: "Container Images" - description: "Image to be used for container" - - name: "Workload Configuration" - description: "Configure workload deployment" - - name: "Netdata Configuration" - description: "Configure Netdata credentials" - - name: "Storage" - description: "Configure Storage for Netdata" - - name: "Advanced DNS Settings" - description: "Configure DNS settings" - - name: "Resource Limits" - description: "Set CPU/memory limits for Kubernetes Pod" + - name: Netdata Configuration + description: Configure Netdata + - name: Advanced Pod Configuration + description: Configure Advanced Pod Options for Netdata + - name: Network Configuration + description: Configure Network for Netdata + - name: Storage Configuration + description: Configure Storage for Netdata + - name: Resources Configuration + description: Configure Resources for Netdata portals: web_portal: protocols: - - "http" + - "$kubernetes-resource_configmap_portal_protocol" host: - - "$node_ip" + - "$kubernetes-resource_configmap_portal_host" ports: - - "$variable-service.nodePort" + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" questions: - - variable: dnsConfig - label: "DNS Configuration" - group: "Advanced DNS Settings" + - variable: netdataConfig + label: "" + group: Netdata Configuration schema: type: dict attrs: - - variable: options - label: "DNS Options" + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Netdata. schema: type: list + default: [] items: - - variable: optionsEntry - label: "Option Entry Configuration" + - variable: env + label: Environment Variable schema: type: dict attrs: - variable: name - label: "Option Name" + label: Name schema: type: string required: true - variable: value - label: "Option Value" + label: Value schema: type: string required: true - - variable: environmentVariables - label: "Netdata image environment" - group: "Netdata Configuration" + - variable: podOptions + label: "" + group: Advanced Pod Configuration schema: - type: list - default: [] - items: - - variable: environmentVariable - label: "Environment Variable" + type: dict + attrs: + - variable: dnsConfig + label: Advanced DNS Configuration schema: type: dict attrs: - - variable: name - label: "Name" + - variable: options + label: DNS Options schema: - type: string - - variable: value - label: "Value" - schema: - type: string + type: list + items: + - variable: optionsEntry + label: DNS Option Entry + schema: + type: dict + attrs: + - variable: name + label: Option Name + schema: + type: string + required: true + - variable: value + label: Option Value + schema: + type: string + required: true - - variable: service - description: "Netdata Service Configuration" - label: "Netdata Service Configuration" - group: "Netdata Configuration" + - variable: netdataNetwork + label: "" + group: Network Configuration schema: type: dict - required: true attrs: - - variable: nodePort - label: "Node Port to use for Netdata UI" + - variable: webPort + label: Web Port + description: The port for the Netdata Web UI. schema: type: int + default: 20489 min: 9000 max: 65535 - default: 20489 required: true + - variable: hostNetwork + label: Host Network + schema: + type: boolean + default: true - - variable: appVolumeMounts - label: "Netdata Storage" - group: "Storage" + - variable: netdataStorage + label: "" + group: Storage Configuration schema: type: dict attrs: - - variable: netdataconfig - label: "Configuration Volume" + - variable: config + label: Netdata Config Storage + description: The path to store Netdata Configuration. schema: type: dict attrs: - - variable: datasetName - label: "Configuration Volume Name" + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. schema: type: string - hidden: true - $ref: - - "normalize/ixVolume" - show_if: [ [ "hostPathEnabled", "=", false ] ] - default: "ix-config" - editable: false - - variable: mountPath - label: "Configuration Mount Path" - description: "Path where the volume will be mounted inside the pod" - schema: - type: path - hidden: true - editable: false - default: "/etc/netdata" - - variable: hostPathEnabled - label: "Enable Host Path for Netdata Configuration Volume" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hostPath - label: "Host Path for Netdata Configuration Volume" - schema: - type: hostpath - required: true - immutable: true - - variable: netdatacache - label: "Cache Volume" - schema: - type: dict - attrs: - - variable: datasetName - label: "Cache Volume Name" - schema: - type: string - hidden: true - $ref: - - "normalize/ixVolume" - show_if: [["hostPathEnabled", "=", false]] - default: "ix-cache" - editable: false - - variable: mountPath - label: "Cache Mount Path" - description: "Path where the volume will be mounted inside the pod" - schema: - type: path - hidden: true - editable: false - default: "/var/cache/netdata" - - variable: hostPathEnabled - label: "Enable Host Path for Netdata Cache Volume" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hostPath - label: "Host Path for Netdata Cache Volume" - schema: - type: hostpath - required: true - immutable: true - - variable: netdatalib - label: "Netdata Library Volume" - schema: - type: dict - attrs: - - variable: datasetName - label: "Netdata Library Volume Name" - schema: - type: string - hidden: true - $ref: - - "normalize/ixVolume" - show_if: [ [ "hostPathEnabled", "=", false ] ] - default: "ix-lib" - editable: false - - variable: mountPath - label: "Netdata Library Mount Path" - description: "Path where the volume will be mounted inside the pod" - schema: - type: path - hidden: true - editable: false - default: "/var/lib/netdata" - - variable: hostPathEnabled - label: "Enable Host Path for Netdata Library Volume" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: - - variable: hostPath - label: "Host Path for Netdata Library Volume" - schema: - type: hostpath - required: true - immutable: true - - - variable: extraAppVolumeMounts - label: "Extra Host Path Volumes" - group: "Storage" - schema: - type: list - items: - - variable: extraAppVolume - label: "Host Path Volume" - description: "Add an extra host path volume for Netdata application" - schema: - type: dict - attrs: - - variable: mountPath - label: "Mount Path in Pod" - description: "Path where the volume will be mounted inside the pod" - schema: - type: path required: true - - variable: hostPath - label: "Host Path" - description: "Host path" + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. schema: - type: hostpath + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "config" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: cache + label: Netdata Cache Storage + description: The path to store Netdata Cache. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "cache" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: lib + label: Netdata Lib Storage + description: The path to store Netdata Lib. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "lib" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true - - variable: enableResourceLimits - label: "Enable Pod resource limits" - group: "Resource Limits" + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Netdata. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ SMB Share: Is a SMB share that is mounted to a persistent volume claim. + schema: + type: string + required: true + default: "ixVolume" + immutable: true + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - value: "smb-pv-pvc" + description: SMB Share (Mounts a persistent volume claim to a SMB share) + - variable: readOnly + label: Read Only + description: Mount the volume as read only. + schema: + type: boolean + default: false + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + default: "storage_entry" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: smbConfig + label: SMB Share Configuration + description: The configuration for the SMB Share. + schema: + type: dict + show_if: [["type", "=", "smb-pv-pvc"]] + attrs: + - variable: server + label: Server + description: The server for the SMB share. + schema: + type: string + required: true + - variable: share + label: Share + description: The share name for the SMB share. + schema: + type: string + required: true + - variable: domain + label: Domain (Optional) + description: The domain for the SMB share. + schema: + type: string + - variable: username + label: Username + description: The username for the SMB share. + schema: + type: string + required: true + - variable: password + label: Password + description: The password for the SMB share. + schema: + type: string + required: true + private: true + - variable: size + label: Size (in Gi) + description: The size of the volume quota. + schema: + type: int + required: true + min: 1 + default: 1 + + - variable: resources + group: Resources Configuration + label: "" schema: - type: boolean - default: false - - variable: cpuLimit - label: "CPU Limit" - description: "CPU resource limit allow plain integer values with suffix m(milli) e.g 1000m, 100." - group: "Resource Limits" - schema: - type: string - show_if: [["enableResourceLimits", "=", true]] - valid_chars: "^\\d+(?:\\.\\d+(?!.*m$)|m?$)" - default: "4000m" - - variable: memLimit - label: "Memory Limit" - group: "Resource Limits" - description: "Memory limits is specified by number of bytes. Followed by quantity suffix like E,P,T,G,M,k and Ei,Pi,Ti,Mi,Gi,Ki can also be used. e.g 129e6, 129M, 128974848000m, 123Mi" - schema: - type: string - show_if: [["enableResourceLimits", "=", true]] - valid_chars: "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$" - default: "8Gi" + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Netdata. + schema: + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Netdata. + schema: + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" + required: true diff --git a/library/ix-dev/charts/netdata/templates/NOTES.txt b/library/ix-dev/charts/netdata/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/charts/netdata/templates/_helpers.tpl b/library/ix-dev/charts/netdata/templates/_helpers.tpl deleted file mode 100644 index 0b76aed34a..0000000000 --- a/library/ix-dev/charts/netdata/templates/_helpers.tpl +++ /dev/null @@ -1,32 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "netdata.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "netdata.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "netdata.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_migration.tpl b/library/ix-dev/charts/netdata/templates/_migration.tpl new file mode 100644 index 0000000000..4479a21b9b --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_migration.tpl @@ -0,0 +1,35 @@ +{{- define "netdata.get-versions" -}} + {{- $oldChartVersion := "" -}} + {{- $newChartVersion := "" -}} + + {{/* Safely access the context, so it wont block CI */}} + {{- if hasKey .Values.global "ixChartContext" -}} + {{- if .Values.global.ixChartContext.upgradeMetadata -}} + + {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}} + {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}} + {{- if and (not $oldChartVersion) (not $newChartVersion) -}} + {{- fail "Upgrade Metadata is missing. Cannot proceed" -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}} +{{- end -}} + +{{- define "netdata.migration" -}} + {{- $versions := (fromYaml (include "netdata.get-versions" $)) -}} + {{- if and $versions.old $versions.new -}} + {{- $oldV := semver $versions.old -}} + {{- $newV := semver $versions.new -}} + + {{/* If new is v2.x.x */}} + {{- if eq ($newV.Major | int) 2 -}} + {{/* And old is v1.x.x, but lower than .40 */}} + {{- if and (eq $oldV.Major 1) (lt ($oldV.Patch | int) 40) -}} + {{/* Block the upgrade */}} + {{- fail "Migration to 2.x.x is only allowed from 1.0.40 or higher" -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_netdata.tpl b/library/ix-dev/charts/netdata/templates/_netdata.tpl new file mode 100644 index 0000000000..a9c99271fc --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_netdata.tpl @@ -0,0 +1,53 @@ +{{- define "netdata.workload" -}} +workload: + netdata: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: false + automountServiceAccountToken: true + securityContext: + fsGroup: 201 + containers: + netdata: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: true + capabilities: + add: + - CHOWN + - DAC_OVERRIDE + - FOWNER + - SETGID + - SETUID + - SYS_PTRACE + env: + NETDATA_LISTENER_PORT: {{ .Values.netdataNetwork.webPort }} + {{ with .Values.netdataConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: exec + command: /usr/sbin/health.sh + readiness: + enabled: true + type: exec + command: /usr/sbin/health.sh + startup: + enabled: true + type: exec + command: /usr/sbin/health.sh +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_persistence.tpl b/library/ix-dev/charts/netdata/templates/_persistence.tpl new file mode 100644 index 0000000000..8c99e872fa --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_persistence.tpl @@ -0,0 +1,86 @@ +{{- define "netdata.persistence" -}} +persistence: + config: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.netdataStorage.config) | nindent 4 }} + targetSelector: + netdata: + netdata: + mountPath: /etc/netdata + cache: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.netdataStorage.cache) | nindent 4 }} + targetSelector: + netdata: + netdata: + mountPath: /var/cache/netdata + lib: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.netdataStorage.lib) | nindent 4 }} + targetSelector: + netdata: + netdata: + mountPath: /var/lib/netdata + tmp: + enabled: true + type: emptyDir + targetSelector: + netdata: + netdata: + mountPath: /tmp + {{- range $idx, $storage := .Values.netdataStorage.additionalStorages }} + {{ printf "netdata-%v:" (int $idx) }} + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }} + targetSelector: + netdata: + netdata: + mountPath: {{ $storage.mountPath }} + {{- end }} + + os-release: + enabled: true + type: hostPath + hostPath: /etc/os-release + targetSelector: + netdata: + netdata: + mountPath: /host/etc/os-release + readOnly: true + sys: + enabled: true + type: hostPath + hostPath: /sys + targetSelector: + netdata: + netdata: + mountPath: /host/sys + readOnly: true + proc: + enabled: true + type: hostPath + hostPath: /proc + targetSelector: + netdata: + netdata: + mountPath: /host/proc + readOnly: true + etc-passwd: + enabled: true + type: hostPath + hostPath: /etc/passwd + targetSelector: + netdata: + netdata: + mountPath: /host/etc/passwd + readOnly: true + etc-group: + enabled: true + type: hostPath + hostPath: /etc/group + targetSelector: + netdata: + netdata: + mountPath: /host/etc/group + readOnly: true +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_portal.tpl b/library/ix-dev/charts/netdata/templates/_portal.tpl new file mode 100644 index 0000000000..e85c864236 --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "netdata.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + port: {{ .Values.netdataNetwork.webPort | quote }} + path: "/" + protocol: "http" + host: $node_ip +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_rbac.tpl b/library/ix-dev/charts/netdata/templates/_rbac.tpl new file mode 100644 index 0000000000..34f20a716e --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_rbac.tpl @@ -0,0 +1,30 @@ +{{- define "netdata.rbac" -}} +serviceAccount: + netdata: + enabled: true + primary: true + +rbac: + netdata: + enabled: true + primary: true + clusterWide: true + rules: + - apiGroups: + - "" + resources: + - pods + - services + - configmaps + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/_service.tpl b/library/ix-dev/charts/netdata/templates/_service.tpl new file mode 100644 index 0000000000..acb48b7669 --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/_service.tpl @@ -0,0 +1,15 @@ +{{- define "netdata.service" -}} +service: + netdata: + enabled: true + primary: true + type: NodePort + targetSelector: netdata + ports: + webui: + enabled: true + primary: true + port: {{ .Values.netdataNetwork.webPort }} + nodePort: {{ .Values.netdataNetwork.webPort }} + targetSelector: netdata +{{- end -}} diff --git a/library/ix-dev/charts/netdata/templates/clusterrole.yaml b/library/ix-dev/charts/netdata/templates/clusterrole.yaml deleted file mode 100644 index cd1862784c..0000000000 --- a/library/ix-dev/charts/netdata/templates/clusterrole.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "netdata.fullname" . }} - labels: - app: {{ template "netdata.name" . }} - chart: {{ template "netdata.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -rules: - - apiGroups: [""] - resources: - - "pods" # used by sd, netdata (cgroup-name.sh, get-kubernetes-labels.sh) - - "services" # used by sd - - "configmaps" # used by sd - - "secrets" # used by sd - verbs: - - "get" - - "list" - - "watch" - - apiGroups: [""] - resources: - - "namespaces" # used by netdata (cgroup-name.sh, get-kubernetes-labels.sh) - verbs: - - "get" diff --git a/library/ix-dev/charts/netdata/templates/clusterrolebinding.yaml b/library/ix-dev/charts/netdata/templates/clusterrolebinding.yaml deleted file mode 100644 index 27152168c3..0000000000 --- a/library/ix-dev/charts/netdata/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "netdata.fullname" . }} - labels: - app: {{ template "netdata.name" . }} - chart: {{ template "netdata.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "netdata.fullname" . }} -subjects: -- kind: ServiceAccount - name: {{ .Release.Name }} - namespace: {{ .Release.Namespace }} diff --git a/library/ix-dev/charts/netdata/templates/common.yaml b/library/ix-dev/charts/netdata/templates/common.yaml new file mode 100644 index 0000000000..645a2db661 --- /dev/null +++ b/library/ix-dev/charts/netdata/templates/common.yaml @@ -0,0 +1,14 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{- include "netdata.migration" $ -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "netdata.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "netdata.service" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "netdata.persistence" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "netdata.rbac" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "netdata.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/charts/netdata/templates/deployment.yaml b/library/ix-dev/charts/netdata/templates/deployment.yaml deleted file mode 100644 index ef1e0cb442..0000000000 --- a/library/ix-dev/charts/netdata/templates/deployment.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{ include "common.storage.hostPathValidate" .Values }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "netdata.name" . }}-netdata - labels: - app: {{ template "netdata.name" . }} - chart: {{ template "netdata.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - role: parent -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: {{ include "common.labels.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: {{ include "common.labels.selectorLabels" . | nindent 8 }} - annotations: - rollme: {{ randAlphaNum 5 | quote }} - spec: - securityContext: - fsGroup: 201 - serviceAccountName: {{ .Release.Name }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ tpl .Values.image.tag . }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{ include "common.resources.limitation" . | nindent 10 }} - env: - {{ $envList := (default list .Values.environmentVariables) }} - {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }} - ports: - - name: http - containerPort: 19999 - protocol: TCP - livenessProbe: - httpGet: - path: /api/v1/info - port: http - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 - readinessProbe: - httpGet: - path: /api/v1/info - port: http - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 2 - startupProbe: - httpGet: - path: /api/v1/info - port: http - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 2 - failureThreshold: 60 - successThreshold: 1 - volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} - - name: os-release - mountPath: /host/etc/os-release - readOnly: true - - name: sys - mountPath: /host/sys - readOnly: true - - name: proc - mountPath: /host/proc - readOnly: true - - name: user - mountPath: /host/etc/passwd - readOnly: true - - name: group - mountPath: /host/etc/group - readOnly: true - securityContext: - capabilities: - add: - - SYS_PTRACE - terminationGracePeriodSeconds: 60 - {{ include "common.networking.dnsConfiguration" .Values | nindent 6 }} - volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} - - name: os-release - hostPath: - path: /etc/os-release - - name: proc - hostPath: - path: /proc - - name: sys - hostPath: - path: /sys - - name: user - hostPath: - path: /etc/passwd - - name: group - hostPath: - path: /etc/group diff --git a/library/ix-dev/charts/netdata/templates/pre-install-job.yaml b/library/ix-dev/charts/netdata/templates/pre-install-job.yaml deleted file mode 100644 index 64505b23e5..0000000000 --- a/library/ix-dev/charts/netdata/templates/pre-install-job.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: "{{ template "common.names.fullname" . }}-preinstall-job" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - helm.sh/chart: {{ template "common.names.chart" . }} - annotations: - "helm.sh/hook": pre-install - "helm.sh/hook-delete-policy": hook-succeeded -spec: - template: - metadata: - name: "{{ template "common.names.fullname" . }}-preinstall-hook" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: {{ template "common.names.chart" . }} - spec: - restartPolicy: Never - containers: - - name: pre-install-job - image: "alpine:latest" - command: - - chown - - -R - - {{ .Values.runAsUser }}:{{ .Values.runAsGroup }} - - {{ .Values.appVolumeMounts.netdatacache.mountPath }} - - {{ .Values.appVolumeMounts.netdatalib.mountPath }} - - {{ .Values.appVolumeMounts.netdataconfig.mountPath }} - volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} - volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} diff --git a/library/ix-dev/charts/netdata/templates/service.yaml b/library/ix-dev/charts/netdata/templates/service.yaml deleted file mode 100644 index 81c478b423..0000000000 --- a/library/ix-dev/charts/netdata/templates/service.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{ $svc := .Values.service }} -{{ $ports := list }} -{{ $ports = mustAppend $ports (dict "name" "ui" "port" $svc.nodePort "nodePort" $svc.nodePort "targetPort" 19999) }} -{{ $params := . }} -{{ $_ := set $params "commonService" (dict "type" "NodePort" "ports" $ports ) }} -{{ include "common.classes.service" $params }} diff --git a/library/ix-dev/charts/netdata/templates/serviceaccount.yaml b/library/ix-dev/charts/netdata/templates/serviceaccount.yaml deleted file mode 100644 index 6338f0c7f0..0000000000 --- a/library/ix-dev/charts/netdata/templates/serviceaccount.yaml +++ /dev/null @@ -1,9 +0,0 @@ -kind: ServiceAccount -apiVersion: v1 -metadata: - labels: - app: {{ template "netdata.name" . }} - chart: {{ template "netdata.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - name: {{ .Release.Name }} diff --git a/library/ix-dev/charts/netdata/values.yaml b/library/ix-dev/charts/netdata/values.yaml index b654d2c2d2..c948edbb59 100644 --- a/library/ix-dev/charts/netdata/values.yaml +++ b/library/ix-dev/charts/netdata/values.yaml @@ -2,5 +2,33 @@ image: pullPolicy: IfNotPresent repository: netdata/netdata tag: v1.44.1 -runAsGroup: 201 -runAsUser: 201 + +resources: + limits: + cpu: 4000m + memory: 8Gi + +podOptions: + dnsConfig: + options: [] + +netdataConfig: + additionalEnvs: [] + +netdataNetwork: + webPort: 20489 + +netdataStorage: + config: + type: ixVolume + ixVolumeConfig: + datasetName: config + cache: + type: ixVolume + ixVolumeConfig: + datasetName: cache + lib: + type: ixVolume + ixVolumeConfig: + datasetName: lib + additionalStorages: []