andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Added:
  gluu/:
    - 5.0.11

Updated:
  aquarist-labs/s3gw:
    - 0.12.0
  argo/argo-cd:
    - 5.22.1
  bitnami/airflow:
    - 14.0.12
  bitnami/cassandra:
    - 10.0.3
  bitnami/kafka:
    - 21.0.1
  bitnami/mariadb:
    - 11.5.0
  bitnami/mysql:
    - 9.5.0
  bitnami/postgresql:
    - 12.2.1
  bitnami/redis:
    - 17.8.0
  bitnami/spark:
    - 6.3.17
  bitnami/tomcat:
    - 10.5.16
  bitnami/wordpress:
    - 15.2.45
  bitnami/zookeeper:
    - 11.1.3
  clastix/kamaji:
    - 0.11.2
  cockroach-labs/cockroachdb:
    - 10.0.5
  crowdstrike/falcon-sensor:
    - 1.18.4
  datadog/datadog:
    - 3.10.9
  jaeger/jaeger-operator:
    - 2.40.0
  metallb/metallb:
    - 0.13.9
  nats/nats:
    - 0.19.11
  pixie/pixie-operator-chart:
    - 0.0.38
  redpanda/redpanda:
    - 2.10.6
  speedscale/speedscale-operator:
    - 1.2.23
  sysdig/sysdig:
    - 1.15.74
```
pull/673/head
github-actions[bot] 2023-02-22 15:04:28 +00:00
parent a033738aa5
commit 71f054620f
244 changed files with 2664 additions and 1088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/aquarist-labs/s3gw-0.12.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/argo/argo-cd-5.22.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/airflow-14.0.12.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/cassandra-10.0.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/kafka-21.0.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mariadb-11.5.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mysql-9.5.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/postgresql-12.2.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/redis-17.8.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/spark-6.3.17.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/tomcat-10.5.16.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/wordpress-15.2.45.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/zookeeper-11.1.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/clastix/kamaji-0.11.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/cockroach-labs/cockroachdb-10.0.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/crowdstrike/falcon-sensor-1.18.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/datadog/datadog-3.10.9.tgz Normal file
View File

Binary file not shown.

BIN
assets/gluu/gluu-5.0.11.tgz Normal file
View File

Binary file not shown.

BIN
assets/jaeger/jaeger-operator-2.40.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/metallb/metallb-0.13.9.tgz Normal file
View File

Binary file not shown.

BIN
assets/nats/nats-0.19.11.tgz Normal file
View File

Binary file not shown.

BIN
assets/pixie/pixie-operator-chart-0.0.3801.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-2.10.6.tgz Normal file
View File

Binary file not shown.

BIN
assets/speedscale/speedscale-operator-1.2.23.tgz Normal file
View File

Binary file not shown.

BIN
assets/sysdig/sysdig-1.15.74.tgz Normal file
View File

Binary file not shown.

2
charts/aquarist-labs/s3gw/Chart.yaml
View File

@ -26,4 +26,4 @@ sources:
- https://github.com/aquarist-labs/s3gw
- https://github.com/aquarist-labs/ceph
type: application
version: 0.11.0
version: 0.12.0

8
charts/argo/argo-cd/Chart.yaml
View File

@ -1,13 +1,13 @@
annotations:
artifacthub.io/changes: |
- kind: added
description: Allow dnsConfig pod configuration
- kind: changed
description: Grouped component templates together
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Argo CD
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: argo-cd
apiVersion: v2
appVersion: v2.6.1
appVersion: v2.6.2
dependencies:
- condition: redis-ha.enabled
name: redis-ha
@ -29,4 +29,4 @@ name: argo-cd
sources:
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
- https://github.com/argoproj/argo-cd
version: 5.21.0
version: 5.22.1

23
charts/argo/argo-cd/README.md
View File

@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.21.0
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
### 5.19.0
This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections.
@ -381,6 +385,9 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| global.additionalLabels | object | `{}` | Common labels for the all resources |
| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` |
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` |
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
@ -460,7 +467,7 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| controller.args | object | `{}` | DEPRECATED - Application controller commandline flags |
| controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource |
| controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource |
@ -529,7 +536,7 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
| repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server |
| repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] |
@ -622,7 +629,7 @@ NAME: my-release
| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] |
| server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate |
| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. |
| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer |
| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server |
| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] |
@ -785,7 +792,7 @@ server:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret |
| dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. |
| dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) |
@ -869,7 +876,7 @@ server:
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment |
| redis.containerPorts.metrics | int | `9121` | Metrics container port |
| redis.containerPorts.redis | int | `6379` | Redis container port |
| redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context |
@ -979,7 +986,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules |
| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags |
| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port |
| applicationSet.containerPorts.probe | int | `8081` | Probe container port |
@ -1063,9 +1070,9 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| notifications.affinity | object | `{}` | Assign custom [affinity] rules |
| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules |
| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context |
| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] |
| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods |

54
charts/argo/argo-cd/templates/_common.tpl
View File

@ -63,3 +63,57 @@ app.kubernetes.io/instance: {{ .context.Release.Name }}
app.kubernetes.io/component: {{ .component }}
{{- end }}
{{- end }}
{{/*
Common affinity definition
Pod affinity
- Soft prefers different nodes
- Hard requires different nodes and prefers different availibility zones
Node affinity
- Soft prefers given user expressions
- Hard requires given user expressions
*/}}
{{- define "argo-cd.affinity" -}}
{{- with .component.affinity -}}
{{- toYaml . -}}
{{- else -}}
{{- $preset := .context.Values.global.affinity -}}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
{{- if (eq $preset.podAntiAffinity "soft") }}
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- else }}
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: topology.kubernetes.io/zone
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- end }}
{{- with $preset.nodeAffinity.matchExpressions }}
nodeAffinity:
{{- if (eq $preset.nodeAffinity.type "soft") }}
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
{{- toYaml . | nindent 6 }}
{{- else }}
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end -}}

100
charts/argo/argo-cd/templates/_helpers.tpl
View File

@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'.
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the controller service account to use
*/}}
{{- define "argo-cd.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create dex name and version as used by the chart label.
*/}}
@ -26,6 +37,17 @@ Create Dex server endpoint
{{- printf "%s://%s:%d" $scheme $host $port }}
{{- end }}
{{/*
Create the name of the dex service account to use
*/}}
{{- define "argo-cd.dexServiceAccountName" -}}
{{- if .Values.dex.serviceAccount.create -}}
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.dex.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create redis name and version as used by the chart label.
*/}}
@ -53,56 +75,6 @@ Return Redis server endpoint
{{- end }}
{{- end -}}
{{/*
Create argocd server name and version as used by the chart label.
*/}}
{{- define "argo-cd.server.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd repo-server name and version as used by the chart label.
*/}}
{{- define "argo-cd.repoServer.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd application set name and version as used by the chart label.
*/}}
{{- define "argo-cd.applicationSet.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create argocd notifications name and version as used by the chart label.
*/}}
{{- define "argo-cd.notifications.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the controller service account to use
*/}}
{{- define "argo-cd.controllerServiceAccountName" -}}
{{- if .Values.controller.serviceAccount.create -}}
{{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.controller.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the dex service account to use
*/}}
{{- define "argo-cd.dexServiceAccountName" -}}
{{- if .Values.dex.serviceAccount.create -}}
{{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.dex.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the redis service account to use
*/}}
@ -114,6 +86,13 @@ Create the name of the redis service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd server name and version as used by the chart label.
*/}}
{{- define "argo-cd.server.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the Argo CD server service account to use
*/}}
@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd repo-server name and version as used by the chart label.
*/}}
{{- define "argo-cd.repoServer.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the repo-server service account to use
*/}}
@ -136,6 +122,13 @@ Create the name of the repo-server service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd application set name and version as used by the chart label.
*/}}
{{- define "argo-cd.applicationSet.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the application set service account to use
*/}}
@ -147,6 +140,13 @@ Create the name of the application set service account to use
{{- end -}}
{{- end -}}
{{/*
Create argocd notifications name and version as used by the chart label.
*/}}
{{- define "argo-cd.notifications.fullname" -}}
{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the notifications service account to use
*/}}

6
charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml
View File

@ -264,6 +264,8 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }}
{{- with .Values.controller.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -272,10 +274,6 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}

6
charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml
View File

@ -198,14 +198,12 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }}
{{- with .Values.applicationSet.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}

6
charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml
View File

@ -53,14 +53,12 @@ spec:
{{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }}
{{- with .Values.notifications.bots.slack.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.bots.slack.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.bots.slack.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}

6
charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml
View File

@ -88,14 +88,12 @@ spec:
initContainers:
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }}
{{- with .Values.notifications.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}

6
charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml
View File

@ -291,6 +291,8 @@ spec:
{{- with .Values.repoServer.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }}
{{- with .Values.repoServer.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -299,10 +301,6 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}

6
charts/argo/argo-cd/templates/argocd-server/deployment.yaml
View File

@ -348,6 +348,8 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }}
{{- with .Values.server.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -356,10 +358,6 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}

4
charts/argo/argo-cd/templates/dex/deployment.yaml
View File

@ -146,10 +146,8 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dex.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }}
{{- with .Values.dex.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}

4
charts/argo/argo-cd/templates/redis/deployment.yaml
View File

@ -106,10 +106,8 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }}
{{- with .Values.redis.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}

25
charts/argo/argo-cd/values.yaml
View File

@ -92,12 +92,29 @@ global:
# hostnames:
# - git.myhostname
# Default network policy rules used by all components
networkPolicy:
# -- Create NetworkPolicy objects for all components
create: false
# -- Default deny all ingress traffic
defaultDenyIngress: false
# Default affinity preset for all components
affinity:
# -- Default pod anti-affinity rules. Either: `soft` or `hard`
podAntiAffinity: soft
# Node affinity rules
nodeAffinity:
# -- Default node affinity rules. Either: `soft` or `hard`
type: hard
# -- Default match expressions for node affinity
matchExpressions: []
# - key: topology.kubernetes.io/zone
# operator: In
# values:
# - antarctica-east1
# - antarctica-west1
## Argo Configs
configs:
# General Argo CD configuration
@ -627,6 +644,7 @@ controller:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the application controller
@ -965,6 +983,7 @@ dex:
# -- [Tolerations] for use with node taints
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to dex
@ -1136,6 +1155,7 @@ redis:
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to redis
@ -1523,6 +1543,7 @@ server:
# -- [Tolerations] for use with node taints
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server
@ -2014,6 +2035,7 @@ repoServer:
# -- [Tolerations] for use with node taints
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the repo server
@ -2349,6 +2371,7 @@ applicationSet:
tolerations: []
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default.
@ -2594,6 +2617,7 @@ notifications:
tolerations: []
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Priority class for the notifications controller pods
@ -2983,6 +3007,7 @@ notifications:
# memory: 128Mi
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- [Tolerations] for use with node taints

10
charts/bitnami/airflow/Chart.lock
View File

@ -1,12 +1,12 @@
dependencies:
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 17.6.0
version: 17.7.4
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 12.1.14
version: 12.2.0
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:245de8b17e6c836197d271e160ba44ee3b6fb119ba8becc70e590bdcb0e3bc5f
generated: "2023-02-02T13:03:40.325978595Z"
version: 2.2.3
digest: sha256:df2c76ca2f610b4a9af347185292ceb0df797123ecbbd075ba9d72153465d631
generated: "2023-02-17T14:12:20.08405837Z"

2
charts/bitnami/airflow/Chart.yaml
View File

@ -38,4 +38,4 @@ name: airflow
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/airflow
- https://airflow.apache.org/
version: 14.0.11
version: 14.0.12

185
charts/bitnami/airflow/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/airflow
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/airflow
```
## Introduction
@ -31,8 +31,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/airflow
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/airflow
```
These commands deploy Airflow on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -44,7 +44,7 @@ These commands deploy Airflow on the Kubernetes cluster in the default configura
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -59,7 +59,6 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
### Common parameters
| Name | Description | Value |
@ -75,7 +74,6 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.command` | Command to override all containers in the the deployment(s)/statefulset(s) | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the the deployment(s)/statefulset(s) | `["infinity"]` |
### Airflow common parameters
| Name | Description | Value |
@ -92,7 +90,7 @@ The command removes all the Kubernetes components associated with the chart and
| `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` |
| `dags.image.registry` | Init container load-dags image registry | `docker.io` |
| `dags.image.repository` | Init container load-dags image repository | `bitnami/bitnami-shell` |
| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r79` |
| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` |
| `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` |
@ -105,82 +103,80 @@ The command removes all the Kubernetes components associated with the chart and
| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for all the Airflow pods | `[]` |
| `extraVolumes` | Optionally specify extra list of additional volumes for the all the Airflow pods | `[]` |
### Airflow web parameters
| Name | Description | Value |
| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- |
| `web.image.registry` | Airflow image registry | `docker.io` |
| `web.image.repository` | Airflow image repository | `bitnami/airflow` |
| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.5.1-debian-11-r5` |
| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` |
| `web.image.pullSecrets` | Airflow image pull secrets | `[]` |
| `web.image.debug` | Enable image debug mode | `false` |
| `web.baseUrl` | URL used to access to Airflow web ui | `""` |
| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` |
| `web.command` | Override default container command (useful when using custom images) | `[]` |
| `web.args` | Override default container args (useful when using custom images) | `[]` |
| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` |
| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` |
| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` |
| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` |
| `web.containerPorts.http` | Airflow web HTTP container port | `8080` |
| `web.replicaCount` | Number of Airflow web replicas | `1` |
| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` |
| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` |
| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` |
| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` |
| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` |
| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` |
| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` |
| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` |
| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` |
| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` |
| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` |
| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` |
| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` |
| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` |
| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` |
| `web.hostAliases` | Deployment pod host aliases | `[]` |
| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` |
| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` |
| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` |
| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` |
| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` |
| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` |
| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` |
| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` |
| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` |
| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `web.priorityClassName` | Priority Class Name | `""` |
| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` |
| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` |
| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` |
| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` |
| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` |
| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` |
| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` |
| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` |
| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` |
| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` |
| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` |
| Name | Description | Value |
| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- |
| `web.image.registry` | Airflow image registry | `docker.io` |
| `web.image.repository` | Airflow image repository | `bitnami/airflow` |
| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.5.1-debian-11-r10` |
| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` |
| `web.image.pullSecrets` | Airflow image pull secrets | `[]` |
| `web.image.debug` | Enable image debug mode | `false` |
| `web.baseUrl` | URL used to access to Airflow web ui | `""` |
| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` |
| `web.command` | Override default container command (useful when using custom images) | `[]` |
| `web.args` | Override default container args (useful when using custom images) | `[]` |
| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` |
| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` |
| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` |
| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` |
| `web.containerPorts.http` | Airflow web HTTP container port | `8080` |
| `web.replicaCount` | Number of Airflow web replicas | `1` |
| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` |
| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` |
| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` |
| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` |
| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` |
| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` |
| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` |
| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` |
| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` |
| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` |
| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` |
| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` |
| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` |
| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` |
| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` |
| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` |
| `web.hostAliases` | Deployment pod host aliases | `[]` |
| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` |
| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` |
| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` |
| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` |
| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` |
| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` |
| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` |
| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` |
| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` |
| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `web.priorityClassName` | Priority Class Name | `""` |
| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` |
| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` |
| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` |
| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` |
| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` |
| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` |
| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` |
| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` |
| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` |
| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` |
| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` |
### Airflow scheduler parameters
@ -188,7 +184,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- |
| `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` |
| `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` |
| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.5.1-debian-11-r5` |
| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.5.1-debian-11-r9` |
| `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` |
| `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` |
@ -236,14 +232,13 @@ The command removes all the Kubernetes components associated with the chart and
| `scheduler.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `1` |
| `scheduler.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `""` |
### Airflow worker parameters
| Name | Description | Value |
| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ |
| `worker.image.registry` | Airflow Worker image registry | `docker.io` |
| `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.5.1-debian-11-r5` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.5.1-debian-11-r9` |
| `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` |
| `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` |
@ -317,14 +312,13 @@ The command removes all the Kubernetes components associated with the chart and
| `worker.autoscaling.targetCPU` | Define the CPU target to trigger the scaling actions (utilization percentage) | `80` |
| `worker.autoscaling.targetMemory` | Define the memory target to trigger the scaling actions (utilization percentage) | `80` |
### Airflow git sync parameters
| Name | Description | Value |
| ------------------------------ | --------------------------------------------------------------------------------------------------- | --------------------- |
| `git.image.registry` | Git image registry | `docker.io` |
| `git.image.repository` | Git image repository | `bitnami/git` |
| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.39.1-debian-11-r6` |
| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.39.2-debian-11-r0` |
| `git.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `git.image.pullPolicy` | Git image pull policy | `IfNotPresent` |
| `git.image.pullSecrets` | Git image pull secrets | `[]` |
@ -348,7 +342,6 @@ The command removes all the Kubernetes components associated with the chart and
| `git.sync.extraEnvVarsSecret` | Secret with extra environment variables | `""` |
| `git.sync.resources` | Sync sidecar container resource requests and limits | `{}` |
### Airflow ldap parameters
| Name | Description | Value |
@ -369,7 +362,6 @@ The command removes all the Kubernetes components associated with the chart and
| `ldap.tls.certificatesMountPath` | Where LDAP certifcates are mounted. | `/opt/bitnami/airflow/conf/certs` |
| `ldap.tls.CAFilename` | LDAP CA cert filename | `""` |
### Traffic Exposure Parameters
| Name | Description | Value |
@ -400,7 +392,6 @@ The command removes all the Kubernetes components associated with the chart and
| `ingress.secrets` | Custom TLS certificates as secrets | `[]` |
| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` |
### Other Parameters
| Name | Description | Value |
@ -412,7 +403,6 @@ The command removes all the Kubernetes components associated with the chart and
| `rbac.create` | Create Role and RoleBinding | `false` |
| `rbac.rules` | Custom RBAC rules to set | `[]` |
### Airflow metrics parameters
| Name | Description | Value |
@ -420,7 +410,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` |
| `metrics.image.registry` | Airflow exporter image registry | `docker.io` |
| `metrics.image.repository` | Airflow exporter image repository | `bitnami/airflow-exporter` |
| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r86` |
| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r91` |
| `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` |
@ -463,7 +453,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` |
| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` |
### Airflow database parameters
| Name | Description | Value |
@ -494,11 +483,8 @@ The command removes all the Kubernetes components associated with the chart and
| `externalRedis.existingSecret` | Name of an existing secret resource containing the Redis&trade credentials | `""` |
| `externalRedis.existingSecretPasswordKey` | Name of an existing secret key containing the Redis&trade credentials | `""` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set auth.username=my-user \
--set auth.password=my-passsword \
--set auth.fernetKey=my-fernet-key \
@ -513,7 +499,7 @@ The above command sets the credentials to access the Airflow web UI.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/airflow
helm install my-release -f values.yaml my-repo/airflow
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -657,6 +643,7 @@ Local executor runs tasks by spawning processes in the Scheduler pods. To enable
executor=LocalExecutor
redis.enabled=false
```
### LocalKubernetesExecutor
The LocalKubernetesExecutor is introduced in Airflow 2.3 and is a combination of both the Local and the Kubernetes executors. Tasks will be executed in the scheduler by default, but those tasks that require it can be executed in a Kubernetes pod using the 'kubernetes' queue.
@ -709,7 +696,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/airflow/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/airflow/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/airflow/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

6
charts/bitnami/airflow/charts/postgresql/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2022-12-14T19:37:46.129876178Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-09T18:59:17.379982577Z"

4
charts/bitnami/airflow/charts/postgresql/Chart.yaml
View File

@ -2,7 +2,7 @@ annotations:
category: Database
licenses: Apache-2.0
apiVersion: v2
appVersion: 15.1.0
appVersion: 15.2.0
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
@ -28,4 +28,4 @@ name: postgresql
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql
- https://www.postgresql.org/
version: 12.1.14
version: 12.2.0

33
charts/bitnami/airflow/charts/postgresql/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/postgresql
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/postgresql
```
## Introduction
@ -34,8 +34,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/postgresql
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/postgresql
```
The command deploys PostgreSQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -47,7 +47,7 @@ The command deploys PostgreSQL on the Kubernetes cluster in the default configur
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components but PVC's associated with the chart and deletes the release.
@ -55,7 +55,7 @@ The command removes all the Kubernetes components but PVC's associated with the
To delete the PVC's associated with `my-release`:
```console
$ kubectl delete pvc -l release=my-release
kubectl delete pvc -l release=my-release
```
> **Note**: Deleting the PVC's will delete postgresql data as well. Please be cautious before doing it.
@ -102,7 +102,7 @@ $ kubectl delete pvc -l release=my-release
| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `image.registry` | PostgreSQL image registry | `docker.io` |
| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r31` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.2.0-debian-11-r0` |
| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `[]` |
@ -383,7 +383,7 @@ $ kubectl delete pvc -l release=my-release
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r79` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r81` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -396,6 +396,7 @@ $ kubectl delete pvc -l release=my-release
| Name | Description | Value |
| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
| `serviceAccount.create` | Enable creation of ServiceAccount for PostgreSQL pod | `false` |
| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` |
@ -412,7 +413,7 @@ $ kubectl delete pvc -l release=my-release
| `metrics.enabled` | Start a prometheus exporter | `false` |
| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` |
| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r55` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r58` |
| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` |
@ -465,7 +466,6 @@ $ kubectl delete pvc -l release=my-release
| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
@ -476,13 +476,12 @@ $ helm install my-release \
The above command sets the PostgreSQL `postgres` account password to `secretpassword`.
> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available.
> **Warning** Setting a password will be ignored on new installation in case when previous Posgresql release was deleted through the helm command. In that case, old PVC will have an old password, and setting it through helm won't take effect. Deleting persistent volumes (PVs) will solve the issue. Refer to [issue 2061](https://github.com/bitnami/charts/issues/2061) for more details
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/postgresql
helm install my-release -f values.yaml my-repo/postgresql
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -583,7 +582,7 @@ The exporter allows to create custom metrics from additional SQL queries. See th
In more complex scenarios, we may have the following tree of dependencies
```
```text
+--------------+
| |
+------------+ Chart 1 +-----------+
@ -603,7 +602,7 @@ In more complex scenarios, we may have the following tree of dependencies
The three charts below depend on the parent chart Chart 1. However, subcharts 1 and 2 may need to connect to PostgreSQL as well. In order to do so, subcharts 1 and 2 need to know the PostgreSQL credentials, so one option for deploying could be deploy Chart 1 with the following parameters:
```
```text
postgresql.auth.username=testuser
subchart1.postgresql.auth.username=testuser
subchart2.postgresql.auth.username=testuser
@ -617,7 +616,7 @@ subchart2.postgresql.auth.database=testdb
If the number of dependent sub-charts increases, installing the chart with parameters can become increasingly difficult. An alternative would be to set the credentials using global variables as follows:
```
```text
global.postgresql.auth.username=testuser
global.postgresql.auth.password=testpass
global.postgresql.auth.database=testdb
@ -641,7 +640,7 @@ To enable network policy for PostgreSQL, install [a networking plugin that imple
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
```console
$ kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
```
With NetworkPolicy enabled, traffic will be limited to just port 5432.
@ -685,7 +684,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/airflow/charts/postgresql/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/airflow/charts/postgresql/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/airflow/charts/postgresql/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

84
charts/bitnami/airflow/charts/postgresql/templates/secrets.yaml
View File

@ -1,3 +1,23 @@
{{- $host := include "postgresql.primary.fullname" . }}
{{- $port := include "postgresql.service.port" . }}
{{- $postgresPassword := "" }}
{{- if .Values.auth.enablePostgresUser }}
{{- $postgresPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "postgres-password" "providedValues" (list "global.postgresql.auth.postgresPassword" "auth.postgresPassword") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $replicationPassword := "" }}
{{- if eq .Values.architecture "replication" }}
{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "replication-password" "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $ldapPassword := "" }}
{{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }}
{{- $ldapPassword = coalesce .Values.ldap.bind_password .Values.ldap.bindpw }}
{{- end }}
{{- $customUser := include "postgresql.username" . }}
{{- $password := "" }}
{{- if not (empty (include "postgresql.username" .)) }}
{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "password" "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $database := include "postgresql.database" . }}
{{- if (include "postgresql.createSecret" .) }}
apiVersion: v1
kind: Secret
@ -14,16 +34,70 @@ metadata:
type: Opaque
data:
{{- if .Values.auth.enablePostgresUser }}
postgres-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "postgres-password" "providedValues" (list "global.postgresql.auth.postgresPassword" "auth.postgresPassword") "context" $) }}
postgres-password: {{ $postgresPassword | b64enc | quote }}
{{- end }}
{{- if not (empty (include "postgresql.username" .)) }}
password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "password" "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) }}
password: {{ $password | b64enc | quote }}
{{- end }}
{{- if eq .Values.architecture "replication" }}
replication-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "replication-password" "providedValues" (list "auth.replicationPassword") "context" $) }}
replication-password: {{ $replicationPassword | b64enc | quote }}
{{- end }}
# We don't auto-generate LDAP password when it's not provided as we do for other passwords
{{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }}
ldap-password: {{ coalesce .Values.ldap.bind_password .Values.ldap.bindpw | b64enc | quote }}
ldap-password: {{ $ldapPassword | b64enc | quote }}
{{- end }}
{{- end -}}
{{- end }}
{{- if .Values.serviceBindings.enabled }}
{{- if .Values.auth.enablePostgresUser }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-postgres
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/postgresql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "postgresql" | b64enc | quote }}
host: {{ $host | b64enc | quote }}
port: {{ $port | b64enc | quote }}
user: {{ print "postgres" | b64enc | quote }}
database: {{ print "postgres" | b64enc | quote }}
password: {{ $postgresPassword | b64enc | quote }}
uri: {{ printf "postgresql://postgres:%s@%s:%s/postgres" $postgresPassword $host $port | b64enc | quote }}
{{- end }}
{{- if and (not (empty $customUser)) (ne $customUser "postgres") }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-custom-user
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/postgresql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "postgresql" | b64enc | quote }}
host: {{ $host | b64enc | quote }}
port: {{ $port | b64enc | quote }}
user: {{ $customUser | b64enc | quote }}
password: {{ $password | b64enc | quote }}
{{- if $database }}
database: {{ $database | b64enc | quote }}
{{- end }}
uri: {{ printf "postgresql://%s:%s@%s:%s/%s" $customUser $password $host $port $database | b64enc | quote }}
{{- end }}
{{- end }}

20
charts/bitnami/airflow/charts/postgresql/values.yaml
View File

@ -95,7 +95,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/postgresql
tag: 15.1.0-debian-11-r31
tag: 15.2.0-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -231,6 +231,7 @@ ldap:
enabled: false
## @param ldap.uri LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored.
## Ref: https://www.postgresql.org/docs/current/auth-ldap.html
##
uri: ""
## @param postgresqlDataDir PostgreSQL data dir folder
##
@ -1020,6 +1021,7 @@ readReplicas:
dataSource: {}
## @section NetworkPolicy parameters
##
## Add networkpolicies
##
@ -1070,6 +1072,7 @@ networkPolicy:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules: {}
## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.enabled Enable ingress rule that makes PostgreSQL read-only nodes only accessible from a particular origin.
## @param networkPolicy.ingressRules.readReplicasAccessOnlyFrom.namespaceSelector [object] Namespace selector label that is allowed to access the PostgreSQL read-only nodes. This label will be used to identified the allowed namespace(s).
@ -1095,6 +1098,7 @@ networkPolicy:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules: {}
## @param networkPolicy.egressRules.denyConnectionsToExternal Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).
## @param networkPolicy.egressRules.customRules [object] Custom network policy rule
@ -1109,9 +1113,11 @@ networkPolicy:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules: {}
## @section Volume Permissions parameters
##
## Init containers parameters:
## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node
@ -1130,7 +1136,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r79
tag: 11-debian-11-r81
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1158,6 +1164,13 @@ volumePermissions:
runAsUser: 0
## @section Other Parameters
##
## @param serviceBindings.enabled Create secret for service binding (Experimental)
## Ref: https://servicebinding.io/service-provider/
##
serviceBindings:
enabled: false
## Service account for PostgreSQL to use.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
@ -1202,6 +1215,7 @@ psp:
create: false
## @section Metrics Parameters
##
metrics:
## @param metrics.enabled Start a prometheus exporter
@ -1217,7 +1231,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/postgres-exporter
tag: 0.11.1-debian-11-r55
tag: 0.11.1-debian-11-r58
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

6
charts/bitnami/airflow/charts/redis/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2022-12-12T19:34:26.826289322Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-14T22:31:24.380931903Z"

2
charts/bitnami/airflow/charts/redis/Chart.yaml
View File

@ -24,4 +24,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/redis
version: 17.6.0
version: 17.7.4

130
charts/bitnami/airflow/charts/redis/README.md
View File

@ -11,8 +11,8 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/redis
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/redis
```
## Introduction
@ -47,8 +47,8 @@ The main features of each chart are the following:
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/redis
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/redis
```
The command deploys Redis&reg; on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -60,7 +60,7 @@ The command deploys Redis&reg; on the Kubernetes cluster in the default configur
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -89,6 +89,7 @@ The command removes all the Kubernetes components associated with the chart and
| `secretAnnotations` | Annotations to add to secret | `{}` |
| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` |
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
| `useHostnames` | Use hostnames internally when announcing replication | `true` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
@ -96,15 +97,15 @@ The command removes all the Kubernetes components associated with the chart and
### Redis&reg; Image parameters
| Name | Description | Value |
| ------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- |
| `image.registry` | Redis&reg; image registry | `docker.io` |
| `image.repository` | Redis&reg; image repository | `bitnami/redis` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.8-debian-11-r0` |
| `image.digest` | Redis&reg; image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Redis&reg; image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Redis&reg; image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
| Name | Description | Value |
| ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Redis&reg; image registry | `docker.io` |
| `image.repository` | Redis&reg; image repository | `bitnami/redis` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.8-debian-11-r11` |
| `image.digest` | Redis&reg; image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Redis&reg; image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Redis&reg; image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
### Redis&reg; common configuration parameters
@ -336,7 +337,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sentinel.enabled` | Use Redis&reg; Sentinel on Redis&reg; pods. | `false` |
| `sentinel.image.registry` | Redis&reg; Sentinel image registry | `docker.io` |
| `sentinel.image.repository` | Redis&reg; Sentinel image repository | `bitnami/redis-sentinel` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.7-debian-11-r10` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.8-debian-11-r10` |
| `sentinel.image.digest` | Redis&reg; Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sentinel.image.pullPolicy` | Redis&reg; Sentinel image pull policy | `IfNotPresent` |
| `sentinel.image.pullSecrets` | Redis&reg; Sentinel image pull secrets | `[]` |
@ -452,7 +453,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis&reg; metrics | `false` |
| `metrics.image.registry` | Redis&reg; Exporter image registry | `docker.io` |
| `metrics.image.repository` | Redis&reg; Exporter image repository | `bitnami/redis-exporter` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.45.0-debian-11-r26` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.46.0-debian-11-r5` |
| `metrics.image.digest` | Redis&reg; Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Redis&reg; Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Redis&reg; Exporter image pull secrets | `[]` |
@ -518,7 +519,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r72` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -528,7 +529,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` |
| `sysctl.image.registry` | Bitnami Shell image registry | `docker.io` |
| `sysctl.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r72` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `sysctl.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sysctl.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `sysctl.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -548,7 +549,6 @@ The command removes all the Kubernetes components associated with the chart and
| `useExternalDNS.suffix` | The DNS suffix utilized when `external-dns` is enabled. Note that we prepend the suffix with the full name of the release. | `""` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
@ -563,7 +563,7 @@ The above command sets the Redis&reg; server password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/redis
helm install my-release -f values.yaml my-repo/redis
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -616,10 +616,10 @@ useExternalDNS:
On a cluster where the name of the Helm release is `a`, the hostname of a Pod is generated as: `a-redis-node-0.a-redis.prod.example.org`. The IP of that FQDN will match that of the associated Pod. This modifies the following parameters of the Redis/Sentinel configuration using this new FQDN:
* `replica-announce-ip`
* `known-sentinel`
* `known-replica`
* `announce-ip`
- `replica-announce-ip`
- `known-sentinel`
- `known-replica`
- `announce-ip`
:warning: This requires a working installation of `external-dns` to be fully functional. :warning:
@ -654,7 +654,7 @@ In addition to this, only one service is exposed:
For read-only operations, access the service using port 6379. For write operations, it's necessary to access the Redis&reg; Sentinel cluster and query the current master using the command below (using redis-cli or similar):
```
```console
SENTINEL get-master-addr-by-name <name of your MasterSet. e.g: mymaster>
```
@ -669,6 +669,7 @@ In case the current master crashes, the Sentinel containers will elect a new mas
When `master.count` is greater than `1`, special care must be taken to create a consistent setup.
An example of use case is the creation of a redundant set of standalone masters or master-replicas per Kubernetes node where you must ensure:
- No more than `1` master can be deployed per Kubernetes node
- Replicas and writers can only see the single master of their own Kubernetes node
@ -726,7 +727,7 @@ By default, the chart mounts a [Persistent Volume](https://kubernetes.io/docs/co
3. Install the chart
```console
$ helm install my-release --set master.persistence.existingClaim=PVC_NAME my-repo/redis
helm install my-release --set master.persistence.existingClaim=PVC_NAME my-repo/redis
```
## Backup and restore
@ -762,6 +763,7 @@ This major version updates the Redis&reg; docker image version used from `6.2` t
This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository.
Affected values:
- `master.service.port` renamed as `master.service.ports.redis`.
- `master.service.nodePort` renamed as `master.service.nodePorts.redis`.
- `replica.service.port` renamed as `replica.service.ports.redis`.
@ -785,11 +787,11 @@ The Redis&reg; sentinel exporter was removed in this version because the upstrea
### To 14.0.0
- Several parameters were renamed or disappeared in favor of new ones on this major version:
- The term *slave* has been replaced by the term *replica*. Therefore, parameters prefixed with `slave` are now prefixed with `replicas`.
- Credentials parameter are reorganized under the `auth` parameter.
- `cluster.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`.
- `securityContext.*` is deprecated in favor of `XXX.podSecurityContext` and `XXX.containerSecurityContext`.
- `sentinel.metrics.*` parameters are deprecated in favor of `metrics.sentinel.*` ones.
- The term *slave* has been replaced by the term *replica*. Therefore, parameters prefixed with `slave` are now prefixed with `replicas`.
- Credentials parameter are reorganized under the `auth` parameter.
- `cluster.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`.
- `securityContext.*` is deprecated in favor of `XXX.podSecurityContext` and `XXX.containerSecurityContext`.
- `sentinel.metrics.*` parameters are deprecated in favor of `metrics.sentinel.*` ones.
- New parameters to add custom command, environment variables, sidecars, init containers, etc. were added.
- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels).
- values.yaml metadata was adapted to follow the format supported by [Readme Generator for Helm](https://github.com/bitnami-labs/readme-generator-for-helm).
@ -802,10 +804,10 @@ Backwards compatibility is not guaranteed. To upgrade to `14.0.0`, install a new
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `master.persistence.existingClaim` parameter. The following example assumes that the release name is `redis`:
```console
$ helm install redis my-repo/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC]
helm install redis my-repo/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC]
```
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[PASSWORD]_ with the password used in your previous release.
| Note: you need to substitute the placeholder *[EXISTING_PVC]* with the name of the PVC used on your previous release, and *[PASSWORD]* with the password used in your previous release.
### To 13.0.0
@ -819,41 +821,29 @@ This version also introduces `bitnami/common`, a [library chart](https://helm.sh
[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL.
**What changes were introduced in this major version?**
#### What changes were introduced in this major version?
- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field.
- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts
**Considerations when upgrading to this version**
#### Considerations when upgrading to this version
- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues
- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore
- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3
**Useful links**
#### Useful links
- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/
- https://helm.sh/docs/topics/v2_v3_migration/
- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/
### To 11.0.0
When deployed with sentinel enabled, only a group of nodes is deployed and the master/slave role is handled in the group. To avoid breaking the compatibility, the settings for this nodes are given through the `slave.xxxx` parameters in `values.yaml`
### To 9.0.0
The metrics exporter has been changed from a separate deployment to a sidecar container, due to the latest changes in the Redis&reg; exporter code. Check the [official page](https://github.com/oliver006/redis_exporter/) for more information. The metrics container image was changed from oliver006/redis_exporter to bitnami/redis-exporter (Bitnami's maintained package of oliver006/redis_exporter).
### To 7.0.0
In order to improve the performance in case of slave failure, we added persistence to the read-only slaves. That means that we moved from Deployment to StatefulSets. This should not affect upgrades from previous versions of the chart, as the deployments did not contain any persistence at all.
This version also allows enabling Redis&reg; Sentinel containers inside of the Redis&reg; Pods (feature disabled by default). In case the master crashes, a new Redis&reg; node will be elected as master. In order to query the current master (no redis master service is exposed), you need to query first the Sentinel cluster.
- <https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/>
- <https://helm.sh/docs/topics/v2_v3_migration/>
- <https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/>
### To 11.0.0
When using sentinel, a new statefulset called `-node` was introduced. This will break upgrading from a previous version where the statefulsets are called master and slave. Hence the PVC will not match the new naming and won't be reused. If you want to keep your data, you will need to perform a backup and then a restore the data in this new version.
When deployed with sentinel enabled, only a group of nodes is deployed and the master/slave role is handled in the group. To avoid breaking the compatibility, the settings for this nodes are given through the `slave.xxxx` parameters in `values.yaml`
### To 10.0.0
For releases with `usePassword: true`, the value `sentinel.usePassword` controls whether the password authentication also applies to the sentinel port. This defaults to `true` for a secure configuration, however it is possible to disable to account for the following cases:
@ -863,6 +853,10 @@ For releases with `usePassword: true`, the value `sentinel.usePassword` controls
If using a master/slave topology, or with `usePassword: false`, no action is required.
### To 9.0.0
The metrics exporter has been changed from a separate deployment to a sidecar container, due to the latest changes in the Redis&reg; exporter code. Check the [official page](https://github.com/oliver006/redis_exporter/) for more information. The metrics container image was changed from oliver006/redis_exporter to bitnami/redis-exporter (Bitnami's maintained package of oliver006/redis_exporter).
### To 8.0.18
For releases with `metrics.enabled: true` the default tag for the exporter image is now `v1.x.x`. This introduces many changes including metrics names. You'll want to use [this dashboard](https://github.com/oliver006/redis_exporter/blob/master/contrib/grafana_prometheus_redis_dashboard.json) now. Please see the [redis_exporter github page](https://github.com/oliver006/redis_exporter#upgrading-from-0x-to-1x) for more details.
@ -873,16 +867,16 @@ This version causes a change in the Redis&reg; Master StatefulSet definition, so
- Recommended: Create a clone of the Redis&reg; Master PVC (for example, using projects like [this one](https://github.com/edseymour/pvc-transfer)). Then launch a fresh release reusing this cloned PVC.
```
$ helm install my-release my-repo/redis --set persistence.existingClaim=<NEW PVC>
```
```console
helm install my-release my-repo/redis --set persistence.existingClaim=<NEW PVC>
```
- Alternative (not recommended, do at your own risk): `helm delete --purge` does not remove the PVC assigned to the Redis&reg; Master StatefulSet. As a consequence, the following commands can be done to upgrade the release
```
$ helm delete --purge <RELEASE>
$ helm install <RELEASE> my-repo/redis
```
```console
helm delete --purge <RELEASE>
helm install <RELEASE> my-repo/redis
```
Previous versions of the chart were not using persistence in the slaves, so this upgrade would add it to them. Another important change is that no values are inherited from master to slaves. For example, in 6.0.0 `slaves.readinessProbe.periodSeconds`, if empty, would be set to `master.readinessProbe.periodSeconds`. This approach lacked transparency and was difficult to maintain. From now on, all the slave parameters must be configured just as it is done with the masters.
@ -913,34 +907,34 @@ must be specified.
This version removes the `chart` label from the `spec.selector.matchLabels`
which is immutable since `StatefulSet apps/v1beta2`. It has been inadvertently
added, causing any subsequent upgrade to fail. See https://github.com/helm/charts/issues/7726.
added, causing any subsequent upgrade to fail. See <https://github.com/helm/charts/issues/7726>.
It also fixes https://github.com/helm/charts/issues/7726 where a deployment `extensions/v1beta1` can not be upgraded if `spec.selector` is not explicitly set.
It also fixes <https://github.com/helm/charts/issues/7726> where a deployment `extensions/v1beta1` can not be upgraded if `spec.selector` is not explicitly set.
Finally, it fixes https://github.com/helm/charts/issues/7803 by removing mutable labels in `spec.VolumeClaimTemplate.metadata.labels` so that it is upgradable.
Finally, it fixes <https://github.com/helm/charts/issues/7803> by removing mutable labels in `spec.VolumeClaimTemplate.metadata.labels` so that it is upgradable.
In order to upgrade, delete the Redis&reg; StatefulSet before upgrading:
```console
$ kubectl delete statefulsets.apps --cascade=false my-release-redis-master
kubectl delete statefulsets.apps --cascade=false my-release-redis-master
```
And edit the Redis&reg; slave (and metrics if enabled) deployment:
```console
$ kubectl patch deployments my-release-redis-slave --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
$ kubectl patch deployments my-release-redis-metrics --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
kubectl patch deployments my-release-redis-slave --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
kubectl patch deployments my-release-redis-metrics --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]'
```
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/airflow/charts/redis/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/airflow/charts/redis/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/airflow/charts/redis/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

3
charts/bitnami/airflow/charts/redis/templates/master/application.yaml
View File

@ -37,6 +37,9 @@ spec:
{{- if .Values.master.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.master.podLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if and .Values.metrics.enabled .Values.metrics.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }}
{{- end }}

2
charts/bitnami/airflow/charts/redis/templates/master/service.yaml
View File

@ -30,7 +30,7 @@ spec:
loadBalancerIP: {{ .Values.master.service.loadBalancerIP }}
{{- end }}
{{- if and (eq .Values.master.service.type "LoadBalancer") (not (empty .Values.master.service.loadBalancerSourceRanges)) }}
loadBalancerSourceRanges: {{ .Values.master.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{ toYaml .Values.master.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- if and .Values.master.service.clusterIP (eq .Values.master.service.type "ClusterIP") }}
clusterIP: {{ .Values.master.service.clusterIP }}

2
charts/bitnami/airflow/charts/redis/templates/replicas/service.yaml
View File

@ -30,7 +30,7 @@ spec:
loadBalancerIP: {{ .Values.replica.service.loadBalancerIP }}
{{- end }}
{{- if and (eq .Values.replica.service.type "LoadBalancer") (not (empty .Values.replica.service.loadBalancerSourceRanges)) }}
loadBalancerSourceRanges: {{ .Values.replica.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{ toYaml .Values.replica.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- if and .Values.replica.service.clusterIP (eq .Values.replica.service.type "ClusterIP") }}
clusterIP: {{ .Values.replica.service.clusterIP }}

3
charts/bitnami/airflow/charts/redis/templates/replicas/statefulset.yaml
View File

@ -36,6 +36,9 @@ spec:
{{- if .Values.replica.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.replica.podLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if and .Values.metrics.enabled .Values.metrics.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }}
{{- end }}

62
charts/bitnami/airflow/charts/redis/templates/scripts-configmap.yaml
View File

@ -44,11 +44,17 @@ data:
hostname="$1"
{{- if .Values.useExternalDNS.enabled }}
echo "${hostname}.{{- include "redis.externalDNS.suffix" . }}"
full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}"
{{- else if eq .Values.sentinel.service.type "NodePort" }}
echo "${hostname}.{{- .Release.Namespace }}"
full_hostname="${hostname}.{{- .Release.Namespace }}"
{{- else }}
echo "${hostname}.${HEADLESS_SERVICE}"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
{{- end }}
{{- if .Values.useHostnames }}
echo "${full_hostname}"
{{- else }}
getent hosts "${full_hostname}" | awk '{ print $1 ; exit }'
{{- end }}
}
@ -262,11 +268,17 @@ data:
hostname="$1"
{{- if .Values.useExternalDNS.enabled }}
echo "${hostname}.{{- include "redis.externalDNS.suffix" . }}"
full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}"
{{- else if eq .Values.sentinel.service.type "NodePort" }}
echo "${hostname}.{{- .Release.Namespace }}"
full_hostname="${hostname}.{{- .Release.Namespace }}"
{{- else }}
echo "${hostname}.${HEADLESS_SERVICE}"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
{{- end }}
{{- if .Values.useHostnames }}
echo "${full_hostname}"
{{- else }}
getent hosts "${full_hostname}" | awk '{ print $1 ; exit }'
{{- end }}
}
@ -426,13 +438,20 @@ data:
hostname="$1"
{{- if .Values.useExternalDNS.enabled }}
echo "${hostname}.{{- include "redis.externalDNS.suffix" . }}"
full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}"
{{- else if eq .Values.sentinel.service.type "NodePort" }}
echo "${hostname}.{{- .Release.Namespace }}"
full_hostname="${hostname}.{{- .Release.Namespace }}"
{{- else }}
echo "${hostname}.${HEADLESS_SERVICE}"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
{{- end }}
{{- if .Values.useHostnames }}
echo "${full_hostname}"
{{- else }}
getent hosts "${full_hostname}" | awk '{ print $1 ; exit }'
{{- end }}
}
run_sentinel_command() {
if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@"
@ -492,13 +511,20 @@ data:
hostname="$1"
{{- if .Values.useExternalDNS.enabled }}
echo "${hostname}.{{- include "redis.externalDNS.suffix" . }}"
full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}"
{{- else if eq .Values.sentinel.service.type "NodePort" }}
echo "${hostname}.{{- .Release.Namespace }}"
full_hostname="${hostname}.{{- .Release.Namespace }}"
{{- else }}
echo "${hostname}.${HEADLESS_SERVICE}"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
{{- end }}
{{- if .Values.useHostnames }}
echo "${full_hostname}"
{{- else }}
getent hosts "${full_hostname}" | awk '{ print $1 ; exit }'
{{- end }}
}
run_sentinel_command() {
if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
{{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$SENTINEL_SERVICE_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@"
@ -614,11 +640,17 @@ data:
hostname="$1"
{{- if .Values.useExternalDNS.enabled }}
echo "${hostname}.{{- include "redis.externalDNS.suffix" . }}"
full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}"
{{- else if eq .Values.sentinel.service.type "NodePort" }}
echo "${hostname}.{{- .Release.Namespace }}"
full_hostname="${hostname}.{{- .Release.Namespace }}"
{{- else }}
echo "${hostname}.${HEADLESS_SERVICE}"
full_hostname="${hostname}.${HEADLESS_SERVICE}"
{{- end }}
{{- if .Values.useHostnames }}
echo "${full_hostname}"
{{- else }}
getent hosts "${full_hostname}" | awk '{ print $1 ; exit }'
{{- end }}
}

2
charts/bitnami/airflow/charts/redis/templates/sentinel/service.yaml
View File

@ -38,7 +38,7 @@ spec:
loadBalancerIP: {{ .Values.sentinel.service.loadBalancerIP }}
{{- end }}
{{- if and (eq .Values.sentinel.service.type "LoadBalancer") (not (empty .Values.sentinel.service.loadBalancerSourceRanges)) }}
loadBalancerSourceRanges: {{ .Values.sentinel.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{ toYaml .Values.sentinel.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
{{- if and .Values.sentinel.service.clusterIP (eq .Values.sentinel.service.type "ClusterIP") }}
clusterIP: {{ .Values.sentinel.service.clusterIP }}

3
charts/bitnami/airflow/charts/redis/templates/sentinel/statefulset.yaml
View File

@ -35,6 +35,9 @@ spec:
{{- if .Values.replica.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.replica.podLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
{{- end }}
{{- if and .Values.metrics.enabled .Values.metrics.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }}
{{- end }}

9
charts/bitnami/airflow/charts/redis/templates/tls-secret.yaml
View File

@ -1,6 +1,5 @@
{{- if (include "redis.createTlsSecret" .) }}
{{- $secretName := printf "%s-crt" (include "common.names.fullname" .) }}
{{- $existingCerts := (lookup "v1" "Secret" .Release.Namespace $secretName).data | default dict }}
{{- $ca := genCA "redis-ca" 365 }}
{{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }}
@ -9,7 +8,7 @@
{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
{{- $masterServiceName := printf "%s-master" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
apiVersion: v1
kind: Secret
metadata:
@ -24,7 +23,7 @@ metadata:
{{- end }}
type: kubernetes.io/tls
data:
ca.crt: {{ (get $existingCerts "ca.crt") | default ($ca.Cert | b64enc | quote ) }}
tls.crt: {{ (get $existingCerts "tls.crt") | default ($crt.Cert | b64enc | quote) }}
tls.key: {{ (get $existingCerts "tls.key") | default ($crt.Key | b64enc | quote) }}
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}

13
charts/bitnami/airflow/charts/redis/values.yaml
View File

@ -47,6 +47,9 @@ clusterDomain: cluster.local
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## @param useHostnames Use hostnames internally when announcing replication
###
useHostnames: true
## Enable diagnostic mode in the deployment
##
@ -79,7 +82,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/redis
tag: 7.0.8-debian-11-r0
tag: 7.0.8-debian-11-r11
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -982,7 +985,7 @@ sentinel:
image:
registry: docker.io
repository: bitnami/redis-sentinel
tag: 7.0.7-debian-11-r10
tag: 7.0.8-debian-11-r10
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1404,7 +1407,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/redis-exporter
tag: 1.45.0-debian-11-r26
tag: 1.46.0-debian-11-r5
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1655,7 +1658,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r72
tag: 11-debian-11-r85
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1703,7 +1706,7 @@ sysctl:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r72
tag: 11-debian-11-r85
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

12
charts/bitnami/airflow/values.yaml
View File

@ -118,7 +118,7 @@ dags:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r79
tag: 11-debian-11-r85
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -185,7 +185,7 @@ web:
image:
registry: docker.io
repository: bitnami/airflow
tag: 2.5.1-debian-11-r5
tag: 2.5.1-debian-11-r10
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -443,7 +443,7 @@ scheduler:
image:
registry: docker.io
repository: bitnami/airflow-scheduler
tag: 2.5.1-debian-11-r5
tag: 2.5.1-debian-11-r9
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -647,7 +647,7 @@ worker:
image:
registry: docker.io
repository: bitnami/airflow-worker
tag: 2.5.1-debian-11-r5
tag: 2.5.1-debian-11-r9
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -920,7 +920,7 @@ git:
image:
registry: docker.io
repository: bitnami/git
tag: 2.39.1-debian-11-r6
tag: 2.39.2-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1283,7 +1283,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/airflow-exporter
tag: 0.20220314.0-debian-11-r86
tag: 0.20220314.0-debian-11-r91
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

6
charts/bitnami/cassandra/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2022-12-22T13:03:20.759195688Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-17T14:47:04.069700672Z"

2
charts/bitnami/cassandra/Chart.yaml
View File

@ -29,4 +29,4 @@ name: cassandra
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/cassandra
- http://cassandra.apache.org
version: 10.0.2
version: 10.0.3

59
charts/bitnami/cassandra/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/cassandra
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/cassandra
```
## Introduction
@ -32,8 +32,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/cassandra
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/cassandra
```
These commands deploy one node with Apache Cassandra on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -45,7 +45,7 @@ These commands deploy one node with Apache Cassandra on the Kubernetes cluster i
To uninstall/delete the `my-release` release:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -60,7 +60,6 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
### Common parameters
| Name | Description | Value |
@ -76,14 +75,13 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
### Cassandra parameters
| Name | Description | Value |
| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Cassandra image registry | `docker.io` |
| `image.repository` | Cassandra image repository | `bitnami/cassandra` |
| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.0-debian-11-r11` |
| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.0-debian-11-r21` |
| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Cassandra image pull secrets | `[]` |
@ -114,7 +112,6 @@ The command removes all the Kubernetes components associated with the chart and
| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` |
| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` |
### Statefulset parameters
| Name | Description | Value |
@ -183,7 +180,6 @@ The command removes all the Kubernetes components associated with the chart and
| `hostPorts.jmx` | JMX Port on the Host | `""` |
| `hostPorts.cql` | CQL Port on the Host | `""` |
### RBAC parameters
| Name | Description | Value |
@ -193,7 +189,6 @@ The command removes all the Kubernetes components associated with the chart and
| `serviceAccount.annotations` | Annotations for Cassandra Service Account | `{}` |
| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` |
### Traffic Exposure Parameters
| Name | Description | Value |
@ -214,7 +209,6 @@ The command removes all the Kubernetes components associated with the chart and
| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
### Persistence parameters
| Name | Description | Value |
@ -229,7 +223,6 @@ The command removes all the Kubernetes components associated with the chart and
| `persistence.mountPath` | The path the data volume will be mounted at | `/bitnami/cassandra` |
| `persistence.commitLogMountPath` | The path the commit log volume will be mounted at. Unset by default. Set it to '/bitnami/cassandra/commitlog' to enable a separate commit log volume | `""` |
### Volume Permissions parameters
| Name | Description | Value |
@ -237,7 +230,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r74` |
| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -245,7 +238,6 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.resources.requests` | The requested resources for the container | `{}` |
| `volumePermissions.securityContext.runAsUser` | User ID for the init container | `0` |
### Metrics parameters
| Name | Description | Value |
@ -253,7 +245,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Cassandra exporter image registry | `docker.io` |
| `metrics.image.repository` | Cassandra exporter image name | `bitnami/cassandra-exporter` |
| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r81` |
| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r90` |
| `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -282,7 +274,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.hostPorts.jmx` | JMX Port on the Host | `""` |
| `metrics.configuration` | Configure Cassandra-exporter with a custom config.yml file | `""` |
### TLS/SSL parameters
| Name | Description | Value |
@ -299,13 +290,10 @@ The command removes all the Kubernetes components associated with the chart and
| `tls.certificatesSecret` | Secret with the TLS certificates. | `""` |
| `tls.tlsEncryptionSecretName` | Secret with the encryption of the TLS certificates | `""` |
The above parameters map to the env variables defined in [bitnami/cassandra](https://github.com/bitnami/containers/tree/main/bitnami/cassandra). For more information please refer to the [bitnami/cassandra](https://github.com/bitnami/containers/tree/main/bitnami/cassandra) image documentation.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set dbUser.user=admin,dbUser.password=password \
my-repo/cassandra
```
@ -313,7 +301,7 @@ $ helm install my-release \
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/cassandra
helm install my-release -f values.yaml my-repo/cassandra
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -330,8 +318,8 @@ Bitnami will release a new chart updating its containers if a new version of the
This chart supports TLS between client and server and between nodes, as explained below:
* For internode cluster encryption, set the `tls.internodeEncryption` chart parameter to a value different from `none`. Available values are `all`, `dc` or `rack`.
* For client-server encryption, set the `tls.clientEncryption` chart parameter to `true`.
- For internode cluster encryption, set the `tls.internodeEncryption` chart parameter to a value different from `none`. Available values are `all`, `dc` or `rack`.
- For client-server encryption, set the `tls.clientEncryption` chart parameter to `true`.
In both cases, it is also necessary to create a secret containing the keystore and truststore certificates and their corresponding protection passwords. This secret is to be passed to the chart via the `tls.existingSecret` parameter at deployment-time.
@ -370,8 +358,8 @@ If you encounter errors when working with persistent volumes, refer to our [trou
As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. There are two approaches to achieve this:
* Use Kubernetes SecurityContexts by setting the `podSecurityContext.enabled` and `containerSecurityContext.enabled` to `true`. This option is enabled by default in the chart. However, this feature does not work in all Kubernetes distributions.
* Use an init container to change the ownership of the volume before mounting it in the final destination. Enable this container by setting the `volumePermissions.enabled` parameter to `true`.
- Use Kubernetes SecurityContexts by setting the `podSecurityContext.enabled` and `containerSecurityContext.enabled` to `true`. This option is enabled by default in the chart. However, this feature does not work in all Kubernetes distributions.
- Use an init container to change the ownership of the volume before mounting it in the final destination. Enable this container by setting the `volumePermissions.enabled` parameter to `true`.
## Backup and restore
@ -386,12 +374,13 @@ Find more information about how to deal with common errors related to Bitnami's
It's necessary to set the `dbUser.password` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use. Please note down the password and run the command below to upgrade your chart:
```console
$ helm upgrade my-release my-repo/cassandra --set dbUser.password=[PASSWORD]
helm upgrade my-release my-repo/cassandra --set dbUser.password=[PASSWORD]
```
| Note: you need to substitute the placeholder _[PASSWORD]_ with the value obtained in the installation notes.
| Note: you need to substitute the placeholder *[PASSWORD]* with the value obtained in the installation notes.
### To 9.0.0
This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository.
Affected values:
@ -407,10 +396,10 @@ Affected values:
Cassandra's version was bumped to `4.0`, [the new major](https://cassandra.apache.org/_/blog/Apache-Cassandra-4.0-is-Here.html) considered LTS. Among other features, this release removes support for [Thrift](https://issues.apache.org/jira/browse/CASSANDRA-11115), which means that the following properties of the chart will no longer be available:
- `cluster.enableRPC`
- `service.thriftPort`
- `service.nodePorts.thrift`
- `containerPorts.thrift`
- `cluster.enableRPC`
- `service.thriftPort`
- `service.nodePorts.thrift`
- `containerPorts.thrift`
For this version, there have been [intensive efforts](https://cwiki.apache.org/confluence/display/CASSANDRA/4.0+Quality%3A+Components+and+Test+Plans) from Apache to ensure that a safe cluster upgrade can be performed. Nevertheless, a backup creation prior to undergoing the upgrade process is recommended. Please, refer to the [official guide](https://cassandra.apache.org/doc/latest/operating/backups.html#snapshots) for further information.
@ -443,8 +432,8 @@ The `minimumAvailable` option has been renamed to `minAvailable` for consistency
An issue in StatefulSet manifest of the 4.x chart series rendered chart upgrades to be broken. The 5.0.0 series fixes this issue. To upgrade to the 5.x series you need to manually delete the Cassandra StatefulSet before executing the `helm upgrade` command.
```console
$ kubectl delete sts -l release=<RELEASE_NAME>
$ helm upgrade <RELEASE_NAME> ...
kubectl delete sts -l release=<RELEASE_NAME>
helm upgrade <RELEASE_NAME> ...
```
### To 4.0.0
@ -467,7 +456,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/cassandra/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/cassandra/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/cassandra/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

6
charts/bitnami/cassandra/values.yaml
View File

@ -73,7 +73,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/cassandra
tag: 4.1.0-debian-11-r11
tag: 4.1.0-debian-11-r21
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -604,7 +604,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r74
tag: 11-debian-11-r85
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -673,7 +673,7 @@ metrics:
registry: docker.io
pullPolicy: IfNotPresent
repository: bitnami/cassandra-exporter
tag: 2.3.8-debian-11-r81
tag: 2.3.8-debian-11-r90
digest: ""
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.

8
charts/bitnami/kafka/Chart.lock
View File

@ -1,9 +1,9 @@
dependencies:
- name: zookeeper
repository: https://charts.bitnami.com/bitnami
version: 11.1.0
version: 11.1.2
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:da099b68bc1deabb4998fd87b4141440f26dba1a14801a507c402247830e75ee
generated: "2023-01-24T02:09:12.655952782Z"
version: 2.2.3
digest: sha256:36f9ab281db4f7a9d978f445eb7fcf9d7553ad4f8c491bf01fce432c9f698509
generated: "2023-02-15T09:46:39.298351777Z"

4
charts/bitnami/kafka/Chart.yaml
View File

@ -6,7 +6,7 @@ annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 3.3.2
appVersion: 3.4.0
dependencies:
- condition: zookeeper.enabled
name: zookeeper
@ -35,4 +35,4 @@ name: kafka
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/kafka
- https://kafka.apache.org/
version: 20.0.6
version: 21.0.1

165
charts/bitnami/kafka/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/kafka
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/kafka
```
## Introduction
@ -32,8 +32,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/kafka
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/kafka
```
These commands deploy Kafka on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -45,7 +45,7 @@ These commands deploy Kafka on the Kubernetes cluster in the default configurati
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -60,7 +60,6 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
### Common parameters
| Name | Description | Value |
@ -76,14 +75,13 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |
### Kafka parameters
| Name | Description | Value |
| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
| `image.registry` | Kafka image registry | `docker.io` |
| `image.repository` | Kafka image repository | `bitnami/kafka` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.3.2-debian-11-r0` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.4.0-debian-11-r2` |
| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -161,7 +159,6 @@ The command removes all the Kubernetes components associated with the chart and
| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` |
| `extraEnvVarsSecret` | Secret with extra environment variables | `""` |
### Statefulset parameters
| Name | Description | Value |
@ -230,58 +227,56 @@ The command removes all the Kubernetes components associated with the chart and
| `pdb.minAvailable` | Maximum number/percentage of unavailable Kafka replicas | `""` |
| `pdb.maxUnavailable` | Maximum number/percentage of unavailable Kafka replicas | `1` |
### Traffic Exposure parameters
| Name | Description | Value |
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.ports.client` | Kafka svc port for client connections | `9092` |
| `service.ports.internal` | Kafka svc port for inter-broker connections | `9093` |
| `service.ports.external` | Kafka svc port for external connections | `9094` |
| `service.nodePorts.client` | Node port for the Kafka client connections | `""` |
| `service.nodePorts.external` | Node port for the Kafka external connections | `""` |
| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` |
| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `service.clusterIP` | Kafka service Cluster IP | `""` |
| `service.loadBalancerIP` | Kafka service Load Balancer IP | `""` |
| `service.loadBalancerSourceRanges` | Kafka service Load Balancer sources | `[]` |
| `service.externalTrafficPolicy` | Kafka service external traffic policy | `Cluster` |
| `service.annotations` | Additional custom annotations for Kafka service | `{}` |
| `service.headless.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` |
| `service.headless.annotations` | Annotations for the headless service. | `{}` |
| `service.headless.labels` | Labels for the headless service. | `{}` |
| `service.extraPorts` | Extra ports to expose in the Kafka service (normally used with the `sidecar` value) | `[]` |
| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` |
| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` |
| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` |
| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` |
| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.6-debian-11-r1` |
| `externalAccess.autoDiscovery.image.digest` | Petete image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` |
| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` |
| `externalAccess.autoDiscovery.resources.limits` | The resources limits for the auto-discovery init container | `{}` |
| `externalAccess.autoDiscovery.resources.requests` | The requested resources for the auto-discovery init container | `{}` |
| `externalAccess.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` |
| `externalAccess.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` |
| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` |
| `externalAccess.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` |
| `externalAccess.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` |
| `externalAccess.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` |
| `externalAccess.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` |
| `externalAccess.service.labels` | Service labels for external access | `{}` |
| `externalAccess.service.annotations` | Service annotations for external access | `{}` |
| `externalAccess.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` |
| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` |
| `networkPolicy.externalAccess.from` | customize the from section for External Access on tcp-external port | `[]` |
| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` |
| Name | Description | Value |
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------------- |
| `service.type` | Kubernetes Service type | `ClusterIP` |
| `service.ports.client` | Kafka svc port for client connections | `9092` |
| `service.ports.internal` | Kafka svc port for inter-broker connections | `9093` |
| `service.ports.external` | Kafka svc port for external connections | `9094` |
| `service.nodePorts.client` | Node port for the Kafka client connections | `""` |
| `service.nodePorts.external` | Node port for the Kafka external connections | `""` |
| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` |
| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `service.clusterIP` | Kafka service Cluster IP | `""` |
| `service.loadBalancerIP` | Kafka service Load Balancer IP | `""` |
| `service.loadBalancerSourceRanges` | Kafka service Load Balancer sources | `[]` |
| `service.externalTrafficPolicy` | Kafka service external traffic policy | `Cluster` |
| `service.annotations` | Additional custom annotations for Kafka service | `{}` |
| `service.headless.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` |
| `service.headless.annotations` | Annotations for the headless service. | `{}` |
| `service.headless.labels` | Labels for the headless service. | `{}` |
| `service.extraPorts` | Extra ports to expose in the Kafka service (normally used with the `sidecar` value) | `[]` |
| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` |
| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` |
| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` |
| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` |
| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.6-debian-11-r10` |
| `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` |
| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` |
| `externalAccess.autoDiscovery.resources.limits` | The resources limits for the auto-discovery init container | `{}` |
| `externalAccess.autoDiscovery.resources.requests` | The requested resources for the auto-discovery init container | `{}` |
| `externalAccess.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` |
| `externalAccess.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` |
| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` |
| `externalAccess.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` |
| `externalAccess.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` |
| `externalAccess.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` |
| `externalAccess.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` |
| `externalAccess.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` |
| `externalAccess.service.labels` | Service labels for external access | `{}` |
| `externalAccess.service.annotations` | Service annotations for external access | `{}` |
| `externalAccess.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` |
| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` |
| `networkPolicy.externalAccess.from` | customize the from section for External Access on tcp-external port | `[]` |
| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` |
### Persistence parameters
@ -305,7 +300,6 @@ The command removes all the Kubernetes components associated with the chart and
| `logPersistence.selector` | Selector to match an existing Persistent Volume for Kafka log data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` |
| `logPersistence.mountPath` | Mount path of the Kafka logs volume | `/opt/bitnami/kafka/logs` |
### Volume Permissions parameters
| Name | Description | Value |
@ -313,7 +307,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r75` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -321,7 +315,6 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` |
| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` |
### Other Parameters
| Name | Description | Value |
@ -332,7 +325,6 @@ The command removes all the Kubernetes components associated with the chart and
| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
| `rbac.create` | Whether to create & use RBAC resources or not | `false` |
### Metrics parameters
| Name | Description | Value |
@ -340,7 +332,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` |
| `metrics.kafka.image.registry` | Kafka exporter image registry | `docker.io` |
| `metrics.kafka.image.repository` | Kafka exporter image repository | `bitnami/kafka-exporter` |
| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.6.0-debian-11-r52` |
| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.6.0-debian-11-r61` |
| `metrics.kafka.image.digest` | Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` |
| `metrics.kafka.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -388,7 +380,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` |
| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` |
| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r41` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r49` |
| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` |
| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -421,7 +413,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` |
| `metrics.prometheusRule.groups` | Prometheus Rule Groups for Kafka | `[]` |
### Kafka provisioning parameters
| Name | Description | Value |
@ -474,7 +465,6 @@ The command removes all the Kubernetes components associated with the chart and
| `provisioning.initContainers` | Add additional Add init containers to the Kafka provisioning pod(s) | `[]` |
| `provisioning.waitForKafka` | If true use an init container to wait until kafka is ready before starting provisioning | `true` |
### ZooKeeper chart parameters
| Name | Description | Value |
@ -492,11 +482,10 @@ The command removes all the Kubernetes components associated with the chart and
| `zookeeper.persistence.size` | Persistent Volume size | `8Gi` |
| `externalZookeeper.servers` | List of external zookeeper servers to use. Typically used in combination with 'zookeeperChrootPath'. | `[]` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set replicaCount=3 \
my-repo/kafka
```
@ -506,7 +495,7 @@ The above command deploys Kafka with 3 brokers (replicas).
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/kafka
helm install my-release -f values.yaml my-repo/kafka
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -563,8 +552,8 @@ In order to configure TLS authentication/encryption, you **can** create a secret
For instance, to configure TLS authentication on a Kafka cluster with 2 Kafka brokers use the commands below to create the secrets:
```console
$ kubectl create secret generic kafka-jks-0 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-0.keystore.jks
$ kubectl create secret generic kafka-jks-1 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-1.keystore.jks
kubectl create secret generic kafka-jks-0 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-0.keystore.jks
kubectl create secret generic kafka-jks-1 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-1.keystore.jks
```
> **Note**: the command above assumes you already created the truststore and keystores files. This [script](https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh) can help you with the JKS files generation.
@ -574,8 +563,8 @@ If, for some reason (like using Cert-Manager) you can not use the default JKS se
- `auth.tls.jksTruststoreSecret` to define additional secret, where the `kafka.truststore.jks` is being kept. The truststore password **must** be the same as in `auth.tls.password`
- `auth.tls.jksTruststore` to overwrite the default value of the truststore key (`kafka.truststore.jks`).
- `auth.tls.jksKeystoreSAN` if you want to use a SAN certificate for your brokers. Setting this parameter would mean that the chart expects a existing key in the `auth.tls.jksTruststoreSecret` with the `auth.tls.jksKeystoreSAN` value and use this as a keystore for **all** brokers
> **Note**: If you are using cert-manager, particularly when an ACME issuer is used, the `ca.crt` field is not put in the `Secret` that cert-manager creates. To handle this, the `auth.tls.pemChainIncluded` property can be set to `true` and the initContainer created by this Chart will attempt to extract the intermediate certs from the `tls.crt` field of the secret (which is a PEM chain)
> **Note**: If you are using cert-manager, particularly when an ACME issuer is used, the `ca.crt` field is not put in the `Secret` that cert-manager creates. To handle this, the `auth.tls.pemChainIncluded` property can be set to `true` and the initContainer created by this Chart will attempt to extract the intermediate certs from the `tls.crt` field of the secret (which is a PEM chain)
> **Note**: The truststore/keystore from above **must** be protected with the same password as in `auth.tls.password`
You can deploy the chart with authentication using the following parameters:
@ -920,24 +909,24 @@ This version also introduces `bitnami/common`, a [library chart](https://helm.sh
[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL.
**What changes were introduced in this major version?**
#### What changes were introduced in this major version?
- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field.
- Move dependency information from the *requirements.yaml* to the *Chart.yaml*
- After running `helm dependency update`, a *Chart.lock* file is generated containing the same structure used in the previous *requirements.lock*
- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts
**Considerations when upgrading to this version**
#### Considerations when upgrading to this version
- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues
- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore
- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3
**Useful links**
#### Useful links
- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/
- https://helm.sh/docs/topics/v2_v3_migration/
- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/
- <https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/>
- <https://helm.sh/docs/topics/v2_v3_migration/>
- <https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/>
### To 11.8.0
@ -997,7 +986,7 @@ Backwards compatibility is not guaranteed you adapt your values.yaml to the new
+ metrics.jmx.existingConfigmap
```
Ports names were prefixed with the protocol to comply with Istio (see https://istio.io/docs/ops/deployment/requirements/).
Ports names were prefixed with the protocol to comply with Istio (see <https://istio.io/docs/ops/deployment/requirements/>).
### To 8.0.0
@ -1009,8 +998,8 @@ Backwards compatibility is not guaranteed when Kafka metrics are enabled, unless
Use the workaround below to upgrade from versions previous to 7.0.0. The following example assumes that the release name is kafka:
```console
$ helm upgrade kafka my-repo/kafka --version 6.1.8 --set metrics.kafka.enabled=false
$ helm upgrade kafka my-repo/kafka --version 7.0.0 --set metrics.kafka.enabled=true
helm upgrade kafka my-repo/kafka --version 6.1.8 --set metrics.kafka.enabled=false
helm upgrade kafka my-repo/kafka --version 7.0.0 --set metrics.kafka.enabled=true
```
### To 2.0.0
@ -1019,8 +1008,8 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is kafka:
```console
$ kubectl delete statefulset kafka-kafka --cascade=false
$ kubectl delete statefulset kafka-zookeeper --cascade=false
kubectl delete statefulset kafka-kafka --cascade=false
kubectl delete statefulset kafka-zookeeper --cascade=false
```
### To 1.0.0
@ -1029,19 +1018,19 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 1.0.0. The following example assumes that the release name is kafka:
```console
$ kubectl delete statefulset kafka-kafka --cascade=false
$ kubectl delete statefulset kafka-zookeeper --cascade=false
kubectl delete statefulset kafka-kafka --cascade=false
kubectl delete statefulset kafka-zookeeper --cascade=false
```
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/kafka/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/kafka/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/kafka/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

7
charts/bitnami/kafka/charts/zookeeper/Chart.yaml
View File

@ -1,9 +1,8 @@
annotations:
category: Infrastructure
licenses: |
- Apache-2.0
licenses: Apache-2.0
apiVersion: v2
appVersion: 3.8.0
appVersion: 3.8.1
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
@ -23,4 +22,4 @@ name: zookeeper
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/zookeeper
- https://zookeeper.apache.org/
version: 11.1.0
version: 11.1.2

6
charts/bitnami/kafka/charts/zookeeper/README.md
View File

@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | ZooKeeper image registry | `docker.io` |
| `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.0-debian-11-r74` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.1-debian-11-r0` |
| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -255,7 +255,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r69` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r77` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -518,7 +518,7 @@ $ kubectl delete statefulset zookeeper-zookeeper --cascade=false
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

22
charts/bitnami/kafka/charts/zookeeper/templates/tls-secrets.yaml
View File

@ -1,4 +1,5 @@
{{- if (include "zookeeper.client.createTlsSecret" .) }}
{{- $secretName := printf "%s-client-crt" (include "common.names.fullname" .) }}
{{- $ca := genCA "zookeeper-client-ca" 365 }}
{{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }}
@ -6,11 +7,11 @@
{{- $serviceName := include "common.names.fullname" . }}
{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-client-crt
name: {{ $secretName }}
namespace: {{ template "zookeeper.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
@ -21,11 +22,12 @@ metadata:
{{- end }}
type: kubernetes.io/tls
data:
ca.crt: {{ $ca.Cert | b64enc | quote }}
tls.crt: {{ $crt.Cert | b64enc | quote }}
tls.key: {{ $crt.Key | b64enc | quote }}
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}
{{- if (include "zookeeper.quorum.createTlsSecret" .) }}
{{- $secretName := printf "%s-quorum-crt" (include "common.names.fullname" .) }}
{{- $ca := genCA "zookeeper-quorum-ca" 365 }}
{{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }}
@ -33,12 +35,12 @@ data:
{{- $serviceName := include "common.names.fullname" . }}
{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }}
{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-quorum-crt
name: {{ $secretName }}
namespace: {{ template "zookeeper.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
@ -49,7 +51,7 @@ metadata:
{{- end }}
type: kubernetes.io/tls
data:
ca.crt: {{ $ca.Cert | b64enc | quote }}
tls.crt: {{ $crt.Cert | b64enc | quote }}
tls.key: {{ $crt.Key | b64enc | quote }}
tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }}

4
charts/bitnami/kafka/charts/zookeeper/values.yaml
View File

@ -76,7 +76,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/zookeeper
tag: 3.8.0-debian-11-r74
tag: 3.8.1-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -660,7 +660,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r69
tag: 11-debian-11-r77
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

12
charts/bitnami/kafka/values.yaml
View File

@ -69,7 +69,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/kafka
tag: 3.3.2-debian-11-r0
tag: 3.4.0-debian-11-r2
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -755,14 +755,14 @@ externalAccess:
## @param externalAccess.autoDiscovery.image.registry Init container auto-discovery image registry
## @param externalAccess.autoDiscovery.image.repository Init container auto-discovery image repository
## @param externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended)
## @param externalAccess.autoDiscovery.image.digest Petete image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
## @param externalAccess.autoDiscovery.image.digest Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy
## @param externalAccess.autoDiscovery.image.pullSecrets Init container auto-discovery image pull secrets
##
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.25.6-debian-11-r1
tag: 1.25.6-debian-11-r10
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1001,7 +1001,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r75
tag: 11-debian-11-r86
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1081,7 +1081,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/kafka-exporter
tag: 1.6.0-debian-11-r52
tag: 1.6.0-debian-11-r61
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1317,7 +1317,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/jmx-exporter
tag: 0.17.2-debian-11-r41
tag: 0.17.2-debian-11-r49
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

6
charts/bitnami/mariadb/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2022-12-15T08:09:23.256191892Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-17T18:41:00.54667787Z"

2
charts/bitnami/mariadb/Chart.yaml
View File

@ -32,4 +32,4 @@ sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
version: 11.4.6
version: 11.5.0

67
charts/bitnami/mariadb/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mariadb
```
## Introduction
@ -34,8 +34,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mariadb
```
The command deploys MariaDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -47,7 +47,7 @@ The command deploys MariaDB on the Kubernetes cluster in the default configurati
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -62,24 +62,23 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global storage class for dynamic provisioning | `""` |
### Common parameters
| Name | Description | Value |
| ------------------------ | --------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` |
| `nameOverride` | String to partially override mariadb.fullname | `""` |
| `fullnameOverride` | String to fully override mariadb.fullname | `""` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `commonAnnotations` | Common annotations to add to all MariaDB resources (sub-charts are not considered) | `{}` |
| `commonLabels` | Common labels to add to all MariaDB resources (sub-charts are not considered) | `{}` |
| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `""` |
| `runtimeClassName` | Name of the Runtime Class for all MariaDB pods | `""` |
| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
| Name | Description | Value |
| ------------------------- | --------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` |
| `nameOverride` | String to partially override mariadb.fullname | `""` |
| `fullnameOverride` | String to fully override mariadb.fullname | `""` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `commonAnnotations` | Common annotations to add to all MariaDB resources (sub-charts are not considered) | `{}` |
| `commonLabels` | Common labels to add to all MariaDB resources (sub-charts are not considered) | `{}` |
| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `""` |
| `runtimeClassName` | Name of the Runtime Class for all MariaDB pods | `""` |
| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
### MariaDB common parameters
@ -87,7 +86,7 @@ The command removes all the Kubernetes components associated with the chart and
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r0` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r3` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -106,7 +105,6 @@ The command removes all the Kubernetes components associated with the chart and
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MariaDB Primary parameters
| Name | Description | Value |
@ -199,7 +197,6 @@ The command removes all the Kubernetes components associated with the chart and
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction | `""` |
| `primary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### MariaDB Secondary parameters
| Name | Description | Value |
@ -292,7 +289,6 @@ The command removes all the Kubernetes components associated with the chart and
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB secondary pods that may be made unavailable | `""` |
| `secondary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### RBAC parameters
| Name | Description | Value |
@ -303,7 +299,6 @@ The command removes all the Kubernetes components associated with the chart and
| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
| `rbac.create` | Whether to create and use RBAC resources or not | `false` |
### Volume Permissions parameters
| Name | Description | Value |
@ -311,14 +306,13 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r80` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` |
| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` |
### Metrics parameters
| Name | Description | Value |
@ -326,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r86` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r90` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -365,7 +359,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` |
| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` |
### NetworkPolicy parameters
| Name | Description | Value |
@ -391,7 +384,7 @@ The above parameters map to the env variables defined in [bitnami/mariadb](https
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set auth.rootPassword=secretpassword,auth.database=app_database \
my-repo/mariadb
```
@ -403,7 +396,7 @@ The above command sets the MariaDB `root` account password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/mariadb
helm install my-release -f values.yaml my-repo/mariadb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -463,7 +456,7 @@ Find more information about how to deal with common errors related to Bitnami's
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
```console
$ helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD]
helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD]
```
| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes.
@ -520,7 +513,7 @@ Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`:
```console
$ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
```
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release.
@ -529,7 +522,7 @@ $ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] -
Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec.
In https://github.com/helm/charts/pull/17308 the `apiVersion` of the statefulset resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage.
In <https://github.com/helm/charts/pull/17308> the `apiVersion` of the statefulset resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage.
This major version bump signifies this change.
@ -546,7 +539,7 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is mariadb:
```console
$ kubectl delete statefulset opencart-mariadb --cascade=false
kubectl delete statefulset opencart-mariadb --cascade=false
```
## License
@ -557,7 +550,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/mariadb/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/mariadb/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/mariadb/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

62
charts/bitnami/mariadb/templates/secrets.yaml
View File

@ -1,3 +1,7 @@
{{- $host := include "mariadb.primary.fullname" . }}
{{- $port := print .Values.primary.service.ports.mysql }}
{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- if eq (include "mariadb.createSecret" .) "true" }}
apiVersion: v1
kind: Secret
@ -14,13 +18,13 @@ metadata:
type: Opaque
data:
{{- if (not .Values.auth.forcePassword) }}
mariadb-root-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) }}
mariadb-root-password: {{ print $rootPassword | b64enc | quote }}
{{- else }}
mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
{{- end }}
{{- if (not (empty .Values.auth.username)) }}
{{- if (not .Values.auth.forcePassword) }}
mariadb-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) }}
mariadb-password: {{ print $password | b64enc | quote }}
{{- else }}
mariadb-password: {{ required "A MariaDB Database Password is required!" .Values.auth.password | b64enc | quote }}
{{- end }}
@ -33,3 +37,57 @@ data:
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.serviceBindings.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-root
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mysql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mysql" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
user: {{ print "root" | b64enc | quote }}
password: {{ print $rootPassword | b64enc | quote }}
uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }}
{{- if .Values.auth.username }}
{{- $database := .Values.auth.database }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-custom-user
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mysql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mysql" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
user: {{ print .Values.auth.username | b64enc | quote }}
{{- if $database }}
database: {{ print $database | b64enc | quote }}
{{- end }}
password: {{ print $password | b64enc | quote }}
uri: {{ printf "mysql://%s:%s@%s:%s/%s" .Values.auth.username $password $host $port $database | b64enc | quote }}
{{- end }}
{{- end }}

12
charts/bitnami/mariadb/values.yaml
View File

@ -65,6 +65,12 @@ diagnosticMode:
args:
- infinity
## @param serviceBindings.enabled Create secret for service binding (Experimental)
## Ref: https://servicebinding.io/service-provider/
##
serviceBindings:
enabled: false
## @section MariaDB common parameters
##
@ -81,7 +87,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.6.12-debian-11-r0
tag: 10.6.12-debian-11-r3
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -989,7 +995,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r80
tag: 11-debian-11-r86
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
@ -1025,7 +1031,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.14.0-debian-11-r86
tag: 0.14.0-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)

6
charts/bitnami/mysql/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2023-01-09T03:04:58.278003695Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-17T18:14:57.644290951Z"

2
charts/bitnami/mysql/Chart.yaml
View File

@ -30,4 +30,4 @@ name: mysql
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mysql
- https://mysql.com
version: 9.4.8
version: 9.5.0

73
charts/bitnami/mysql/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mysql
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mysql
```
## Introduction
@ -32,8 +32,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mysql
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mysql
```
These commands deploy MySQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -45,7 +45,7 @@ These commands deploy MySQL on the Kubernetes cluster in the default configurati
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -60,23 +60,22 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
### Common parameters
| Name | Description | Value |
| ------------------------ | --------------------------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` |
| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` |
| `fullnameOverride` | String to fully override common.names.fullname template | `""` |
| `namespaceOverride` | String to fully override common.names.namespace | `""` |
| `clusterDomain` | Cluster domain | `cluster.local` |
| `commonAnnotations` | Common annotations to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` |
| `commonLabels` | Common labels to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` |
| `extraDeploy` | Array with extra yaml to deploy with the chart. Evaluated as a template | `[]` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
| Name | Description | Value |
| ------------------------- | --------------------------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` |
| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` |
| `fullnameOverride` | String to fully override common.names.fullname template | `""` |
| `namespaceOverride` | String to fully override common.names.namespace | `""` |
| `clusterDomain` | Cluster domain | `cluster.local` |
| `commonAnnotations` | Common annotations to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` |
| `commonLabels` | Common labels to add to all MySQL resources (sub-charts are not considered). Evaluated as a template | `{}` |
| `extraDeploy` | Array with extra yaml to deploy with the chart. Evaluated as a template | `[]` |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
### MySQL common parameters
@ -84,7 +83,7 @@ The command removes all the Kubernetes components associated with the chart and
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | MySQL image registry | `docker.io` |
| `image.repository` | MySQL image repository | `bitnami/mysql` |
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.32-debian-11-r0` |
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.32-debian-11-r8` |
| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -103,7 +102,6 @@ The command removes all the Kubernetes components associated with the chart and
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MySQL Primary parameters
| Name | Description | Value |
@ -192,7 +190,6 @@ The command removes all the Kubernetes components associated with the chart and
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MySQL primary pods that may be made unavailable | `""` |
| `primary.podLabels` | MySQL Primary pod label. If labels are same as commonLabels , this will take precedence | `{}` |
### MySQL Secondary parameters
| Name | Description | Value |
@ -282,7 +279,6 @@ The command removes all the Kubernetes components associated with the chart and
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MySQL secondary pods that may be made unavailable | `""` |
| `secondary.podLabels` | Additional pod labels for MySQL secondary pods | `{}` |
### RBAC parameters
| Name | Description | Value |
@ -294,7 +290,6 @@ The command removes all the Kubernetes components associated with the chart and
| `rbac.create` | Whether to create & use RBAC resources or not | `false` |
| `rbac.rules` | Custom RBAC rules to set | `[]` |
### Network Policy
| Name | Description | Value |
@ -303,7 +298,6 @@ The command removes all the Kubernetes components associated with the chart and
| `networkPolicy.allowExternal` | The Policy model to apply. | `true` |
| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed to MySQL | `{}` |
### Volume Permissions parameters
| Name | Description | Value |
@ -311,13 +305,12 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r75` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.resources` | Init container volume-permissions resources | `{}` |
### Metrics parameters
| Name | Description | Value |
@ -325,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r81` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r90` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -370,7 +363,7 @@ The above parameters map to the env variables defined in [bitnami/mysql](https:/
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set auth.rootPassword=secretpassword,auth.database=app_database \
my-repo/mysql
```
@ -382,7 +375,7 @@ The above command sets the MySQL `root` account password to `secretpassword`. Ad
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/mysql
helm install my-release -f values.yaml my-repo/mysql
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -443,14 +436,14 @@ The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/stora
If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/).
## Network Policy
## Network Policy config
To enable network policy for MySQL, install [a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), and set `networkPolicy.enabled` to `true`.
For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace:
```console
$ kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}"
```
With NetworkPolicy enabled, traffic will be limited to just port 3306.
@ -473,7 +466,7 @@ Find more information about how to deal with common errors related to Bitnami's
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
```console
$ helm upgrade my-release my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD]
helm upgrade my-release my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD]
```
| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes.
@ -503,7 +496,7 @@ Affected values:
### To 8.0.0
- Several parameters were renamed or disappeared in favor of new ones on this major version:
- The terms *master* and *slave* have been replaced by the terms *primary* and *secondary*. Therefore, parameters prefixed with `master` or `slave` are now prefixed with `primary` or `secondary`, respectively.
- The terms _master_ and _slave_ have been replaced by the terms _primary_ and _secondary_. Therefore, parameters prefixed with `master` or `slave` are now prefixed with `primary` or `secondary`, respectively.
- Credentials parameters are reorganized under the `auth` parameter.
- `replication.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`.
- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels).
@ -516,7 +509,7 @@ Consequences:
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mysql`:
```console
$ helm install mysql my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
helm install mysql my-repo/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
```
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release.
@ -533,19 +526,19 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 3.0.0. The following example assumes that the release name is mysql:
```console
$ kubectl delete statefulset mysql-master --cascade=false
$ kubectl delete statefulset mysql-slave --cascade=false
kubectl delete statefulset mysql-master --cascade=false
kubectl delete statefulset mysql-slave --cascade=false
```
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/mysql/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/mysql/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

Some files were not shown because too many files have changed in this diff Show More