From 481ddd352817a45f29bbfaad898c7815c1f6e9a0 Mon Sep 17 00:00:00 2001 From: Dileep Ranganathan Date: Mon, 11 Mar 2019 11:42:11 -0700 Subject: [PATCH] Operator pacakge for Distributed Analytics Created the operator helm charts in separate package which consists of multiple kubernetes operators. Change-Id: I38e3fafae65b655de1accec05082d0afaed1d688 Issue-ID: ONAPARC-366 Signed-off-by: Dileep Ranganathan --- vnfs/DAaaS/operator/.helmignore | 22 +++ vnfs/DAaaS/operator/Chart.yaml | 5 + .../operator/charts/etcd-operator/.helmignore | 21 +++ .../DAaaS/operator/charts/etcd-operator/Chart.yaml | 14 ++ vnfs/DAaaS/operator/charts/etcd-operator/OWNERS | 6 + vnfs/DAaaS/operator/charts/etcd-operator/README.md | 158 ++++++++++++++++ .../charts/etcd-operator/templates/NOTES.txt | 33 ++++ .../charts/etcd-operator/templates/_helpers.tpl | 75 ++++++++ .../etcd-operator/templates/backup-etcd-crd.yaml | 18 ++ .../backup-operator-clusterrole-binding.yaml | 20 ++ .../templates/backup-operator-deployment.yaml | 59 ++++++ .../templates/backup-operator-service-account.yaml | 12 ++ .../etcd-operator/templates/etcd-cluster-crd.yaml | 25 +++ .../templates/operator-cluster-role.yaml | 49 +++++ .../templates/operator-clusterrole-binding.yaml | 20 ++ .../templates/operator-deployment.yaml | 81 +++++++++ .../templates/operator-service-account.yaml | 12 ++ .../etcd-operator/templates/restore-etcd-crd.yaml | 28 +++ .../restore-operator-clusterrole-binding.yaml | 20 ++ .../templates/restore-operator-deployment.yaml | 63 +++++++ .../restore-operator-service-account.yaml | 12 ++ .../templates/restore-operator-service.yaml | 20 ++ .../operator/charts/etcd-operator/values.yaml | 153 ++++++++++++++++ .../DAaaS/operator/charts/m3db-operator/Chart.yaml | 22 +++ vnfs/DAaaS/operator/charts/m3db-operator/LICENSE | 201 +++++++++++++++++++++ vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt | 12 ++ vnfs/DAaaS/operator/charts/m3db-operator/README.md | 14 ++ .../m3db-operator/templates/cluster_role.yaml | 35 ++++ .../templates/cluster_role_binding.yaml | 12 ++ .../m3db-operator/templates/service_account.yaml | 5 + .../m3db-operator/templates/stateful_set.yaml | 26 +++ .../operator/charts/m3db-operator/values.yaml | 6 + vnfs/DAaaS/operator/resources/m3db.labels | 7 + vnfs/DAaaS/operator/values.yaml | 29 +++ 34 files changed, 1295 insertions(+) create mode 100644 vnfs/DAaaS/operator/.helmignore create mode 100644 vnfs/DAaaS/operator/Chart.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/.helmignore create mode 100755 vnfs/DAaaS/operator/charts/etcd-operator/Chart.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/OWNERS create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/README.md create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/NOTES.txt create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/_helpers.tpl create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-cluster-role.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-deployment.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-service-account.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service.yaml create mode 100644 vnfs/DAaaS/operator/charts/etcd-operator/values.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/Chart.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/LICENSE create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/README.md create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role_binding.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/service_account.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/templates/stateful_set.yaml create mode 100644 vnfs/DAaaS/operator/charts/m3db-operator/values.yaml create mode 100644 vnfs/DAaaS/operator/resources/m3db.labels create mode 100644 vnfs/DAaaS/operator/values.yaml diff --git a/vnfs/DAaaS/operator/.helmignore b/vnfs/DAaaS/operator/.helmignore new file mode 100644 index 00000000..50af0317 --- /dev/null +++ b/vnfs/DAaaS/operator/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/vnfs/DAaaS/operator/Chart.yaml b/vnfs/DAaaS/operator/Chart.yaml new file mode 100644 index 00000000..01c1eb03 --- /dev/null +++ b/vnfs/DAaaS/operator/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: A collection of operator Helm charts. +name: operator +version: 0.1.0 diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/.helmignore b/vnfs/DAaaS/operator/charts/etcd-operator/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/Chart.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/Chart.yaml new file mode 100755 index 00000000..bdaea5ae --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +description: CoreOS etcd-operator Helm chart for Kubernetes +name: etcd-operator +version: 0.8.3 +appVersion: 0.9.3 +home: https://github.com/coreos/etcd-operator +icon: https://raw.githubusercontent.com/coreos/etcd/master/logos/etcd-horizontal-color.png +sources: +- https://github.com/coreos/etcd-operator +maintainers: +- name: lachie83 + email: lachlan@deis.com +- name: alejandroEsc + email: jaescobar.cell@gmail.com diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/OWNERS b/vnfs/DAaaS/operator/charts/etcd-operator/OWNERS new file mode 100644 index 00000000..1385151c --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/OWNERS @@ -0,0 +1,6 @@ +approvers: +- lachie83 +- alejandroEsc +reviewers: +- lachie83 +- alejandroEsc diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/README.md b/vnfs/DAaaS/operator/charts/etcd-operator/README.md new file mode 100644 index 00000000..e8fa9c51 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/README.md @@ -0,0 +1,158 @@ +# CoreOS etcd-operator + +[etcd-operator](https://coreos.com/blog/introducing-the-etcd-operator.html) Simplify etcd cluster +configuration and management. + +__DISCLAIMER:__ While this chart has been well-tested, the etcd-operator is still currently in beta. +Current project status is available [here](https://github.com/coreos/etcd-operator). + +## Introduction + +This chart bootstraps an etcd-operator and allows the deployment of etcd-cluster(s). + +## Official Documentation + +Official project documentation found [here](https://github.com/coreos/etcd-operator) + +## Prerequisites + +- Kubernetes 1.4+ with Beta APIs enabled +- __Suggested:__ PV provisioner support in the underlying infrastructure to support backups + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```bash +$ helm install stable/etcd-operator --name my-release +``` + +__Note__: If you set `cluster.enabled` on install, it will have no effect. +Before you create an etcd cluster, the TPR must be installed by the operator, so this option is ignored during helm installs, but can be used in upgrades. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` + +The command removes all the Kubernetes components EXCEPT the persistent volume. + +## Updating +Updating the TPR resource will not result in the cluster being update until `kubectl apply` for +TPRs is fixed see [kubernetes/issues/29542](https://github.com/kubernetes/kubernetes/issues/29542) +Work around options are documented [here](https://github.com/coreos/etcd-operator#resize-an-etcd-cluster) + +## Configuration + +The following table lists the configurable parameters of the etcd-operator chart and their default values. + +| Parameter | Description | Default | +| ------------------------------------------------- | -------------------------------------------------------------------- | ---------------------------------------------- | +| `rbac.create` | Install required RBAC service account, roles and rolebindings | `true` | +| `rbac.apiVersion` | RBAC api version `v1alpha1\|v1beta1` | `v1beta1` | +| `rbac.etcdOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-operator-sa` | +| `rbac.backupOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-backup-operator-sa` | +| `rbac.restoreOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-restore-operator-sa` | +| `deployments.etcdOperator` | Deploy the etcd cluster operator | `true` | +| `deployments.backupOperator` | Deploy the etcd backup operator | `true` | +| `deployments.restoreOperator` | Deploy the etcd restore operator | `true` | +| `customResources.createEtcdClusterCRD` | Create a custom resource: EtcdCluster | `false` | +| `customResources.createBackupCRD` | Create an a custom resource: EtcdBackup | `false` | +| `customResources.createRestoreCRD` | Create an a custom resource: EtcdRestore | `false` | +| `etcdOperator.name` | Etcd Operator name | `etcd-operator` | +| `etcdOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `etcdOperator.image.repository` | etcd-operator container image | `quay.io/coreos/etcd-operator` | +| `etcdOperator.image.tag` | etcd-operator container image tag | `v0.9.3` | +| `etcdOperator.image.pullpolicy` | etcd-operator container image pull policy | `Always` | +| `etcdOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `etcdOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `etcdOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `etcdOperator.commandArgs` | Additional command arguments | `{}` | +| `backupOperator.name` | Backup operator name | `etcd-backup-operator` | +| `backupOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `backupOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` | +| `backupOperator.image.tag` | Operator container image tag | `v0.9.3` | +| `backupOperator.image.pullpolicy` | Operator container image pull policy | `Always` | +| `backupOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `backupOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `backupOperator.spec.storageType` | Storage to use for backup file, currently only S3 supported | `S3` | +| `backupOperator.spec.s3.s3Bucket` | Bucket in S3 to store backup file | | +| `backupOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | | +| `backupOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `backupOperator.commandArgs` | Additional command arguments | `{}` | +| `restoreOperator.name` | Restore operator name | `etcd-backup-operator` | +| `restoreOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` | +| `restoreOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` | +| `restoreOperator.image.tag` | Operator container image tag | `v0.9.3` | +| `restoreOperator.image.pullpolicy` | Operator container image pull policy | `Always` | +| `restoreOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` | +| `restoreOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` | +| `restoreOperator.spec.s3.path` | Path in S3 bucket containing the backup file | | +| `restoreOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | | +| `restoreOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` | +| `restoreOperator.commandArgs` | Additional command arguments | `{}` | +| `etcdCluster.name` | etcd cluster name | `etcd-cluster` | +| `etcdCluster.size` | etcd cluster size | `3` | +| `etcdCluster.version` | etcd cluster version | `3.2.25` | +| `etcdCluster.image.repository` | etcd container image | `quay.io/coreos/etcd-operator` | +| `etcdCluster.image.tag` | etcd container image tag | `v3.2.25` | +| `etcdCluster.image.pullPolicy` | etcd container image pull policy | `Always` | +| `etcdCluster.enableTLS` | Enable use of TLS | `false` | +| `etcdCluster.tls.static.member.peerSecret` | Kubernetes secret containing TLS peer certs | `etcd-peer-tls` | +| `etcdCluster.tls.static.member.serverSecret` | Kubernetes secret containing TLS server certs | `etcd-server-tls` | +| `etcdCluster.tls.static.operatorSecret` | Kubernetes secret containing TLS client certs | `etcd-client-tls` | +| `etcdCluster.pod.antiAffinity` | Whether etcd cluster pods should have an antiAffinity | `false` | +| `etcdCluster.pod.resources.limits.cpu` | CPU limit per etcd cluster pod | `100m` | +| `etcdCluster.pod.resources.limits.memory` | Memory limit per etcd cluster pod | `128Mi` | +| `etcdCluster.pod.resources.requests.cpu` | CPU request per etcd cluster pod | `100m` | +| `etcdCluster.pod.resources.requests.memory` | Memory request per etcd cluster pod | `128Mi` | +| `etcdCluster.pod.nodeSelector` | Node labels for etcd cluster pod assignment | `{}` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example: + +```bash +$ helm install --name my-release --set image.tag=v0.2.1 stable/etcd-operator +``` + +Alternatively, a YAML file that specifies the values for the parameters can be provided while +installing the chart. For example: + +```bash +$ helm install --name my-release --values values.yaml stable/etcd-operator +``` + +## RBAC +By default the chart will install the recommended RBAC roles and rolebindings. + +To determine if your cluster supports this running the following: + +```console +$ kubectl api-versions | grep rbac +``` + +You also need to have the following parameter on the api server. See the following document for how to enable [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) + +``` +--authorization-mode=RBAC +``` + +If the output contains "beta" or both "alpha" and "beta" you can may install rbac by default, if not, you may turn RBAC off as described below. + +### RBAC role/rolebinding creation + +RBAC resources are enabled by default. To disable RBAC do the following: + +```console +$ helm install --name my-release stable/etcd-operator --set rbac.create=false +``` + +### Changing RBAC manifest apiVersion + +By default the RBAC resources are generated with the "v1beta1" apiVersion. To use "v1alpha1" do the following: + +```console +$ helm install --name my-release stable/etcd-operator --set rbac.install=true,rbac.apiVersion=v1alpha1 +``` diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/NOTES.txt b/vnfs/DAaaS/operator/charts/etcd-operator/templates/NOTES.txt new file mode 100644 index 00000000..c33ee014 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/NOTES.txt @@ -0,0 +1,33 @@ +{{- $clusterEnabled := (and (not .Release.IsInstall) .Values.customResources.createEtcdClusterCRD) -}} +{{- if and .Release.IsInstall .Values.customResources.createEtcdClusterCRD -}} +Not enabling cluster, the ThirdPartResource must be installed before you can create a Cluster. Continuing rest of normal deployment. + +{{ end -}} + +{{- if $clusterEnabled -}} +1. Watch etcd cluster start + kubectl get pods -l etcd_cluster={{ .Values.etcdCluster.name }} --namespace {{ .Release.Namespace }} -w + +2. Confirm etcd cluster is healthy + $ kubectl run --rm -i --tty --env="ETCDCTL_API=3" --env="ETCDCTL_ENDPOINTS=http://{{ .Values.etcdCluster.name }}-client:2379" --namespace {{ .Release.Namespace }} etcd-test --image quay.io/coreos/etcd --restart=Never -- /bin/sh -c 'watch -n1 "etcdctl member list"' + +3. Interact with the cluster! + $ kubectl run --rm -i --tty --env ETCDCTL_API=3 --namespace {{ .Release.Namespace }} etcd-test --image quay.io/coreos/etcd --restart=Never -- /bin/sh + / # etcdctl --endpoints http://{{ .Values.etcdCluster.name }}-client:2379 put foo bar + / # etcdctl --endpoints http://{{ .Values.etcdCluster.name }}-client:2379 get foo + OK + (ctrl-D to exit) + +4. Optional + Check the etcd-operator logs + export POD=$(kubectl get pods -l app={{ template "etcd-operator.fullname" . }} --namespace {{ .Release.Namespace }} --output name) + kubectl logs $POD --namespace={{ .Release.Namespace }} + +{{- else -}} +1. etcd-operator deployed. + If you would like to deploy an etcd-cluster set cluster.enabled to true in values.yaml + Check the etcd-operator logs + export POD=$(kubectl get pods -l app={{ template "etcd-operator.fullname" . }} --namespace {{ .Release.Namespace }} --output name) + kubectl logs $POD --namespace={{ .Release.Namespace }} + +{{- end -}} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/_helpers.tpl b/vnfs/DAaaS/operator/charts/etcd-operator/templates/_helpers.tpl new file mode 100644 index 00000000..03f9a26b --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/_helpers.tpl @@ -0,0 +1,75 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "etcd-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.etcdOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "etcd-backup-operator.name" -}} +{{- default .Chart.Name .Values.backupOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-backup-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.backupOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "etcd-restore-operator.name" -}} +{{- default .Chart.Name .Values.restoreOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "etcd-restore-operator.fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s-%s" .Release.Name $name .Values.restoreOperator.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the etcd-operator service account to use +*/}} +{{- define "etcd-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.etcdOperatorServiceAccount.create -}} + {{ default (include "etcd-operator.fullname" .) .Values.serviceAccount.etcdOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.etcdOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the backup-operator service account to use +*/}} +{{- define "etcd-backup-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.backupOperatorServiceAccount.create -}} + {{ default (include "etcd-backup-operator.fullname" .) .Values.serviceAccount.backupOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.backupOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the restore-operator service account to use +*/}} +{{- define "etcd-restore-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.restoreOperatorServiceAccount.create -}} + {{ default (include "etcd-restore-operator.fullname" .) .Values.serviceAccount.restoreOperatorServiceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.restoreOperatorServiceAccount.name }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml new file mode 100644 index 00000000..5528f766 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-etcd-crd.yaml @@ -0,0 +1,18 @@ +{{- if .Values.customResources.createBackupCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdBackup" +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + clusterName: {{ .Values.etcdCluster.name }} +{{ toYaml .Values.backupOperator.spec | indent 2 }} +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml new file mode 100644 index 00000000..526b2454 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.backupOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-backup-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml new file mode 100644 index 00000000..d5c421c1 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-deployment.yaml @@ -0,0 +1,59 @@ +{{- if .Values.deployments.backupOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-backup-operator.fullname" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.backupOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-backup-operator.fullname" . }} + labels: + app: {{ template "etcd-backup-operator.fullname" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-backup-operator.serviceAccountName" . }} + containers: + - name: {{ .Values.backupOperator.name }} + image: "{{ .Values.backupOperator.image.repository }}:{{ .Values.backupOperator.image.tag }}" + imagePullPolicy: {{ .Values.backupOperator.image.pullPolicy }} + command: + - etcd-backup-operator +{{- range $key, $value := .Values.backupOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + resources: + limits: + cpu: {{ .Values.backupOperator.resources.cpu }} + memory: {{ .Values.backupOperator.resources.memory }} + requests: + cpu: {{ .Values.backupOperator.resources.cpu }} + memory: {{ .Values.backupOperator.resources.memory }} + {{- if .Values.backupOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.backupOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.backupOperator.tolerations }} + tolerations: +{{ toYaml .Values.backupOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml new file mode 100644 index 00000000..06aec3df --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/backup-operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.backupOperatorServiceAccount.create .Values.deployments.backupOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-backup-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-backup-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml new file mode 100644 index 00000000..0d385d8f --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/etcd-cluster-crd.yaml @@ -0,0 +1,25 @@ +{{- if .Values.customResources.createEtcdClusterCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdCluster" +metadata: + name: {{ .Values.etcdCluster.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + size: {{ .Values.etcdCluster.size }} + version: "{{ .Values.etcdCluster.version }}" + pod: +{{ toYaml .Values.etcdCluster.pod | indent 4 }} + {{- if .Values.etcdCluster.enableTLS }} + TLS: +{{ toYaml .Values.etcdCluster.tls | indent 4 }} + {{- end }} +{{- end }} + diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-cluster-role.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-cluster-role.yaml new file mode 100644 index 00000000..62085978 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-cluster-role.yaml @@ -0,0 +1,49 @@ +{{- if .Values.rbac.create }} +--- +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +kind: ClusterRole +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - etcd.database.coreos.com + resources: + - etcdclusters + - etcdbackups + - etcdrestores + verbs: + - "*" +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + verbs: + - "*" +- apiGroups: + - apps + resources: + - deployments + verbs: + - "*" +- apiGroups: + - "" + resources: + - secrets + verbs: + - get +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml new file mode 100644 index 00000000..09594ccc --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.etcdOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-deployment.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-deployment.yaml new file mode 100644 index 00000000..bb6b1a75 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-deployment.yaml @@ -0,0 +1,81 @@ +{{- if .Values.deployments.etcdOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-operator.fullname" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.etcdOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-operator.fullname" . }} + labels: + app: {{ template "etcd-operator.fullname" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-operator.serviceAccountName" . }} + containers: + - name: {{ template "etcd-operator.fullname" . }} + image: "{{ .Values.etcdOperator.image.repository }}:{{ .Values.etcdOperator.image.tag }}" + imagePullPolicy: {{ .Values.etcdOperator.image.pullPolicy }} + command: + - etcd-operator +{{- range $key, $value := .Values.etcdOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + resources: + limits: + cpu: {{ .Values.etcdOperator.resources.cpu }} + memory: {{ .Values.etcdOperator.resources.memory }} + requests: + cpu: {{ .Values.etcdOperator.resources.cpu }} + memory: {{ .Values.etcdOperator.resources.memory }} + {{- if .Values.etcdOperator.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /readyz + port: 8080 + initialDelaySeconds: {{ .Values.etcdOperator.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.etcdOperator.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.etcdOperator.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.etcdOperator.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.etcdOperator.livenessProbe.failureThreshold }} + {{- end}} + {{- if .Values.etcdOperator.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /readyz + port: 8080 + initialDelaySeconds: {{ .Values.etcdOperator.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.etcdOperator.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.etcdOperator.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.etcdOperator.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.etcdOperator.readinessProbe.failureThreshold }} + {{- end }} + {{- if .Values.etcdOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.etcdOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.etcdOperator.tolerations }} + tolerations: +{{ toYaml .Values.etcdOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-service-account.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-service-account.yaml new file mode 100644 index 00000000..2faba8af --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.etcdOperatorServiceAccount.create .Values.deployments.etcdOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml new file mode 100644 index 00000000..73faaab8 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-etcd-crd.yaml @@ -0,0 +1,28 @@ +{{- if .Values.customResources.createRestoreCRD }} +--- +apiVersion: "etcd.database.coreos.com/v1beta2" +kind: "EtcdRestore" +metadata: + # An EtcdCluster with the same name will be created + name: {{ .Values.etcdCluster.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + "helm.sh/hook": "post-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +spec: + clusterSpec: + size: {{ .Values.etcdCluster.size }} + baseImage: "{{ .Values.etcdCluster.image.repository }}" + version: {{ .Values.etcdCluster.image.tag }} + pod: +{{ toYaml .Values.etcdCluster.pod | indent 6 }} + {{- if .Values.etcdCluster.enableTLS }} + TLS: +{{ toYaml .Values.etcdCluster.tls | indent 6 }} + {{- end }} +{{ toYaml .Values.restoreOperator.spec | indent 2 }} +{{- end}} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml new file mode 100644 index 00000000..9a6696ef --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-clusterrole-binding.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.rbac.create .Values.deployments.restoreOperator }} +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }} +metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +subjects: +- kind: ServiceAccount + name: {{ template "etcd-restore-operator.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "etcd-operator.fullname" . }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml new file mode 100644 index 00000000..5c4784de --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-deployment.yaml @@ -0,0 +1,63 @@ +{{- if .Values.deployments.restoreOperator }} +--- +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} + replicas: {{ .Values.restoreOperator.replicaCount }} + template: + metadata: + name: {{ template "etcd-restore-operator.fullname" . }} + labels: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "etcd-restore-operator.serviceAccountName" . }} + containers: + - name: {{ .Values.restoreOperator.name }} + image: "{{ .Values.restoreOperator.image.repository }}:{{ .Values.restoreOperator.image.tag }}" + imagePullPolicy: {{ .Values.restoreOperator.image.pullPolicy }} + ports: + - containerPort: {{ .Values.restoreOperator.port }} + command: + - etcd-restore-operator +{{- range $key, $value := .Values.restoreOperator.commandArgs }} + - "--{{ $key }}={{ $value }}" +{{- end }} + env: + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SERVICE_ADDR + value: "{{ .Values.restoreOperator.name }}:{{ .Values.restoreOperator.port }}" + resources: + limits: + cpu: {{ .Values.restoreOperator.resources.cpu }} + memory: {{ .Values.restoreOperator.resources.memory }} + requests: + cpu: {{ .Values.restoreOperator.resources.cpu }} + memory: {{ .Values.restoreOperator.resources.memory }} + {{- if .Values.restoreOperator.nodeSelector }} + nodeSelector: +{{ toYaml .Values.restoreOperator.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.restoreOperator.tolerations }} + tolerations: +{{ toYaml .Values.restoreOperator.tolerations | indent 8 }} + {{- end }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml new file mode 100644 index 00000000..595cee92 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service-account.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.serviceAccount.restoreOperatorServiceAccount.create .Values.deployments.restoreOperator }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "etcd-restore-operator.serviceAccountName" . }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- end }} \ No newline at end of file diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service.yaml new file mode 100644 index 00000000..052be364 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/templates/restore-operator-service.yaml @@ -0,0 +1,20 @@ +{{- if .Values.deployments.restoreOperator }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.restoreOperator.name }} + labels: + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: {{ template "etcd-restore-operator.name" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + ports: + - protocol: TCP + name: http-etcd-restore-port + port: {{ .Values.restoreOperator.port }} + selector: + app: {{ template "etcd-restore-operator.name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/vnfs/DAaaS/operator/charts/etcd-operator/values.yaml b/vnfs/DAaaS/operator/charts/etcd-operator/values.yaml new file mode 100644 index 00000000..1260e077 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/etcd-operator/values.yaml @@ -0,0 +1,153 @@ +# Default values for etcd-operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +## Install Default RBAC roles and bindings +rbac: + create: true + apiVersion: v1beta1 + +## Service account names and whether to create them +serviceAccount: + etcdOperatorServiceAccount: + create: true + name: + backupOperatorServiceAccount: + create: true + name: + restoreOperatorServiceAccount: + create: true + name: + +# Select what to deploy +deployments: + etcdOperator: true + # one time deployment, delete once completed, + # Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/walkthrough/backup-operator.md + backupOperator: true + # one time deployment, delete once completed + # Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/walkthrough/restore-operator.md + restoreOperator: true + +# creates custom resources, not all required, +# you could use `helm template --values --name release_name ... ` +# and create the resources yourself to deploy on your cluster later +customResources: + createEtcdClusterCRD: false + createBackupCRD: false + createRestoreCRD: false + +# etcdOperator +etcdOperator: + name: etcd-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + resources: + cpu: 100m + memory: 128Mi + ## Node labels for etcd-operator pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: + cluster-wide: true + ## Configurable health checks against the /readyz endpoint that etcd-operator exposes + readinessProbe: + enabled: false + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + enabled: false + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 +# backup spec +backupOperator: + name: etcd-backup-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + resources: + cpu: 100m + memory: 128Mi + spec: + storageType: S3 + s3: + s3Bucket: + awsSecret: + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: {} + +# restore spec +restoreOperator: + name: etcd-restore-operator + replicaCount: 1 + image: + repository: quay.io/coreos/etcd-operator + tag: v0.9.3 + pullPolicy: Always + port: 19999 + resources: + cpu: 100m + memory: 128Mi + spec: + s3: + # The format of "path" must be: "/" + # e.g: "etcd-snapshot-bucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup" + path: + awsSecret: + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} + ## additional command arguments go here; will be translated to `--key=value` form + ## e.g., analytics: true + commandArgs: {} + +## etcd-cluster specific values +etcdCluster: + name: etcd + size: 3 + version: 3.2.25 + image: + repository: quay.io/coreos/etcd + tag: v3.2.25 + pullPolicy: Always + enableTLS: false + # TLS configs + tls: + static: + member: + peerSecret: etcd-peer-tls + serverSecret: etcd-server-tls + operatorSecret: etcd-client-tls + ## etcd cluster pod specific values + ## Ref: https://github.com/coreos/etcd-operator/blob/master/doc/user/spec_examples.md#three-members-cluster-with-resource-requirement + pod: + ## Antiaffinity for etcd pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + antiAffinity: false + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + ## Node labels for etcd pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + nodeSelector: {} diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/Chart.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/Chart.yaml new file mode 100644 index 00000000..ebdc0b40 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/Chart.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +name: m3db-operator +version: 0.1.3 +# TODO(PS) - helm has issues with GKE's SemVer +# Error: Chart requires kubernetesVersion: >=1.10.6 which is incompatible with Kubernetes v1.10.7-gke.2 +# +#kubeVersion: ">=1.10.7" +description: Kubernetes operator for M3DB timeseries database +keywords: + - operator + - m3 +home: https://github.com/m3db/m3db-operator +sources: + - https://github.com/m3db/m3db-operator +maintainers: + - name: m3 Authors + email: m3db@googlegroups.com + url: https://operator.m3db.io/ +engine: gotpl +icon: https://raw.githubusercontent.com/m3db/m3/master/docs/theme/assets/images/M3-logo.png +appVersion: ">0.4.7" +tillerVersion: ">=2.11.0" diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/LICENSE b/vnfs/DAaaS/operator/charts/m3db-operator/LICENSE new file mode 100644 index 00000000..261eeb9e --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt b/vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt new file mode 100644 index 00000000..ca4143db --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/NOTES.txt @@ -0,0 +1,12 @@ + ___ _ _ + / _ \ _ __ ___ _ __ __ _| |_ ___ _ __ | |__ __ _ ___ +| | | | '_ \ / _ \ '__/ _` | __/ _ \| '__| | '_ \ / _` / __| +| |_| | |_) | __/ | | (_| | || (_) | | | | | | (_| \__ \ + \___/| .__/ \___|_| \__,_|\__\___/|_| |_| |_|\__,_|___/ + |_| + _ _ _ _ _ _ +| |__ ___ ___ _ __ (_)_ __ ___| |_ __ _| | | ___ __| | +| '_ \ / _ \/ _ \ '_ \ | | '_ \/ __| __/ _` | | |/ _ \/ _` | +| |_) | __/ __/ | | | | | | | \__ \ || (_| | | | __/ (_| | +|_.__/ \___|\___|_| |_| |_|_| |_|___/\__\__,_|_|_|\___|\__,_| + diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/README.md b/vnfs/DAaaS/operator/charts/m3db-operator/README.md new file mode 100644 index 00000000..0a532d31 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/README.md @@ -0,0 +1,14 @@ +### Helm Charts for M3DB clusters on Kubernetes + +### Prerequisite + +[Install helm](https://docs.helm.sh/using_helm/#installing-helm) + +### Installing m3db-operator chart + +``` +cd helm/m3db-operator +helm package . +helm install m3db-operator-0.0.1.tgz +``` + diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role.yaml new file mode 100644 index 00000000..7bf41739 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role.yaml @@ -0,0 +1,35 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: {{ .Values.operator.name }} +rules: +- apiGroups: ["extensions"] + resources: ["deployments", "replicasets", "daemonsets"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "create", "delete", "deletecollection"] +- apiGroups: [""] + resources: ["persistentvolumes", "persistentvolumeclaims", "services", "secrets", "configmaps"] + verbs: ["create", "get", "update", "delete", "list"] +- apiGroups: ["batch"] + resources: ["cronjobs", "jobs"] + verbs: ["create", "get", "deletecollection", "delete"] +- apiGroups: [""] + resources: ["pods"] + verbs: ["list", "get", "watch", "update"] +- apiGroups: ["apps"] + resources: ["statefulsets", "deployments"] + verbs: ["*"] +- apiGroups: ["operator.m3db.io"] + resources: ["*"] + verbs: ["*"] +- apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +- apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role_binding.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role_binding.yaml new file mode 100644 index 00000000..876a6705 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/templates/cluster_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ .Values.operator.name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Values.operator.name }} +subjects: +- kind: ServiceAccount + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/templates/service_account.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/templates/service_account.yaml new file mode 100644 index 00000000..a65e90bc --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/templates/service_account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/templates/stateful_set.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/templates/stateful_set.yaml new file mode 100644 index 00000000..d1002378 --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/templates/stateful_set.yaml @@ -0,0 +1,26 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Values.operator.name }} + namespace: {{ .Release.Namespace }} +spec: + serviceName: {{ .Values.operator.name }} + replicas: 1 + selector: + matchLabels: + name: {{ .Values.operator.name }} + template: + metadata: + labels: + name: {{ .Values.operator.name }} + spec: + containers: + - name: {{ .Values.operator.name }} + image: {{ .Values.image.repository}}:{{ .Values.image.tag }} + command: + - m3db-operator + imagePullPolicy: Always + env: + - name: ENVIRONMENT + value: {{ .Values.environment }} + serviceAccount: {{ .Values.operator.name }} diff --git a/vnfs/DAaaS/operator/charts/m3db-operator/values.yaml b/vnfs/DAaaS/operator/charts/m3db-operator/values.yaml new file mode 100644 index 00000000..8411d77e --- /dev/null +++ b/vnfs/DAaaS/operator/charts/m3db-operator/values.yaml @@ -0,0 +1,6 @@ +operator: + name: m3db-operator +image: + repository: quay.io/m3db/m3db-operator + tag: v0.1.3 +environment: production diff --git a/vnfs/DAaaS/operator/resources/m3db.labels b/vnfs/DAaaS/operator/resources/m3db.labels new file mode 100644 index 00000000..4f1ddd53 --- /dev/null +++ b/vnfs/DAaaS/operator/resources/m3db.labels @@ -0,0 +1,7 @@ +kubectl label node/otconap6 failure-domain.beta.kubernetes.io/region=us-west1 +kubectl label node/otconap11 failure-domain.beta.kubernetes.io/region=us-west1 +kubectl label node/otccloud02 failure-domain.beta.kubernetes.io/region=us-west1 + +kubectl label node/otconap6 failure-domain.beta.kubernetes.io/zone=us-west1-a --overwrite=true +kubectl label node/otconap11 failure-domain.beta.kubernetes.io/zone=us-west1-b --overwrite=true +kubectl label node/otccloud02 failure-domain.beta.kubernetes.io/zone=us-west1-c --overwrite=true \ No newline at end of file diff --git a/vnfs/DAaaS/operator/values.yaml b/vnfs/DAaaS/operator/values.yaml new file mode 100644 index 00000000..fd98eb36 --- /dev/null +++ b/vnfs/DAaaS/operator/values.yaml @@ -0,0 +1,29 @@ +# Copyright © 2019 Intel Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 310 + repository: nexus3.onap.org:10001 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# k8s Operator Day-0 configuration defaults. +################################################################# + -- 2.16.6