andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add portworx (#1094) 

Signed-off-by: pragrawal_pure <pragrawal@purestorage.com>
pull/1097/head
Pradyuman Agrawal 2025-01-13 23:24:12 +05:30 committed by GitHub
parent 07484154bb
commit 93439e90dc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
26 changed files with 12431 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
assets/icons/portworx.svg Normal file
View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>
<svg width="24px" height="44px" viewBox="0 0 24 44" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<!-- Generator: Sketch 53.2 (72643) - https://sketchapp.com -->
<title>Group</title>
<desc>Created with Sketch.</desc>
<defs>
<linearGradient x1="50%" y1="100%" x2="50%" y2="0%" id="linearGradient-1">
<stop stop-color="#E56F30" offset="0%"></stop>
<stop stop-color="#BC3A26" offset="100%"></stop>
</linearGradient>
<linearGradient x1="0%" y1="50%" x2="100%" y2="50%" id="linearGradient-2">
<stop stop-color="#F47A3A" offset="0%"></stop>
<stop stop-color="#D55028" offset="98.471%"></stop>
</linearGradient>
<linearGradient x1="0%" y1="50%" x2="100%" y2="50%" id="linearGradient-3">
<stop stop-color="#D54927" offset="0%"></stop>
<stop stop-color="#F58240" offset="100%"></stop>
</linearGradient>
</defs>
<g id="Patterns---Portal" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
<g id="pattern/portal/navigation/left/3" transform="translate(-24.000000, -24.000000)" fill-rule="nonzero">
<g id="Group" transform="translate(24.000000, 24.000000)">
<polygon id="Shape" fill="url(#linearGradient-1)" points="0 38.1279912 12 44 12 30"></polygon>
<polygon id="Shape" fill="url(#linearGradient-2)" points="13.6400728 15.7190546 0 24.5640721 0 38 12.1012225 30.1531773 24 22.4363642 24 9"></polygon>
<polygon id="Shape" fill="url(#linearGradient-3)" points="0 6.93304815 0.0420824861 6.96141615 13.5989106 16 24 9.0651507 10.4181014 0.0117074269 10.4010894 0"></polygon>
</g>
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
assets/portworx/portworx-5.1.1.tgz Normal file
View File

Binary file not shown.

26
charts/portworx/portworx/5.1.1/Chart.yaml Normal file
View File

@ -0,0 +1,26 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Portworx Enterprise
catalog.cattle.io/kube-version: '>=1.26-0'
catalog.cattle.io/release-name: ""
apiVersion: v1
appVersion: 3.2.1.1
description: A Helm chart for installing Portworx on Kubernetes.
home: https://portworx.com/
icon: file://assets/icons/portworx.svg
keywords:
- Storage
- ICP
- IKS
- persistent disk
- pvc
- cloud native storage
- persistent storage
- portworx
- amd64
- Commercial
kubeVersion: '>=1.26-0'
name: portworx
sources:
- https://github.com/portworx/helm
version: 5.1.1

239
charts/portworx/portworx/5.1.1/README.md Normal file
View File

@ -0,0 +1,239 @@
# Portworx
[Portworx](https://portworx.com/) is a software defined persistent storage solution designed and purpose built for applications deployed as containers, via container orchestrators such as Kubernetes, Marathon and Swarm. It is a clustered block storage solution and provides a Cloud-Native layer from which containerized stateful applications programmatically consume block, file and object storage services directly through the scheduler.
## Pre-requisites
The helm chart (portworx-helm) deploys Portworx and Stork (https://docs.portworx.com/scheduler/kubernetes/stork.html) on your Kubernetes cluster. The minimum requirements for deploying the helm chart are as follows:
- Helm has been installed on the client machine from where you would install the chart (https://docs.helm.sh/using_helm/#installing-helm).
- Tiller version 2.9.0 and above is running on the Kubernetes cluster where you wish to deploy Portworx.
- Tiller has been provided with the right RBAC permissions for the chart to be deployed correctly.
- Kubernetes 1.7+
- All [pre-requisites](https://docs.portworx.com/install-portworx/prerequisites/) for Portworx fulfilled.
## Upgrading the Chart from an old chart with Daemonset
1. Deploy StorageCluster CRD.
Helm does not handle CRD upgrade, let's manually deploy it.
```
kubectl apply -f ./charts/portworx/crds/core_v1_storagecluster_crd.yaml
```
2. Run helm upgrade with the original values.yaml that was used to deploy the Daemonset chart.
```
helm upgrade [RELEASE] [CHART] -f values.yaml
```
3. Review the StorageCluster spec. If any value is not expected, change values.yaml and run `helm upgrade` to update it.
```
kubectl -n kube-system describe storagecluster
```
4. Approve the migration
```
kubectl -n kube-system annotate storagecluster --all --overwrite portworx.io/migration-approved='true'
```
5. Wait for migration to complete
Describe the StorageCluster to see event `Migration completed successfully`. If migration fails, there is corresponding event about the failure.
```
kubectl -n kube-system describe storagecluster
```
6. Rollback to Daemonset (Unsupported)
Use `helm rollback` to rollback to Daemonset install is not supported, if there is any issue during migration please try to update values.yaml and perform `helm upgrade`.
## Installing the Chart
To install the chart with the release name `my-release` run the following commands substituting relevant values for your setup:
##### NOTE:
Upgrading from previous versions to 4.0.0 is not backward compatible. Please review the values configuration for the latest release.
`internalKVDB` is set to `true` by default. Portworx would by default use internal kvdb.
To use an external KVDB, you can provide the `etcdEndPoint`
If the etcd cluster being used is a secured etcd (SSL/TLS) then please follow instructions to create a kubernetes secret with the certs. https://docs.portworx.com/scheduler/kubernetes/etcd-certs-using-secrets.html#create-kubernetes-secret
`clusterName` should be a unique name identifying your Portworx cluster. The default value is `mycluster`, but it is suggested to update it with your naming scheme.
For eg:
```
git clone https://github.com/portworx/helm.git
helm install --debug --name my-release --set clusterName=$(uuidgen) ./helm/charts/portworx/
```
## Configuration
The following tables lists the configurable parameters of the Portworx chart and their default values.
| Parameter | Description | Default
|--------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------|
| `imageVersion` | Version of the PX image | 3.2.1.1 |
| `pxOperatorImageVersion` | Version of the PX operator image | 24.2.1 |
| `openshiftInstall` | Installing on Openshift? | false |
| `nonDisruptivek8sUpgrade` | Used to disable or enable smart and parallel kubetnetes node upgrades. By default, S&P upgrades are disabled. To enable them, set this to true | false |
| `skipHealthChecks` | Used to skip health checks. By default, health checks are enabled. Set this to true to disable health checks | false |
| `pksInstall` | Installing on Pivotal Container service? | false |
| `EKSInstall` | Installing EKS (Amazon Elastic Container service) | false |
| `AKSInstall` | Installing on AKS (Azure Kubernetes service) | false |
| `GKEInstall` | Installing on GKE (Google Kubernetes Engine) | false |
| `etcdEndPoint` | (REQUIRED) etcd endpoint for PX to function properly in the form "etcd:http://<your-etcd-endpoint>". Multiple Urls should be semi-colon seperated example: etcd:http://<your-etcd-endpoint1>;etcd:http://<your-etcd-endpoint2> | "" |
| `clusterName` | Portworx Cluster Name | "mycluster" |
| `usefileSystemDrive` | Should Portworx use an unmounted drive even with a filesystem ? | false |
| `usedrivesAndPartitions` | Should Portworx use the drives as well as partitions on the disk ? | false |
| `drives` | Semi-colon seperated list of drives to be used for storage (example: "/dev/sda;/dev/sdb") | "none" |
| `provider` | Specifies the cloud provider name, such as: pure, azure, aws, gce, vsphere, if using cloud storage. | "" |
| `journalDevice` | Journal device for Portworx metadata | "" |
| `cacheDevices` | semi-colon seperated list of cache devices Portworx should use. | "" |
| `maxStorageNodesPerZone` | Indicates the maximum number of storage nodes per zone. If this number is reached, and a new node is added to the zone, Portworx doesn't provision drives for the new node. Instead, Portworx starts the node as a compute-only node | 0 |
| `maxStorageNodes` | Specifies the maximum number of storage nodes. If this number is reached, and a new node is added, Portworx doesn't provision drives for the new node. Instead, Portworx starts the node as a compute-only node. As a best practice, it is recommended to use the `maxStorageNodesPerZone` field | 0 |
| `systemMetadataDevice` | Specifies the device Portworx uses to store metadata. | "" |
| `secretType` | Secrets store to be used can be AWS KMS/KVDB/Vault/K8s/IBM Key Protect | k8s |
| `dataInterface` | Name of the interface <ethX> | "none" |
| `managementInterface` | Name of the interface <ethX> | "none" |
| `serviceType` | Kubernetes service type for services deployed by the Operator. Direct Values like 'LoadBalancer', 'NodePort' will change all services. To change the types of specific services, value can be specified as 'portworx-service:LoadBalancer;portworx-api:ClusterIP'| "none" |
| `runtimeOptions` | semi-colon seperated list of key-value pairs that overwrite the runtime options.| "" |
| `featureGates` | semi-colon seperated list of key-value specifying which Portworx features should be enabled or disabled | "" |
| `security.enabled` | Enables or disables Security at any given time | false |
| `security.auth.guestAccess` | Determines how the guest role will be updated in your cluster. Options are Enabled, Disabled, or Managed | "Enabled" |
| `security.auth.selfSigned.tokenLifetime` | Time till operator-generated tokens will be alive until being refreshed | "" |
| `security.auth.selfSigned.issuer` | The issuer name to be used when configuring PX-Security | "" |
| `security.auth.selfSigned.sharedSecret` | The Kubernetes secret name for retrieving and storing your shared secret. | "" |
| `resources` | Configure Portworx container usage such as memory and CPU usage.| {} |
| `customMetadata.annotations.pod.storage` | Custom annotations for Portworx pods | "" |
| `customMetadata.annotations.service.portworxApi` | Custom annotations for portwork-api service | "" |
| `customMetadata.annotations.service.portworxService` | Custom annotations for portwork-service | "" |
| `customMetadata.annotations.service.portworxKVDBService` | Custom annotations for portworx-kvdb-service | "" |
| `customMetadata.labels.service.portworxApi` | Custom labels for portwork-api service. Currently, custom labels are only supported on the portworx-api service | "" |
| `envVars` | semi-colon-separated list of environment variables that will be exported to portworx. (example: MYENV1=val1;MYENV2=val2) ( Depricated : use `envs` to set environment variables) | "none" |
| `envs` | Add environment variables to the Portworx container in all Kubernetes-supported formats | [] |
| `disableStorageClass` | Disable installation of default Portworx StorageClasses. | false |
| `stork.enabled` | [Storage Orchestration for Hyperconvergence](https://github.com/libopenstorage/stork). | true |
| `stork.storkVersion` | The version of stork | "" |
| `stork.args` | Pass arguments to Stork container | "" |
| `stork.volumes` | Add volumes to Stork container | [] |
| `stork.env` | List of Kubernetes like environment variables passed to Stork | [] |
| `customRegistryURL` | Custom Docker registry | "" |
| `registrySecret` | Registry secret | "" |
| `monitoring.prometheus.enabled` | Enable or disable Prometheus | false |
| `monitoring.prometheus.exportMetrics` | Expose the Portworx metrics to an external or operator deployed Prometheus | false |
| `monitoring.prometheus.alertManager` | Enable or disable alertmanager | false |
| `monitoring.prometheus.resources` | Configure stork container resources such memory and cpu | {} |
| `monitoring.prometheus.replicas` | Number of prometheus replicas that will be deployed | 1 |
| `monitoring.prometheus.retention` | Time period for which prometheus retains historical matrics | "24h" |
| `monitoring.prometheus.retentionSize` | Maximum amount of disk space that Prometheus can use to store historical metrics. Example: "10GiB","50MiB" | "" |
| `monitoring.prometheus.storage` | Storage type that Prometheus will use for storing data | {} |
| `monitoring.prometheus.volumes` | Additional volumes for the prometheus statefulSet | [] |
| `monitoring.prometheus.volumeMounts` | Additional VolumeMounts for the Prometheus StatefulSet | [] |
| `monitoring.prometheus.securityContext.runAsNonRoot` | Enable prometheus container run as a non-root user | false |
| `monitoring.telemetry` | Enable or disable telemetry | true |
| `monitoring.grafana` | Enable or disable grafana | false |
| `csi.enabled` | Enables CSI | true |
| `csi.topology.enabled` | Enable CSI topology feature gate | false |
| `csi.installSnapshotController` | Install CSI Snapshot Controller | false |
| `autopilot.enabled` | Enable AutoPilot | true |
| `autopilot.image` | Specify AutoPilot image | "" |
| `autopilot.lockImage` | Enables locking AutoPilot to the given image | false |
| `autopilot.args` | semicolon sperated list to Override or add new AutoPilot arguments | "" |
| `autopilot.env` | List of Kubernetes like environment variables passed to Autopilot | [] |
| `internalKVDB` | Internal KVDB store | true |
| `kvdbDevice` | specify a separate device to store KVDB data, only used when internalKVDB is set to true | "" |
| `kvdb.authSecretName` | Name of the secret for configuring secure KVDB (https://docs.portworx.com/portworx-enterprise/operations/kvdb-for-portworx/external-kvdb#secure-your-etcd-communication)| "none" |
| `etcd.credentials` | Username and password for etcd authentication in the form user:password (Depricated : use `kvdb.authSecretName`) | "none":"none" |
| `etcd.certPath` | Base path where the certificates are placed. (example: if the certificates ca,.crt and the .key are in /etc/pwx/etcdcerts the value should be provided as /etc/pwx/etcdcerts Refer: https://docs.portworx.com/scheduler/kubernetes/etcd-certs-using-secrets.html) (Depricated : use `kvdb.authSecretName`) | "none" |
| `etcd.ca` | Location of CA file for etcd authentication. Should be /path/to/server.ca (Depricated : use `kvdb.authSecretName`)| "none" |
| `etcd.cert` | Location of certificate for etcd authentication. Should be /path/to/server.crt (Depricated : use `kvdb.authSecretName`) | "none" |
| `etcd.key` | Location of certificate key for etcd authentication Should be /path/to/servery.key (Depricated : use `kvdb.authSecretName`)| "none" |
| `consul.token` | ACL token value used for Consul authentication. (example: 398073a8-5091-4d9c-871a-bbbeb030d1f6) (Depricated : use `kvdb.authSecretName`) (Depricated : use `kvdb.authSecretName`) |
| `volumes` | Specifies volumes for Portworx by defining a name, mount path, mount propagation (None, HostToContainer, Bidirectional), and whether the volume is read-only. For secrets, provide the secret name and map specific keys to paths. Supported volume types include Host, Secret, and ConfigMap | [] |
| `tolerations` | Specifies tolerations for scheduling Portworx pods. | [] |
| `nodeAffinity` | Specifies node affinity rules for Portworx pods. | {} |
| `nodesConfiguration` | Override certain cluster-level configurations for individual or groups of nodes, including network, storage, environment variables, and runtime options. | [] |
| `clusterToken.create` | Determines whether a cluster token should be created. | false |
| `clusterToken.secretName` | Name of the Kubernetes secret to be created for the cluster token. Requires clusterToken.create to be true. | "px-vol-encryption" |
| `clusterToken.serviceAccountName` | Service account name to use for the post-install hook to create the cluster token. | "px-create-cluster-token" |
| `deleteStrategy.type` | Optional: Specifies the delete strategy for the Portworx cluster. Valid values: Uninstall, UninstallAndWipe | "" |
| `updateStrategy.type` | Specifies the update strategy for the Portworx cluster. Supported values: RollingUpdate, OnDelete | "" |
| `updateStrategy.maxUnavailable` | Maximum number of nodes that can be unavailable during a rolling update | 1 |
| `updateStrategy.minReadySeconds` | Minimum number of seconds that a pod should be ready before the next batch of pods is updated during a rolling update | 1 |
| `updateStrategy.disruption.allow` | This field is used to enable or disable smart and parallel upgrade. Smart upgrade is disabled by default, Enable it by setting to false. we can use the `maxUnavailable` field to control the maximum number of Portworx nodes that can be upgraded at a time | None |
| `updateStrategy.autoUpdateComponents` | Specifies the update strategy for the component images. Valid values: None, Once, Always | None |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
## Cloud installs
#### Installing on AKS
Details are [here](https://docs.portworx.com/portworx-install-with-kubernetes/cloud/azure/aks/2-deploy-px/).
> **Tip**: In this case the chart is located at `./helm/charts/portworx`, do change it as per your setup.
```
helm install --name my-release --set imageVersion=1.2.12.0,etcdEndPoint=etcd:http://192.168.70.90:2379 ./helm/charts/portworx/
```
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```
helm install --name my-release -f ./helm/charts/portworx/values.yaml ./helm/charts/portworx
```
> **Tip**: You can use the default [values.yaml](values.yaml) and make changes as per your requirement
#### Installing on IKS [ IBM Cloud ]
Refer the IBM charts [here](https://github.com/IBM/charts/tree/master/community/portworx)
> **Tip**: You will need to add the IBM charts repo with the repo path set to rawgithub
```
helm repo add ibm-porx https://raw.githubusercontent.com/IBM/charts/master/repo/community
```
## Upgrading Portworx Install
You can update the `imageVersion` value in the YAML file that specifies the values for the parameters used while installing the chart.
```
helm upgrade my-release -f ./helm/charts/portworx/values.yaml ./helm/charts/portworx
```
Alternatively, you can also use the `--set` directive to do the same. For example,
```
helm upgrade my-release --set imageVersion=<px-version>,etcdEndPoint=<list-of-etcd-endpoints>,clusterName=<cluster-name> -f ./helm/charts/portworx/values.yaml ./helm/charts/portworx
```
> **Tip**: You can check the upgrade with the new values took effect using. Check the reference for upgrade [here](https://v2.helm.sh/docs/using_helm/#helm-upgrade-and-helm-rollback-upgrading-a-release-and-recovering-on-failure)
```
helm get values my-release
```
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
The chart would follow the process as outlined here. (https://docs.portworx.com/scheduler/kubernetes/install.html#uninstall)
> **Tip** > The Portworx configuration files under `/etc/pwx/` directory are preserved, and will not be deleted.
```
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
### Basic troubleshooting
#### Helm install errors with `no available release name found`
```
helm install --dry-run --debug --set etcdEndPoint=etcd:http://192.168.70.90:2379,clusterName=$(uuidgen) ./helm/charts/portworx/
[debug] Created tunnel using local port: '37304'
[debug] SERVER: "127.0.0.1:37304"
[debug] Original chart version: ""
[debug] CHART PATH: /root/helm/charts/portworx
Error: no available release name found
```
This most likely indicates that Tiller doesn't have the right RBAC permissions.
You can verify the tiller logs
```
[storage/driver] 2018/02/07 06:00:13 get: failed to get "singing-bison.v1": configmaps "singing-bison.v1" is forbidden: User "system:serviceaccount:kube-system:default" cannot get configmaps in the namespace "kube-system"
[tiller] 2018/02/07 06:00:13 info: generated name singing-bison is taken. Searching again.
[tiller] 2018/02/07 06:00:13 warning: No available release names found after 5 tries
[tiller] 2018/02/07 06:00:13 failed install prepare step: no available release name found
```

8
charts/portworx/portworx/5.1.1/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
# Portworx
[Portworx](https://portworx.com/) is a software defined storage overlay that allows you to
* Run containerized stateful applications that are highly-available (HA) across multiple nodes, cloud instances, regions, data centers or even clouds
* Migrate workflows between multiple clusters running across same or hybrid clouds
* Run hyperconverged workloads where the data resides on the same host as the applications
* Have programmatic control on your storage resources

4247
charts/portworx/portworx/5.1.1/crds/core_v1_storagecluster_crd.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

191
charts/portworx/portworx/5.1.1/crds/core_v1_storagenode_crd.yaml Normal file
View File

@ -0,0 +1,191 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: storagenodes.core.libopenstorage.org
spec:
group: core.libopenstorage.org
names:
kind: StorageNode
listKind: StorageNodeList
plural: storagenodes
singular: storagenode
shortNames:
- sn
scope: Namespaced
versions:
- name: v1
served: true
storage: true
subresources:
status: {}
additionalPrinterColumns:
- name: ID
type: string
description: The corresponding Kubernetes node name for the storage node
jsonPath: .status.nodeUid
- name: Status
type: string
description: The status of the storage node
jsonPath: .status.phase
- name: Version
type: string
description: The version of the storage node
jsonPath: .spec.version
- name: Age
type: date
description: The age of the storage cluster
jsonPath: .metadata.creationTimestamp
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
description: The desired behavior of the storage node. Currently changing the spec does
not affect the actual storage node in the cluster. Eventually spec in StorageNode will
override the spec from StorageCluster so that configuration can be overridden at node
level.
properties:
version:
type: string
description: Version of the storage driver on the node.
cloudStorage:
type: object
description: Details of storage on the node for cloud environments.
properties:
driveConfigs:
type: array
description: List of cloud drive configs for the storage node.
items:
type: object
properties:
type:
type: string
description: Type of cloud drive.
sizeInGiB:
type: integer
format: int64
minimum: 0
description: Size of cloud drive in GiB.
iops:
type: integer
format: int64
minimum: 0
description: IOPS required from the cloud drive.
options:
type: object
x-kubernetes-preserve-unknown-fields: true
description: Additional options for the cloud drive.
status:
type: object
description: Most recently observed status of the storage node. The data may not be up
to date.
properties:
nodeUid:
type: string
description: Unique ID of the storage node.
phase:
type: string
description: Phase of the StorageNode is a simple, high-level summary of where
the StorageNode is in its lifecycle. The condition array contains more detailed
information about the state of the node.
network:
type: object
description: Contains network information used by the storage node
properties:
dataIP:
type: string
description: IP address used by the storage driver for data traffic.
mgmtIP:
type: string
description: IP address used by the storage driver for management traffic.
storage:
type: object
description: Contains details of the status of storage for the node
properties:
totalSize:
type: string
description: Cumulative total size of all storage pools on the node.
usedSize:
type: string
description: Cumulative used size of all storage pools on the node.
conditions:
type: array
description: Contains details for the current condition of this storage node.
items:
type: object
properties:
type:
type: string
description: Type of the condition.
status:
type: string
description: Status of the condition.
reason:
type: string
description: Reason is a unique one-word reason about the current state
of the cluster.
message:
type: string
description: Message is the human readable message indicating details about the
current state of the cluster.
lastTransitionTime:
type: string
format: date-time
description: Time at which the condition changed.
checks:
type: array
description: Contains list of pre or post flight checks that are performed by the Operator
items:
type: object
properties:
type:
type: string
description: Type of the check.
reason:
type: string
description: Reason for success or failure of the check
success:
type: boolean
description: If true, the check was successful
result:
type: string
description: Result of the check fatal, warning, success
geography:
type: object
description: Contains topology information for the storage node.
properties:
region:
type: string
description: Region in which the storage node is placed.
zone:
type: string
description: Zone in which the storage node is placed.
rack:
type: string
description: Rack on which the storage node is placed.
operatingSystem:
type: string
description: Operating system of the underlying host.
kernelVersion:
type: string
description: Kernel version of the underlying host.
nodeAttributes:
type: object
description: Attributes of the storage node.
properties:
storage:
type: boolean
description: Indicates whether the node is a storage node or not.
kvdb:
type: boolean
description: Indicates whether the node is a kvdb node or not.
- name: v1alpha1
served: false
storage: false
subresources:
status: {}
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true

975
charts/portworx/portworx/5.1.1/files/portworx-cluster-dashboard.json Normal file
View File

@ -0,0 +1,975 @@
{
"__inputs": [
{
"name": "DS_PROMETHEUS",
"label": "prometheus",
"description": "",
"type": "datasource",
"pluginId": "prometheus",
"pluginName": "Prometheus"
}
],
"__requires": [
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "5.0.0-beta1"
},
{
"type": "panel",
"id": "heatmap",
"name": "Heatmap",
"version": ""
},
{
"type": "datasource",
"id": "prometheus",
"name": "Prometheus",
"version": "1.0.0"
},
{
"type": "panel",
"id": "singlestat",
"name": "Singlestat",
"version": ""
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": "-- Grafana --",
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"gnetId": null,
"graphTooltip": 0,
"id": null,
"iteration": 1541099197839,
"links": [],
"panels": [
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 0
},
"id": 54,
"panels": [],
"repeat": null,
"title": "Portworx Cluster \"[[Cluster]]\"",
"type": "row"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": true,
"colors": [
"#fce2de",
"#eab839",
"#bf1b00"
],
"datasource": "prometheus",
"format": "percent",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": true,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 4,
"w": 4,
"x": 0,
"y": 1
},
"id": 56,
"interval": null,
"links": [],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "sum(px_cluster_disk_utilized_bytes{cluster=~\"[[Cluster]]\"})/sum(px_cluster_disk_total_bytes{cluster=~\"[[Cluster]]\"})",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "80,90",
"title": "Usage Meter",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "total"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "bytes",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 4,
"w": 4,
"x": 4,
"y": 1
},
"id": 63,
"interval": null,
"links": [
{
"dashUri": "db/portworx-volume-dashboard",
"dashboard": "Portworx Volume Dashboard",
"includeVars": true,
"keepTime": true,
"targetBlank": true,
"title": "Portworx Volume Dashboard",
"type": "dashboard"
}
],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": true
},
"tableColumn": "",
"targets": [
{
"expr": "sum(px_cluster_disk_utilized_bytes{cluster=~\"[[Cluster]]\"})",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "",
"title": "Capacity Used",
"transparent": false,
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "percent",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 4,
"w": 4,
"x": 8,
"y": 1
},
"id": 61,
"interval": null,
"links": [],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": true
},
"tableColumn": "",
"targets": [
{
"expr": "avg(px_cluster_cpu_percent{cluster=~\"[[Cluster]]\"})",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "",
"title": "Avg. Cluster CPU",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "none",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 2,
"w": 4,
"x": 12,
"y": 1
},
"id": 62,
"interval": null,
"links": [
{
"dashUri": "db/portworx-node-dashboard",
"dashboard": "Portworx Node Dashboard",
"includeVars": true,
"keepTime": true,
"targetBlank": true,
"title": "Portworx Node Dashboard",
"type": "dashboard"
}
],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": true
},
"tableColumn": "",
"targets": [
{
"expr": "min(px_cluster_status_cluster_size{cluster=~\"[[Cluster]]\"}) ",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "",
"title": "# Nodes (total)",
"transparent": false,
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": true,
"colorValue": false,
"colors": [
"#299c46",
"#629e51",
"#d44a3a"
],
"datasource": "prometheus",
"format": "short",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 4,
"w": 4,
"x": 16,
"y": 1
},
"hideTimeOverride": true,
"id": 81,
"interval": "15s",
"links": [],
"mappingType": 2,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "2",
"text": "Quorum Unhealthy",
"to": "1000"
},
{
"from": "0",
"text": "Quorum Healthy",
"to": "1.99"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": false,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "min(px_cluster_status_cluster_size{cluster=~\"[[Cluster]]\"})/sum(px_cluster_status_cluster_quorum{cluster=~\"[[Cluster]]\"})",
"format": "time_series",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "1.1,1.9",
"timeFrom": "1m",
"title": "Quorum",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "2"
}
],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "none",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 2,
"w": 4,
"x": 20,
"y": 1
},
"id": 85,
"interval": null,
"links": [
{
"dashUri": "db/portworx-node-dashboard",
"dashboard": "Portworx Node Dashboard",
"includeVars": true,
"keepTime": true,
"targetBlank": true,
"title": "Portworx Node Dashboard",
"type": "dashboard"
}
],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": true
},
"tableColumn": "",
"targets": [
{
"expr": "min(px_cluster_status_nodes_online{cluster=~\"[[Cluster]]\"}) ",
"format": "time_series",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "",
"title": "# Nodes online",
"transparent": false,
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": false,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "none",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 2,
"w": 4,
"x": 12,
"y": 3
},
"id": 83,
"interval": null,
"links": [],
"mappingType": 1,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "null",
"text": "N/A",
"to": "null"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": false,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "min(px_cluster_status_storage_nodes_online{cluster=~\"[[Cluster]]\"})",
"format": "time_series",
"intervalFactor": 1,
"refId": "A"
}
],
"thresholds": "",
"title": "Storage Providers",
"type": "singlestat",
"valueFontSize": "80%",
"valueMaps": [
{
"op": "=",
"text": "N/A",
"value": "null"
}
],
"valueName": "current"
},
{
"cacheTimeout": null,
"colorBackground": true,
"colorValue": false,
"colors": [
"#299c46",
"rgba(237, 129, 40, 0.89)",
"#d44a3a"
],
"datasource": "prometheus",
"format": "short",
"gauge": {
"maxValue": 100,
"minValue": 0,
"show": false,
"thresholdLabels": false,
"thresholdMarkers": true
},
"gridPos": {
"h": 2,
"w": 4,
"x": 20,
"y": 3
},
"id": 84,
"interval": null,
"links": [],
"mappingType": 2,
"mappingTypes": [
{
"name": "value to text",
"value": 1
},
{
"name": "range to text",
"value": 2
}
],
"maxDataPoints": 100,
"nullPointMode": "connected",
"nullText": null,
"postfix": "",
"postfixFontSize": "50%",
"prefix": "",
"prefixFontSize": "50%",
"rangeMaps": [
{
"from": "0",
"text": "All members online",
"to": "0"
},
{
"from": "1",
"text": "Members offline",
"to": "1"
},
{
"from": "2",
"text": "Members offline",
"to": "1000"
}
],
"sparkline": {
"fillColor": "rgba(31, 118, 189, 0.18)",
"full": true,
"lineColor": "rgb(31, 120, 193)",
"show": false
},
"tableColumn": "",
"targets": [
{
"expr": "min(px_cluster_status_cluster_size{cluster=\"[[Cluster]]\"})-min(px_cluster_status_storage_nodes_online{cluster=\"[[Cluster]]\"})",
"format": "time_series",
"instant": false,
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"thresholds": "0.5,1",
"title": "",
"type": "singlestat",
"valueFontSize": "50%",
"valueMaps": [
{
"op": "=",
"text": "",
"value": "0"
},
{
"op": "=",
"text": "",
"value": ""
}
],
"valueName": "current"
},
{
"cards": {
"cardPadding": null,
"cardRound": null
},
"color": {
"cardColor": "#b4ff00",
"colorScale": "sqrt",
"colorScheme": "interpolateOranges",
"exponent": 0.5,
"mode": "spectrum"
},
"dataFormat": "timeseries",
"datasource": "prometheus",
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 5
},
"heatmap": {},
"highlightCards": true,
"id": 78,
"legend": {
"show": true
},
"links": [
{
"dashUri": "db/portworx-node-dashboard",
"dashboard": "Portworx Node Dashboard",
"includeVars": true,
"keepTime": true,
"targetBlank": true,
"title": "Portworx Node Dashboard",
"type": "dashboard"
}
],
"targets": [
{
"expr": "px_cluster_cpu_percent{cluster =~ \"[[Cluster]]\"}",
"format": "time_series",
"interval": "5m",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"title": "CPU utilization heat map",
"tooltip": {
"show": true,
"showHistogram": true
},
"transparent": false,
"type": "heatmap",
"xAxis": {
"show": true
},
"xBucketNumber": null,
"xBucketSize": null,
"yAxis": {
"decimals": null,
"format": "percent",
"logBase": 1,
"max": null,
"min": null,
"show": true,
"splitFactor": null
},
"yBucketNumber": null,
"yBucketSize": null
},
{
"cards": {
"cardPadding": null,
"cardRound": null
},
"color": {
"cardColor": "#b4ff00",
"colorScale": "sqrt",
"colorScheme": "interpolateOranges",
"exponent": 0.5,
"mode": "spectrum"
},
"dataFormat": "timeseries",
"datasource": "prometheus",
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 5
},
"heatmap": {},
"highlightCards": true,
"id": 79,
"legend": {
"show": true
},
"links": [
{
"dashUri": "db/portworx-node-dashboard",
"dashboard": "Portworx Node Dashboard",
"includeVars": true,
"keepTime": true,
"targetBlank": true,
"title": "Node Drilldown",
"type": "dashboard"
}
],
"repeat": null,
"repeatDirection": "h",
"targets": [
{
"expr": "px_cluster_memory_utilized_percent{cluster =~ \"[[Cluster]]\"}",
"format": "time_series",
"interval": "5m",
"intervalFactor": 1,
"legendFormat": "{{cluster}}",
"refId": "A"
}
],
"title": "Memory utilization heat map",
"tooltip": {
"show": true,
"showHistogram": true
},
"type": "heatmap",
"xAxis": {
"show": true
},
"xBucketNumber": null,
"xBucketSize": null,
"yAxis": {
"decimals": null,
"format": "percent",
"logBase": 1,
"max": null,
"min": null,
"show": true,
"splitFactor": null
},
"yBucketNumber": null,
"yBucketSize": null
}
],
"refresh": "30s",
"schemaVersion": 16,
"style": "dark",
"tags": [],
"templating": {
"list": [
{
"allValue": null,
"current": {},
"datasource": "prometheus",
"hide": 1,
"includeAll": false,
"label": "",
"multi": false,
"name": "Cluster",
"options": [],
"query": "px_cluster_cpu_percent",
"refresh": 1,
"regex": "/.*cluster=\"([^\"]*).*/",
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
}
]
},
"time": {
"from": "now-3h",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "",
"title": "Portworx Cluster Dashboard",
"uid": "xLgt8oTik",
"version": 6
}

1189
charts/portworx/portworx/5.1.1/files/portworx-etcd-dashboard.json Normal file
View File

File diff suppressed because it is too large Load Diff

1529
charts/portworx/portworx/5.1.1/files/portworx-node-dashboard.json Normal file
View File

File diff suppressed because it is too large Load Diff

2247
charts/portworx/portworx/5.1.1/files/portworx-volume-dashboard.json Normal file
View File

File diff suppressed because it is too large Load Diff

43
charts/portworx/portworx/5.1.1/questions.yml Normal file
View File

@ -0,0 +1,43 @@
questions:
################################## Basic Settings ############################
- variable: imageVersion
default: "3.2.1.1"
type: string
label: Portworx version to be deployed.
group: "Basic Settings"
- variable: clusterName
type: string
label: Portworx cluster name
default: mycluster
group: "Basic Settings"
############ Storage Parameters ##############
- variable: usedrivesAndPartitions
label: "Use unmounted drives and partitions"
descrition: "Use unmounted disks even if they have a partition or filesystem on it. PX will never use a drive or partition that is mounted."
type: boolean
default: false
group: "Storage Parameters"
################################### Registry settings options ################################
- variable: customRegistry
label: "Use a custom container registry?"
type: boolean
default: false
group: "Container Registry Parameters"
- variable: registrySecret
show_if: "customRegistry=true"
description: "Specify a custom Kubernetes secret that will be used to authenticate with a container registry. Must be defined in kube-system namespace. (example: regcred)"
type: string
label: "Registry Kubernetes Secret"
group: "Container Registry Parameters"
- variable: customRegistryURL
show_if: "customRegistry=true"
description: "Specify a custom container registry server (including repository) that will be used instead of index.docker.io to download Docker images. (example: dockerhub.acme.net:5443 or myregistry.com/myrepository/)"
label: "Custom Registry URL"
type: string
group: "Container Registry Parameters"

24
charts/portworx/portworx/5.1.1/templates/NOTES.txt Normal file
View File

@ -0,0 +1,24 @@
Your Release is named {{ .Release.Name | quote }}
Portworx Pods should be running on each node in your cluster.
Portworx would create a unified pool of the disks attached to your Kubernetes nodes.
No further action should be required and you are ready to consume Portworx Volumes as part of your application data requirements.
For further information on usage of the Portworx in creating Volumes please refer
https://docs.portworx.com/portworx-enterprise/operations/operate-kubernetes/storage-operations/create-pvcs
Explore the fundamental concepts of Portworx volumes refer
https://docs.portworx.com/portworx-enterprise/concepts
Want to use Storage Orchestration for hyperconvergence, Please look at Stork here.
https://docs.portworx.com/portworx-enterprise/operations/operate-kubernetes/storage-operations/stork
Track the health and performance of your storage cluster using Portworxs monitoring features.
https://docs.portworx.com/portworx-enterprise/operations/operate-kubernetes/monitoring
Refer to the install various stateful applications with Portworx.
https://docs.portworx.com/portworx-enterprise/operations/operate-kubernetes/application-install-with-kubernetes
For options that you could provide while installing Portworx on your cluster head over to the README.md

287
charts/portworx/portworx/5.1.1/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,287 @@
{{/* Gets the correct API Version based on the version of the cluster
*/}}
{{- define "rbac.apiVersion" -}}
{{$version := .Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+" | trimPrefix "v"}}
{{- if semverCompare ">= 1.8" $version -}}
"rbac.authorization.k8s.io/v1"
{{- else -}}
"rbac.authorization.k8s.io/v1beta1"
{{- end -}}
{{- end -}}
{{- define "px.labels" -}}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
{{- end -}}
{{- define "driveOpts" }}
{{ $v := .Values.installOptions.drives | split "," }}
{{$v._0}}
{{- end -}}
{{- define "px.kubernetesVersion" -}}
{{$version := .Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+"}}{{$version}}
{{- end -}}
{{- define "px.kubectlImageTag" -}}
{{$version := .Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+" | trimPrefix "v" | split "."}}
{{- $major := index $version "_0" -}}
{{- $minor := index $version "_1" -}}
{{printf "%s.%s" $major $minor }}
{{- end -}}
{{- define "px.getPxOperatorImage" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ cat (trim .Values.customRegistryURL) "/px-operator" | replace " " ""}}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/portworx/px-operator" | replace " " ""}}
{{- end -}}
{{- else -}}
{{ "portworx/px-operator" }}
{{- end -}}
{{- end -}}
{{- define "px.getImage" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{- if .Values.openshiftInstall -}}
{{ cat (trim .Values.customRegistryURL) "/px-monitor" | replace " " ""}}
{{- else -}}
{{ cat (trim .Values.customRegistryURL) "/oci-monitor" | replace " " ""}}
{{- end -}}
{{- else -}}
{{- if .Values.openshiftInstall -}}
{{cat (trim .Values.customRegistryURL) "/portworx/px-monitor" | replace " " ""}}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/portworx/oci-monitor" | replace " " ""}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if .Values.openshiftInstall -}}
{{ "registry.connect.redhat.com/portworx/px-monitor" }}
{{- else -}}
{{ "portworx/oci-monitor" }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "px.getStorkImage" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ cat (trim .Values.customRegistryURL) "/stork" | replace " " ""}}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/openstorage/stork" | replace " " ""}}
{{- end -}}
{{- else -}}
{{ "openstorage/stork" }}
{{- end -}}
{{- end -}}
{{- define "px.getk8sImages" -}}
{{- $version := .Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+" | trimPrefix "v" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ trim .Values.customRegistryURL }}
{{- else -}}
{{- if or (or (and (semverCompare ">= 1.16.14" $version ) (semverCompare "<=1.17.0" $version)) (and (semverCompare ">= 1.17.10" $version) (semverCompare "<=1.18.0" $version ))) (semverCompare ">=1.18.7" $version) -}}
{{cat (trim .Values.customRegistryURL) "/k8s.gcr.io" | replace " " ""}}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/gcr.io/google_containers" | replace " " ""}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- if or (or (and (semverCompare ">= 1.16.14" $version ) (semverCompare "<=1.17.0" $version)) (and (semverCompare ">= 1.17.10" $version) (semverCompare "<=1.18.0" $version ))) (semverCompare ">=1.18.7" $version) -}}
{{ "k8s.gcr.io" }}
{{- else -}}
{{ "gcr.io/google_containers" }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "px.getPauseImage" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ trim .Values.customRegistryURL }}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/k8s.gcr.io" | replace " " ""}}
{{- end -}}
{{- else -}}
{{ "k8s.gcr.io" }}
{{- end -}}
{{- end -}}
{{- define "px.getcsiImages" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ trim .Values.customRegistryURL }}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/quay.io/k8scsi" | replace " " ""}}
{{- end -}}
{{- else -}}
{{ "quay.io/k8scsi" }}
{{- end -}}
{{- end -}}
{{- define "px.getLighthouseImages" -}}
{{- if (.Values.customRegistryURL) -}}
{{- if (eq "/" (.Values.customRegistryURL | regexFind "/")) -}}
{{ trim .Values.customRegistryURL }}
{{- else -}}
{{cat (trim .Values.customRegistryURL) "/portworx" | replace " " ""}}
{{- end -}}
{{- else -}}
{{ "portworx" }}
{{- end -}}
{{- end -}}
{{- define "px.registryConfigType" -}}
{{- $version := .Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+" | trimPrefix "v" -}}
{{- if semverCompare ">=1.9" $version -}}
".dockerconfigjson"
{{- else -}}
".dockercfg"
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account to use for hooks
*/}}
{{- define "px.hookServiceAccount" -}}
{{- if .Values.serviceAccount.hook.create -}}
{{- printf "%s-hook" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ default "default" .Values.serviceAccount.hook.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the cluster role to use for hooks
*/}}
{{- define "px.hookClusterRole" -}}
{{- if .Values.serviceAccount.hook.create -}}
{{- printf "%s-hook" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ default "default" .Values.serviceAccount.hook.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the cluster role binding to use for hooks
*/}}
{{- define "px.hookClusterRoleBinding" -}}
{{- if .Values.serviceAccount.hook.create -}}
{{- printf "%s-hook" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ default "default" .Values.serviceAccount.hook.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the role to use for hooks
*/}}
{{- define "px.hookRole" -}}
{{- if .Values.serviceAccount.hook.create -}}
{{- printf "%s-hook" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ default "default" .Values.serviceAccount.hook.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the role binding to use for hooks
*/}}
{{- define "px.hookRoleBinding" -}}
{{- if .Values.serviceAccount.hook.create -}}
{{- printf "%s-hook" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ default "default" .Values.serviceAccount.hook.name }}
{{- end -}}
{{- end -}}
{{/*
Generate a random token for storage provisioning
*/}}
{{- define "portworx-cluster-key" -}}
{{- randAlphaNum 16 | nospace | b64enc -}}
{{- end -}}
{{- define "px.affinityPxEnabledOperator" -}}
{{- if .Values.requirePxEnabledTag -}}
{{- "In" }}
{{- else -}}
{{ "NotIn" }}
{{- end -}}
{{- end -}}
{{- define "px.getDeploymentNamespace" -}}
{{- if (.Release.Namespace) -}}
{{- if (eq "default" .Release.Namespace) -}}
{{- printf "portworx" -}}
{{- else -}}
{{- printf "%s" .Release.Namespace -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "px.affinityPxEnabledValue" -}}
{{- if .Values.requirePxEnabledTag -}}
{{- "true" | quote }}
{{- else -}}
{{ "false" | quote }}
{{- end -}}
{{- end -}}
{{- define "px.deprecatedKvdbArgs" }}
{{- $result := "" }}
{{- if ne .Values.etcd.credentials "none:none" }}
{{- $result = printf "%s -userpwd %s" $result .Values.etcd.credentials }}
{{- end }}
{{- if ne .Values.etcd.ca "none" }}
{{- $result = printf "%s -ca %s" $result .Values.etcd.ca }}
{{- end }}
{{- if ne .Values.etcd.cert "none" }}
{{- $result = printf "%s -cert %s" $result .Values.etcd.cert }}
{{- end }}
{{- if ne .Values.etcd.key "none" }}
{{- $result = printf "%s -key %s" $result .Values.etcd.key }}
{{- end }}
{{- if ne .Values.consul.token "none" }}
{{- $result = printf "%s -acltoken %s" $result .Values.consul.token }}
{{- end }}
{{- trim $result }}
{{- end }}
{{- define "px.miscArgs" }}
{{- $result := "" }}
{{- if (include "px.deprecatedKvdbArgs" .) }}
{{- $result = printf "%s %s" $result (include "px.deprecatedKvdbArgs" .) }}
{{- end }}
{{- if ne .Values.miscArgs "none" }}
{{- $result = printf "%s %s" $result .Values.miscArgs }}
{{- end }}
{{- trim $result }}
{{- end }}
{{- define "px.volumesPresent" }}
{{- $result := false }}
{{- if (default false .Values.isTargetOSCoreOS) }}
{{- $result = true }}
{{- end }}
{{- if ne (default "none" .Values.etcd.certPath) "none" }}
{{- $result = true }}
{{- end }}
{{- if .Values.volumes }}
{{- $result = true }}
{{- end }}
{{- $result }}
{{- end }}

134
charts/portworx/portworx/5.1.1/templates/hooks/post-install/px-create-cluster-token.yaml Normal file
View File

@ -0,0 +1,134 @@
{{- if (.Values.clusterToken.create) }}
{{- $customRegistryURL := .Values.customRegistryURL | default "none" }}
{{- $registrySecret := .Values.registrySecret | default "none" }}
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ template "px.getDeploymentNamespace" . }}
name: px-set-cluster-token
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
annotations:
"helm.sh/hook": post-install
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
spec:
backoffLimit: 0
template:
spec:
{{- if not (eq $registrySecret "none") }}
imagePullSecrets:
- name: {{ $registrySecret }}
{{- end }}
restartPolicy: Never
serviceAccountName: {{ .Values.clusterToken.serviceAccountName }}
containers:
- name: post-install-job
{{- if eq $customRegistryURL "none" }}
image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- else}}
image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- end }}
env:
- name: NS
value: {{ template "px.getDeploymentNamespace" . }}
- name: KEY
value: cluster-wide-secret-key
command: ['/bin/bash', '-c']
args:
- |
readyPortworxPod=$(kubectl -n $NS get pods -lname=portworx -o jsonpath='{range .items[*]}{.status.conditions[?(@.type=="Ready")].status}{" "}{.metadata.name}{"\n"}{end}' | grep True | cut -d' ' -f2 | head -n1)
kubectl -n $NS exec -c portworx $readyPortworxPod -- /opt/pwx/bin/pxctl secrets set-cluster-key --secret $KEY
initContainers:
- name: post-install-job-init
{{- if eq $customRegistryURL "none" }}
image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- else}}
image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- end }}
env:
- name: NS
value: {{ template "px.getDeploymentNamespace" . }}
command: ['/bin/bash', '-c']
args:
- |
# Get ready state of all Portworx pods (True or False)
output=$(kubectl -n $NS get pods -l name=portworx -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}')
# Wait until there is at least one pod and at least one of them is ready
while [[ $(echo -n $output | wc -c) -eq 0 ]] || [[ $(echo -n $output | grep -v True) ]]; do
sleep 5
output=$(kubectl -n $NS get pods -l name=portworx -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}')
done
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.clusterToken.serviceAccountName }}
namespace: {{ template "px.getDeploymentNamespace" . }}
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
"helm.sh/hook": "post-install"
labels:
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
---
kind: Role
apiVersion: {{ template "rbac.apiVersion" . }}
metadata:
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
"helm.sh/hook": post-install
name: {{ .Values.clusterToken.serviceAccountName }}-role
namespace: {{ template "px.getDeploymentNamespace" . }}
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "watch", "list" ]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create"]
---
kind: RoleBinding
apiVersion: {{ template "rbac.apiVersion" . }}
metadata:
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
"helm.sh/hook": post-install
name: {{ .Values.clusterToken.serviceAccountName }}-binding
namespace: {{ template "px.getDeploymentNamespace" . }}
subjects:
- kind: ServiceAccount
name: {{ .Values.clusterToken.serviceAccountName }}
namespace: {{ template "px.getDeploymentNamespace" . }}
roleRef:
kind: Role
name: {{ .Values.clusterToken.serviceAccountName }}-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Secret
metadata:
annotations:
"helm.sh/hook-delete-policy": before-hook-creation
"helm.sh/hook": post-install
name: {{ .Values.clusterToken.secretName }}
namespace: portworx
labels:
name: {{ .Values.clusterToken.secretName }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
type: "Opaque"
data:
cluster-wide-secret-key: {{ template "portworx-cluster-key" }}
{{- end }}

41
charts/portworx/portworx/5.1.1/templates/hooks/pre-delete/delete-storagecluster.yaml Normal file
View File

@ -0,0 +1,41 @@
{{- if .Values.deployCluster }}
{{- $customRegistryURL := .Values.customRegistryURL | default "none" }}
{{- $registrySecret := .Values.registrySecret | default "none" }}
{{- $clusterName := .Values.clusterName }}
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ template "px.getDeploymentNamespace" . }}
name: px-hook-delete-storagecluster
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
backoffLimit: 0
template:
spec:
{{- if not (eq $registrySecret "none") }}
imagePullSecrets:
- name: {{ $registrySecret }}
{{- end }}
serviceAccountName: {{ template "px.hookServiceAccount" . }}
restartPolicy: Never
containers:
- name: delete-storagecluster
{{- if eq $customRegistryURL "none" }}
image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- else}}
image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- end}}
command: ['/bin/sh',
'-c',
'kubectl -n {{ template "px.getDeploymentNamespace" . }} delete storagecluster {{ $clusterName }} --ignore-not-found']
{{- end }}

97
charts/portworx/portworx/5.1.1/templates/hooks/pre-upgrade/retain-daemonset-install.yaml Normal file
View File

@ -0,0 +1,97 @@
{{- $customRegistryURL := .Values.customRegistryURL | default "none" }}
{{- $registrySecret := .Values.registrySecret | default "none" }}
apiVersion: batch/v1
kind: Job
metadata:
namespace: {{ template "px.getDeploymentNamespace" . }}
name: px-hook-retain-daemonset-resources
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
annotations:
"helm.sh/hook": pre-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
template:
spec:
{{- if not (eq $registrySecret "none") }}
imagePullSecrets:
- name: {{ $registrySecret }}
{{- end }}
serviceAccountName: {{ template "px.hookServiceAccount" . }}
restartPolicy: Never
containers:
- name: retain-px-daemonset
{{- if eq $customRegistryURL "none" }}
image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- else}}
image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
{{- end}}
command: ['/bin/sh',
'-c',
'kubectl -n kube-system annotate DaemonSet portworx-api helm.sh/resource-policy=keep --overwrite;
kubectl -n kube-system annotate DaemonSet portworx helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service stork-service helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service prometheus helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service portworx-service helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service autopilot helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service grafana helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service alertmanager-portworx helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service px-csi-service helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Service portworx-api helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment stork-scheduler helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment px-csi-ext helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment autopilot helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment grafana helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment stork helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Deployment prometheus-operator helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate RoleBinding px-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Role px-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding stork-scheduler-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding stork-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding node-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding prometheus helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding px-csi-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding autopilot-role-binding helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRoleBinding prometheus-operator helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole stork-scheduler-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole autopilot-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole prometheus helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole prometheus-operator helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole node-get-put-list-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole px-csi-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate ClusterRole stork-role helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate StorageClass stork-snapshot-sc helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate StorageClass portworx-shared-sc helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate StorageClass portworx-db2-sc helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate StorageClass portworx-null-sc helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate StorageClass portworx-db-sc helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ConfigMap grafana-dashboard-config helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ConfigMap autopilot-config helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ConfigMap grafana-dashboards helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ConfigMap grafana-source-config helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ConfigMap stork-config helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount stork-scheduler-account helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount px-account helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount prometheus-operator helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount px-csi-account helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount stork-account helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount prometheus helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceAccount autopilot-account helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Alertmanager portworx helm.sh/resource-policy=keep --overwrite || true;
kubectl annotate CSIDriver pxd.portworx.com helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate Prometheus prometheus helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate PrometheusRule prometheus-portworx-rules-portworx.rules.yaml helm.sh/resource-policy=keep --overwrite || true;
kubectl -n kube-system annotate ServiceMonitor portworx-prometheus-sm helm.sh/resource-policy=keep --overwrite || true;
']

8
charts/portworx/portworx/5.1.1/templates/portworx-k8s-secrets.yaml Normal file
View File

@ -0,0 +1,8 @@
{{- if and (eq .Release.Namespace "default") (not (lookup "v1" "Namespace" "portworx" "portworx")) }}
apiVersion: v1
kind: Namespace
metadata:
name: {{ template "px.getDeploymentNamespace" . }}
annotations:
"helm.sh/hook": pre-install
{{- end }}

103
charts/portworx/portworx/5.1.1/templates/portworx-operator.yaml Normal file
View File

@ -0,0 +1,103 @@
{{- if .Values.deployOperator }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: portworx-operator
namespace: {{ template "px.getDeploymentNamespace" . }}
{{- if (semverCompare "<1.25" (.Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+"| trimPrefix "v"))}}
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: px-operator
spec:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
volumes:
- secret
runAsUser:
rule: 'RunAsAny'
seLinux:
rule: 'RunAsAny'
supplementalGroups:
rule: 'RunAsAny'
fsGroup:
rule: 'RunAsAny'
{{- end }}
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: portworx-operator
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
{{- if (semverCompare "<1.25" (.Capabilities.KubeVersion.GitVersion | regexFind "^v\\d+\\.\\d+\\.\\d+"| trimPrefix "v"))}}
- apiGroups: ["policy"]
resources: ["podsecuritypolicies"]
resourceNames: ["px-operator"]
verbs: ["use"]
{{- end }}
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: portworx-operator
subjects:
- kind: ServiceAccount
name: portworx-operator
namespace: {{ template "px.getDeploymentNamespace" . }}
roleRef:
kind: ClusterRole
name: portworx-operator
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: portworx-operator
namespace: {{ template "px.getDeploymentNamespace" . }}
spec:
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
replicas: 1
selector:
matchLabels:
name: portworx-operator
template:
metadata:
labels:
name: portworx-operator
spec:
containers:
- name: portworx-operator
imagePullPolicy: Always
image: {{ template "px.getPxOperatorImage" . }}:{{ required "A valid Image tag is required in the SemVer format" .Values.pxOperatorImageVersion }}
command:
- /operator
- --verbose
- --driver=portworx
- --leader-elect=true
env:
- name: OPERATOR_NAME
value: portworx-operator
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "name"
operator: In
values:
- portworx-operator
topologyKey: "kubernetes.io/hostname"
serviceAccountName: portworx-operator
{{- end }}

48
charts/portworx/portworx/5.1.1/templates/serviceaccount-hook.yaml Normal file
View File

@ -0,0 +1,48 @@
{{- if (.Values.serviceAccount.hook.create) }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "px.hookServiceAccount" . }}
namespace: {{ template "px.getDeploymentNamespace" . }}
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook": "post-install,pre-upgrade,pre-delete"
labels:
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
---
kind: ClusterRole
apiVersion: {{ template "rbac.apiVersion" . }}
metadata:
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook": "post-install,pre-upgrade,pre-delete"
name: {{ template "px.hookClusterRole" . }}
rules:
# for daemonset to operator migration, we need hooks for all resources deployed by daemonset, due to resources are
# different in different helm charts (GCP, IKS, Rancher and portworx), we use wild card here. After daemonset
# migration is finished for all customers we shall change this back to limited access.
- apiGroups: ["*"]
resources: ["*"]
verbs: ["*"]
---
kind: ClusterRoleBinding
apiVersion: {{ template "rbac.apiVersion" . }}
metadata:
annotations:
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook": "post-install,pre-upgrade,pre-delete"
name: {{ template "px.hookClusterRoleBinding" . }}
subjects:
- kind: ServiceAccount
name: {{ template "px.hookServiceAccount" . }}
namespace: {{ template "px.getDeploymentNamespace" . }}
roleRef:
kind: ClusterRole
name: {{ template "px.hookClusterRole" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

606
charts/portworx/portworx/5.1.1/templates/storage-cluster.yaml Normal file
View File

@ -0,0 +1,606 @@
{{- if and (.Values.deployCluster) (or (not (lookup "apps/v1" "DaemonSet" "kube-system" "portworx")) (default true .Values.generateStorageClusterForMigration)) }}
{{- $isCoreOS := .Values.isTargetOSCoreOS | default false }}
{{- $internalKVDB := .Values.internalKVDB | default false }}
{{- $etcdEndPoints := .Values.etcdEndPoint }}
{{- $etcdCertPath := .Values.etcd.certPath | default "none" }}
{{- $etcdCert := .Values.etcd.cert | default "none" }}
{{- $etcdKey := .Values.etcd.key | default "none" }}
{{- $kvdbAuthSecret := .Values.kvdb.authSecretName | default "none" }}
{{- $openshiftInstall := .Values.openshiftInstall | default false }}
{{- $EKSInstall := .Values.EKSInstall | default false }}
{{- $GKEInstall := .Values.GKEInstall | default false }}
{{- $pksInstall := .Values.pksInstall | default false }}
{{- $AKSInstall := .Values.AKSInstall | default false }}
{{- $OKEInstall := .Values.OKEInstall | default false }}
{{- $usefileSystemDrive := .Values.usefileSystemDrive | default false }}
{{- $usedrivesAndPartitions := .Values.usedrivesAndPartitions | default false }}
{{- $secretType := .Values.secretType | default "k8s" }}
{{- $deployEnvironmentIKS := .Capabilities.KubeVersion.GitVersion | regexMatch "IKS" }}
{{- $drives := .Values.drives | default "none" }}
{{- $dataInterface := .Values.dataInterface | default "none" }}
{{- $managementInterface := .Values.managementInterface | default "none" }}
{{- $envVars := .Values.envVars | default "none" }}
{{- $customRegistryURL := .Values.customRegistryURL | default "none" }}
{{- $registrySecret := .Values.registrySecret | default "none" }}
{{- $licenseSecret := .Values.licenseSecret | default "none" }}
{{- $kvdbDevice := .Values.kvdbDevice | default "none" }}
{{- $journalDevice := .Values.journalDevice | default "none" }}
{{- $cacheDevices := .Values.cacheDevices | default "none"}}
{{- $systemMetadataDevice:= .Values.systemMetadataDevice | default "none"}}
{{- $miscArgs := include "px.miscArgs" . }}
{{- $volumesPresent := include "px.volumesPresent" . }}
{{- $storagePodAnnotations := .Values.customMetadata.annotations.pod.storage }}
{{- $portworxApiServiceAnnotations := .Values.customMetadata.annotations.service.portworxApi }}
{{- $portworxServiceAnnotations := .Values.customMetadata.annotations.service.portworxService }}
{{- $kvdbServiceAnnotations := .Values.customMetadata.annotations.service.portworxKVDBService }}
{{- $portworxApiServiceLabels := .Values.customMetadata.labels.service.portworxApi}}
{{- $prometheus := .Values.monitoring.prometheus}}
{{- $prometheousRetention := .Values.monitoring.prometheus.retention | default "none"}}
{{- $prometheousRetentionSize := .Values.monitoring.prometheus.retentionSize | default "none"}}
kind: StorageCluster
apiVersion: core.libopenstorage.org/v1
metadata:
name: "{{ required "Clustername cannot be empty" .Values.clusterName }}"
namespace: {{ template "px.getDeploymentNamespace" . }}
annotations:
{{- if eq $openshiftInstall true }}
portworx.io/is-openshift: "true"
{{- end }}
{{- if eq $pksInstall true }}
portworx.io/is-pks: "true"
{{- end }}
{{- if eq $EKSInstall true }}
portworx.io/is-eks: "true"
{{- end }}
{{- if eq $GKEInstall true }}
portworx.io/is-gke: "true"
{{- end }}
{{- if eq $AKSInstall true }}
portworx.io/is-aks: "true"
{{- end }}
{{- if eq $OKEInstall true }}
portworx.io/is-oke: "true"
{{- end }}
{{- if $miscArgs }}
portworx.io/misc-args: {{ $miscArgs | quote }}
{{- end }}
{{- if eq .Values.disableStorageClass true }}
portworx.io/disable-storage-class: "true"
{{- end }}
{{- if and (ne .Values.serviceType "") (ne .Values.serviceType "none") }}
portworx.io/service-type: {{ .Values.serviceType | quote }}
{{- end }}
{{- if (lookup "apps/v1" "DaemonSet" "kube-system" "portworx") }}
portworx.io/migration-approved: "false"
{{- end }}
{{- if eq .Values.nonDisruptivek8sUpgrade true }}
portworx.io/disable-non-disruptive-upgrade: "false"
{{- end }}
{{- if eq .Values.skipHealthChecks true }}
portworx.io/health-check: "skip"
{{- end }}
labels:
heritage: {{.Release.Service | quote }}
release: {{.Release.Name | quote }}
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
app.kubernetes.io/managed-by: {{.Release.Service | quote }}
app.kubernetes.io/instance: {{.Release.Name | quote }}
spec:
image: portworx/oci-monitor:{{ required "A valid Image tag is required in the SemVer format" .Values.imageVersion }}
imagePullPolicy: Always
{{- if not (eq $customRegistryURL "none") }}
customImageRegistry: {{ $customRegistryURL }}
{{- end }}
{{- if not (eq $registrySecret "none") }}
imagePullSecret: {{ $registrySecret }}
{{- end }}
{{- if (or (eq (toString .Values.updateStrategy.type) "RollingUpdate") (eq (toString .Values.updateStrategy.type) "OnDelete")) }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
{{- if eq .Values.updateStrategy.type "RollingUpdate"}}
rollingUpdate:
{{- if .Values.updateStrategy.maxUnavailable}}
maxUnavailable: {{.Values.updateStrategy.maxUnavailable}}
{{- end}}
{{- if .Values.updateStrategy.minReadySeconds}}
minReadySeconds: {{.Values.updateStrategy.minReadySeconds}}
{{- end}}
{{- if and (not (eq .Values.updateStrategy.disruption.allow nil)) (or (eq .Values.updateStrategy.disruption.allow true) (eq .Values.updateStrategy.disruption.allow false)) }}
disruption:
allow: {{.Values.updateStrategy.disruption.allow}}
{{- end}}
{{- end}}
{{- end }}
{{- if .Values.updateStrategy.autoUpdateComponents}}
autoUpdateComponents: {{.Values.updateStrategy.autoUpdateComponents}}
{{- end}}
{{- $hasAnnotations := or ($storagePodAnnotations) ($portworxApiServiceAnnotations) ($portworxServiceAnnotations ) ($kvdbServiceAnnotations) }}
{{- $hasLabels := $portworxApiServiceLabels }}
{{- $hasMetadata := or $hasAnnotations $hasLabels }}
{{- if $hasMetadata}}
metadata:
{{- if $hasLabels}}
labels:
{{- if $portworxApiServiceLabels }}
service/portworx-api:
{{- $labels := $portworxApiServiceLabels | split ";" }}
{{- range $key, $val := $labels }}
{{- $label := $val | split "=" }}
{{ $label._0 | trim }}: {{ $label._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- end}}
{{- if $hasAnnotations}}
annotations:
{{- if $storagePodAnnotations }}
pod/storage:
{{- $annotations := $storagePodAnnotations | split ";" }}
{{- range $key, $val := $annotations }}
{{- $annotation := $val | split "=" }}
{{ $annotation._0 | trim }}: {{ $annotation._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- if $portworxApiServiceAnnotations }}
service/portworx-api:
{{- $annotations := $portworxApiServiceAnnotations | split ";" }}
{{- range $key, $val := $annotations }}
{{- $annotation := $val | split "=" }}
{{ $annotation._0 | trim }}: {{ $annotation._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- if $portworxServiceAnnotations }}
service/portworx-service:
{{- $annotations := $portworxServiceAnnotations | split ";" }}
{{- range $key, $val := $annotations }}
{{- $annotation := $val | split "=" }}
{{ $annotation._0 | trim }}: {{ $annotation._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- if $kvdbServiceAnnotations }}
service/portworx-kvdb-service:
{{- $annotations := $kvdbServiceAnnotations | split ";" }}
{{- range $key, $val := $annotations }}
{{- $annotation := $val | split "=" }}
{{ $annotation._0 | trim }}: {{ $annotation._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- end}}
{{- end }}
kvdb:
{{- if and (eq $internalKVDB true) (empty $etcdEndPoints) }}
internal: true
{{- else }}
internal: false
{{- if empty $etcdEndPoints }}
"{{ required "A valid ETCD url in the format etcd:http://<your-etcd-endpoint> is required. Verify that the key is correct and there isnt any typo in specifying that, also ensure it is accessible from all node of your kubernetes cluster" .etcdEndPoint}}"
{{- else }}
endpoints:
{{- $endpoints := $etcdEndPoints | split ";" }}
{{- range $key, $val := $endpoints }}
- {{$val}}
{{- end }}
{{- end }}
{{- if ne $kvdbAuthSecret "none" }}
authSecret: {{ .Values.kvdb.authSecretName }}
{{- end }}
{{- end }}
{{- if and (ne $drives "none") (not (hasPrefix "/" $drives)) }}
cloudStorage:
{{- if .Values.provider}}
provider: {{ .Values.provider }}
{{- end}}
deviceSpecs:
{{- $driveNames := $drives | split ";" }}
{{- range $index, $name := $driveNames }}
- {{ $name }}
{{- end }}
{{- if and (ne $kvdbDevice "none") (not (hasPrefix "/" $kvdbDevice)) }}
kvdbDeviceSpec: {{ $kvdbDevice }}
{{- end }}
{{- if ne $systemMetadataDevice "none"}}
systemMetadataDeviceSpec: {{ $systemMetadataDevice }}
{{- end }}
{{- if and (ne $journalDevice "none") (not (hasPrefix "/" $journalDevice)) }}
journalDeviceSpec: {{ $journalDevice }}
{{- end }}
{{- if ne (.Values.maxStorageNodesPerZone | int) 0 }}
maxStorageNodesPerZone: {{ .Values.maxStorageNodesPerZone }}
{{- end }}
{{- if ne (.Values.maxStorageNodes | int) 0 }}
maxStorageNodes: {{ .Values.maxStorageNodes }}
{{- end }}
{{- else }}
{{- if $AKSInstall }}
cloudStorage:
{{- if .Values.provider}}
provider: {{ .Values.provider }}
{{- end}}
deviceSpecs:
- type=Premium_LRS,size=150
{{- if and (ne $kvdbDevice "none") (not (hasPrefix "/" $kvdbDevice)) }}
kvdbDeviceSpec: {{ $kvdbDevice }}
{{- end }}
{{- if ne $systemMetadataDevice "none"}}
systemMetadataDeviceSpec: {{ $systemMetadataDevice }}
{{- end }}
{{- if and (ne $journalDevice "none") (not (hasPrefix "/" $journalDevice)) }}
journalDeviceSpec: {{ $journalDevice }}
{{- end }}
{{- if gt (.Values.maxStorageNodesPerZone | int) 0 }}
maxStorageNodesPerZone: {{ .Values.maxStorageNodesPerZone }}
{{- end }}
{{- if ne (.Values.maxStorageNodes | int) 0 }}
maxStorageNodes: {{ .Values.maxStorageNodes }}
{{- end }}
{{- else }}
storage:
{{- if hasPrefix "/" $drives }}
devices:
{{- $driveNames := $drives | split ";" }}
{{- range $index, $name := $driveNames }}
- {{ $name }}
{{- end }}
{{- end }}
{{- if ne $cacheDevices "none"}}
cacheDevices:
{{- $devices := $cacheDevices | split ";" }}
{{- range $index, $device := $devices }}
- {{ $device }}
{{- end }}
{{- end}}
{{- if or $usefileSystemDrive $deployEnvironmentIKS }}
forceUseDisks: true
{{- end }}
{{- if eq $usedrivesAndPartitions true }}
useAllWithPartitions: true
{{- end}}
{{- if and (eq $usedrivesAndPartitions false) (eq $drives "none")}}
useAll: true
{{- end }}
{{- if and (ne $kvdbDevice "none") (hasPrefix "/" $kvdbDevice) }}
kvdbDevice: {{ $kvdbDevice }}
{{- end }}
{{- if ne $systemMetadataDevice "none"}}
systemMetadataDevice: {{ $systemMetadataDevice }}
{{- end }}
{{- if and (ne $journalDevice "none") (or (hasPrefix "/" $journalDevice) (eq "auto" $journalDevice)) }}
journalDevice: {{ $journalDevice }}
{{- end }}
{{- end }}
{{- end }}
{{- if or (ne $dataInterface "none") (ne $managementInterface "none") }}
network:
{{- if ne $dataInterface "none" }}
dataInterface: {{ $dataInterface }}
{{- end }}
{{- if ne $managementInterface "none" }}
mgmtInterface: {{ $managementInterface }}
{{- end }}
{{- end }}
{{- if ne $secretType "none" }}
secretsProvider: {{$secretType}}
{{- else }}
{{- if $deployEnvironmentIKS }}
secretsProvider: ibm-kp
{{- end }}
{{- end }}
{{- $isLicenseSecretAdded := ne $licenseSecret "none" }}
{{- $shouldRenderEnv := or (ne $envVars "none") .Values.envs $AKSInstall $OKEInstall $isLicenseSecretAdded }}
{{- if $shouldRenderEnv }}
env:
{{- with .Values.envs }}
{{- toYaml . | nindent 2 }}
{{- end -}}
{{- if not (eq $envVars "none") }}
{{- $vars := $envVars | split ";" }}
{{- range $key, $val := $vars }}
{{- $envVariable := $val | split "=" }}
- name: {{ $envVariable._0 | trim | quote }}
value: {{ $envVariable._1 | trim | quote }}
{{- end }}
{{- end }}
{{- if $isLicenseSecretAdded }}
- name: SAAS_ACCOUNT_KEY_STRING
valueFrom:
secretKeyRef:
name: "{{ $licenseSecret }}"
key: accountKey
{{- end }}
{{- if $AKSInstall }}
- name: AZURE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: px-azure
key: AZURE_CLIENT_SECRET
- name: AZURE_CLIENT_ID
valueFrom:
secretKeyRef:
name: px-azure
key: AZURE_CLIENT_ID
- name: AZURE_TENANT_ID
valueFrom:
secretKeyRef:
name: px-azure
key: AZURE_TENANT_ID
{{- end }}
{{- if $OKEInstall }}
- name: PX_ORACLE_user_ocid
valueFrom:
secretKeyRef:
name: ociapikey
key: PX_ORACLE_user_ocid
- name: PX_ORACLE_fingerprint
valueFrom:
secretKeyRef:
name: ociapikey
key: PX_ORACLE_fingerprint
- name: "PX_ORACLE_private_key_path"
value: "/etc/pwx/oci_key/oci_api_key.pem"
{{- end }}
{{- end }}
stork:
{{- if (and (.Values.stork.enabled) (eq .Values.stork.enabled true))}}
enabled: true
{{- if .Values.stork.storkVersion }}
image: {{ template "px.getStorkImage" . }}:{{ required "A valid Image tag is required in the SemVer format" .Values.stork.storkVersion }}
{{- end }}
{{- with .Values.stork.env }}
env:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.stork.volumes }}
volumes:
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- if .Values.stork.args }}
args:
{{- $args := .Values.stork.args | split ";" }}
{{- range $key, $val := $args }}
{{- $arg := $val | split "=" }}
{{ $arg._0 | trim }}: {{ $arg._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- else }}
enabled: false
{{- end }}
{{- if or ( eq $volumesPresent "true") ( eq .Values.OKEInstall true) }}
volumes:
{{- if .Values.OKEInstall }}
- name: ociapikey
mountPath: /etc/pwx/oci_key
secret:
secretName: ociapikey
items:
- key: oci_api_key.pem
path: oci_api_key.pem
{{- end }}
{{- if eq $isCoreOS true}}
- name: src
mountPath: /lib/modules
hostPath:
path: /lib/modules
type: Directory
{{- end }}
{{- if ne $etcdCertPath "none" }}
- name: etcdcerts
mountPath: /etc/pwx/etcdcerts
secret:
secretName: px-etcd-certs
items:
- key: ca.pem
path: ca.pem
{{- if ne $etcdCert "none" }}
- key: client.pem
path: client.pem
{{- end -}}
{{- if ne $etcdKey "none" }}
- key: client-key.pem
path: client-key.key
{{- end -}}
{{- end}}
{{- with .Values.volumes }}
{{- toYaml . | nindent 2 }}
{{- end}}
{{- end }}
{{- $promethusEnabled := or $prometheus.exportMetrics $prometheus.enabled}}
{{- $monitoringEnabled := or $promethusEnabled .Values.monitoring.telemetry $prometheus.enabled .Values.grafana }}
{{- if $monitoringEnabled }}
monitoring:
{{- if $promethusEnabled }}
prometheus:
{{- if $prometheus.enabled }}
enabled: true
{{- end}}
{{- if $prometheus.exportMetrics }}
exportMetrics: true
{{- end}}
{{- if $prometheus.alertManager }}
alertManager:
enabled: true
{{- end}}
{{- if and ($prometheus.enabled) (ge (int $prometheus.replicas) 1) }}
replicas: {{ $prometheus.replicas }}
{{- end }}
{{- if and (ne $prometheousRetention "none") ($prometheus.enabled)}}
retention: {{ $prometheousRetention }}
{{- end}}
{{- if ne $prometheousRetentionSize "none"}}
retentionSize: {{ $prometheousRetentionSize }}
{{- end}}
{{- with $prometheus.resources }}
resources:
{{- toYaml . | nindent 8 }}
{{- end}}
{{- with $prometheus.storage }}
storage:
{{- toYaml . | nindent 8 }}
{{- end}}
{{- with $prometheus.volumes }}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with $prometheus.volumeMounts }}
volumeMounts:
{{- toYaml . | nindent 6 }}
{{- end}}
{{- if $prometheus.securityContext.runAsNonRoot }}
securityContext:
runAsNonRoot: true
{{- end}}
{{- end }}
{{- if .Values.monitoring.telemetry }}
telemetry:
enabled: true
{{- end }}
{{- if .Values.monitoring.grafana }}
grafana:
enabled: true
{{- end }}
{{- end }}
{{- $csiEnabled := eq .Values.csi.enabled true }}
{{- if or (eq .Values.csi.enabled true) (eq .Values.csi.enabled false) }}
csi:
enabled: {{ .Values.csi.enabled }}
{{- if $csiEnabled}}
{{- if eq .Values.csi.topology.enabled true }}
topology:
enabled: true
{{- end}}
{{- if eq .Values.csi.installSnapshotController true }}
installSnapshotController: true
{{- end}}
{{- end}}
{{- end }}
{{- if (and (.Values.autopilot.enabled) (eq .Values.autopilot.enabled true))}}
autopilot:
enabled: true
{{- if ne .Values.autopilot.image ""}}
image: {{.Values.autopilot.image}}
{{- end }}
{{- if eq .Values.autopilot.lockImage true}}
lockImage: true
{{- end }}
{{- if .Values.autopilot.args }}
args:
{{- $args := .Values.autopilot.args | split ";" }}
{{- range $key, $val := $args }}
{{- $arg := $val | split "=" }}
{{ $arg._0 | trim }}: {{ $arg._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- with .Values.autopilot.env }}
env:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.autopilot.volumes }}
volumes:
{{- toYaml . | nindent 4}}
{{- end }}
{{- with .Values.autopilot.providers }}
providers:
{{- range . }}
- name: "{{ .name }}"
type: "{{ .type }}"
params:
{{- $params := splitList ";" .params }}
{{- range $params }}
{{- $pair := splitList "=" . }}
{{- if eq (len $pair) 2 }}
{{- $key := index $pair 0 }}
{{- $value := index $pair 1 }}
{{ $key }}: "{{ $value }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.runtimeOptions }}
runtimeOptions:
{{- $args := .Values.runtimeOptions | split ";" }}
{{- range $key, $val := $args }}
{{- $arg := $val | split "=" }}
{{ $arg._0 | trim }}: {{ $arg._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- if .Values.featureGates }}
featureGates:
{{- $args := .Values.featureGates | split ";" }}
{{- range $key, $val := $args }}
{{- $arg := $val | split "=" }}
{{ $arg._0 | trim }}: {{ $arg._1 | trim | quote -}}
{{- end }}
{{- end }}
{{- if eq .Values.security.enabled true}}
security:
enabled: true
auth:
{{- if (or (eq .Values.security.auth.guestAccess "Enabled") (eq .Values.security.auth.guestAccess "Disabled") (eq .Values.security.auth.guestAccess "Managed"))}}
guestAccess: {{.Values.security.auth.guestAccess}}
{{- end}}
{{- if and .Values.security.auth.selfSigned.tokenLifetime .Values.security.auth.selfSigned.issuer .Values.security.auth.selfSigned.sharedSecret }}
selfSigned:
tokenLifetime: {{.Values.security.auth.selfSigned.tokenLifetime}}
issuer: {{.Values.security.auth.selfSigned.issuer}}
sharedSecret: {{.Values.security.auth.selfSigned.sharedSecret}}
{{- end}}
{{- end}}
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 4 }}
{{- end}}
{{- if or .Values.tolerations .Values.nodeAffinity}}
placement:
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.nodeAffinity }}
nodeAffinity:
{{- toYaml . | nindent 5 }}
{{- end}}
{{- end}}
{{- with .Values.nodesConfiguration }}
nodes:
{{- toYaml . | nindent 2 }}
{{- end}}
{{- if .Values.deleteStrategy.type }}
deleteStrategy:
type: {{ .Values.deleteStrategy.type }}
{{- end }}
{{- end }}

269
charts/portworx/portworx/5.1.1/values.yaml Normal file
View File

@ -0,0 +1,269 @@
# Please uncomment and specify values for these options as per your requirements.
deployOperator: true # Deploy the Portworx operator
deployCluster: true # Deploy the Portworx cluster
imageVersion: 3.2.1.1 # Version of the PX Image.
pxOperatorImageVersion: 24.2.1 # Version of the PX operator image.
openshiftInstall: false # Defaults to false for installing Portworx on Openshift .
isTargetOSCoreOS: false # Is your target OS CoreOS? Defaults to false.
# Used to disable or enable smart and parallel kubetnetes node upgrades.
nonDisruptivek8sUpgrade: false # By default, S&P upgrades are disabled. To enable them, set this to true
skipHealthChecks: false # Used to skip health checks. By default, health checks are enabled. Set this to true to disable health checks
pksInstall: false # installation on PKS (Pivotal Container Service)
EKSInstall: false # installation on EKS.
GKEInstall: false # installation on GKE.
AKSInstall: false # installation on AKS
OKEInstall: false # installation on OKE
etcdEndPoint: # The ETCD endpoint. Should be in the format etcd:http://<your-etcd-endpoint>:2379. If there are multiple etcd endpoints they need to be ";" seperated.
# the default value is empty since it requires to be explicity set using either the --set option of -f values.yaml.
clusterName: mycluster # This is the default. please change it to your cluster name.
usefileSystemDrive: false # true/false Instructs PX to use an unmounted Drive even if it has a filesystem.
usedrivesAndPartitions: false # Defaults to false. Change to true and PX will use unmounted drives and partitions.
drives: none # NOTE: This is a ";" seperated list of drives. For eg: "/dev/sda;/dev/sdb;/dev/sdc" or
# "type=gp2,size=200;type=gp3,size=500". Defaults to use -A switch.
provider: # If we are using cloudstorage, it specifies the cloud provider name, such as: pure, azure, aws, gce, vsphere.
journalDevice:
cacheDevices: # Specifies the list of cache devices Portworx should use. If there are multiple devices they need to be ";" seperated.
maxStorageNodesPerZone: 0 # The maximum number of storage nodes desired per zone, in case of cloud drive provisioning
maxStorageNodes: 0 # Specifies the maximum number of storage nodes. If this number is reached, and a new node is added, Portworx doesn't provision drives for the new node.
# Instead, Portworx starts the node as a compute-only node. As a best practice, it is recommended to use the maxStorageNodesPerZone field.
systemMetadataDevice: # Indicates the cloud device Portworx uses for metadata. For performance, specify a system metadata device when using Portworx with the internal KVDB.
secretType: k8s # Defaults to k8s, but can be kvdb/k8s/aws-kms/vault/ibm-kp. It is autopopulated to ibm-kp
# if the environment is IKS.
dataInterface: none # Name of the interface <ethX>
managementInterface: none # Name of the interface <ethX>
serviceType: none # Kubernetes service type for services deployed by the Operator. Direct Values like
# 'LoadBalancer', 'NodePort' will change all services. To change the types of specific
# services, value can be specified as 'portworx-service:LoadBalancer;portworx-api:ClusterIP'
runtimeOptions: # A collection of key-value pairs that overwrites the runtime options. ex num_io_threads=10;-c=px-cluster
featureGates: # A collection of key-value pairs specifying which Portworx features should be enabled or disabled.
security:
enabled: false # Enables or disables Security at any given time.
auth:
guestAccess: Enabled # Determines how the guest role will be updated in your cluster. The options are Enabled, Disabled, or Managed.
selfSigned:
tokenLifetime: # The length operator-generated tokens will be alive until being refreshed.
issuer: # The issuer name to be used when configuring PX-Security. This field maps to the PORTWORX_AUTH_JWT_ISSUER environment variable in the Portworx Daemonset.
sharedSecret: # The Kubernetes secret name for retrieving and storing your shared secret.
resources: # Configure Portworx container usage such as memory and CPU usage
# requests:
# memory: "64Mi"
# cpu: "250m"
customMetadata: # Configure custom labels and annotation for specific pod and services
# Pass labels and annotation with ";" sperated list. Example: application=my-app;environment=production
annotations: # Currently, custom annotations are supported on following types of components:
pod:
storage: ""
service:
portworxApi: ""
portworxService: ""
portworxKVDBService: ""
labels: # Currently, custom labels are only supported on the portworx-api service
service:
portworxApi: ""
envVars: none # DEPRECATED: Use envs section to set env variables
# NOTE: This is a ";" seperated list of environment variables.
# For eg: MYENV1=myvalue1;MYENV2=myvalue2
envs: # Add environment variables to the Portworx container in all Kubernetes supported formats
# - name: AWS_CA_BUNDLE
# value: "/etc/pwx/objectstore-cert/objectstore.pem"
# - name: AWS_ACCESS_KEY_ID
# valueFrom:
# secretKeyRef:
# name: aws-creds
# key: access-key
miscArgs: none # Miscellaneous arguments that will be passed to portworx verbatim. Only use this if there is
# no equivalent way to specify these options directly via a StorageCluster spec field.
disableStorageClass: false # Instructs Operator to not install the default Portworx StorageClasses.
stork: # Use Stork https://docs.portworx.com/portworx-backup-on-prem/concepts/stork for hyperconvergence.
enabled: true
storkVersion: # version of Stork. For eg: 2.7.0, when it's empty Portworx operator will pick up
# version according to Portworx version.
args: # Pass arguments to Stork container. Example: verbose=true;webhook-controller=false
volumes: # Add volumes to Stork container. Refer the top level volumes for schema.
env: # A list of Kubernetes like environment variables passed to Stork.
customRegistryURL:
registrySecret:
licenseSecret:
monitoring:
prometheus:
enabled: false # Enable prometheus
exportMetrics: false # Expose the Portworx metrics to an external or operator deployed Prometheus.
alertManager: false # Enable prometheus alert manager
resources: # Configure Prometheus resource usage such as memory and CPU usage
# requests:
# memory: "64Mi"
# cpu: "250m"
# limits:
# memory: "128Mi"
# cpu: "500m"
replicas: 1 # Number of prometheus replicas that will be deployed. Default is 1
retention: "24h" # Time period for which prometheus retains historical matrics. default is 24h.
retentionSize: "" # Maximum amount of disk space that Prometheus can use to store historical metrics. Example: "10GiB","50MiB"
storage: # storage type that Prometheus will use for storing data
# volumeClaimTemplate:
# spec:
# storageClassName: px-csi-db
# accessModes: ["ReadWriteOnce"]
# resources:
# requests:
# storage: 2Gi
#
volumes: # Additional volumes for the prometheus statefulSet
# - name: additional-volume
# emptyDir: {}
volumeMounts: # Additional VolumeMounts for the Prometheus StatefulSet
# - mountPath: /test
# name: additional-volume
securityContext: # Enable prometheus container run as a non-root user.
runAsNonRoot: false
telemetry: true # Enable telemetry
grafana: false # Enable grafana
deployOnMaster: false # For POC only
csi:
enabled: true # Enable CSI
topology:
enabled: false # Enable CSI topology feature gate
installSnapshotController: false # Enable CSI Snapshot Controller
autopilot:
enabled: true # Enable AutoPilot
image: "" # Autopilot image
lockImage: false # Enables locking Autopilot to the given image.
# When set to false, the Portworx Operator will overwrite the Autopilot image to a recommended image for given Portworx version.
args: # overrides the default Autopilot arguments or adds new arguments.Example: min_poll_interval=4;log-level=info
env: # A list of Kubernetes like environment variables passed to Autopilot
# - name: PX_SHARED_SECRET
# valueFrom:
# secretKeyRef:
# key: apps-secret
# name: px-system-secrets
volumes: # Add volumes to autopilot container. Refer the top level volumes for schema.
providers:
# - name: "" # Name is the unique name for the provider
# type: "" # Type is the type of data provider. For instance, prometheus
# params: "" # Pass params to provider. Example: url=http://datadog:9090;auth=foobar
internalKVDB: true # internal KVDB
kvdbDevice: none # specify a separate device to store KVDB data, only used when internalKVDB is set to true
etcd: # DEPRECATED: Use kvdb.authSecretName for configuring secure etcd
credentials: none:none # Username and password for ETCD authentication in the form user:password
certPath: none # Base path where the certificates are placed. (example: if the certificates ca,crt and the key are in /etc/pwx/etcdcerts the value should be provided as /etc/pwx/etcdcerts)
ca: none # Location of CA file for ETCD authentication. Should be /path/to/server.ca
cert: none # Location of certificate for ETCD authentication. Should be /path/to/server.crt
key: none # Location of certificate key for ETCD authentication Should be /path/to/servery.key
consul: # DEPRECATED: Use kvdb.authSecretName for configuring secure consul
token: none # ACL token value used for Consul authentication. (example: 398073a8-5091-4d9c-871a-bbbeb030d1f6)
kvdb:
authSecretName: none # Refer https://docs.portworx.com/portworx-enterprise/operations/kvdb-for-portworx/external-kvdb#secure-your-etcd-communication to
# create a kvdb secret and specify the name of the secret here
volumes: # Add volumes to Portworx container. Supported volume types: Host, Secret, ConfigMap
# - name: objectstore-cert
# mountPath: /etc/pwx/objectstore-cert
# mountPropagation: None|HostToContainer|Bidirectional
# readOnly: true
# secret:
# secretName: objectstore-cert
# items:
# - key: objectstore.pem
# path: objectstore.pem
tolerations: # Add tolerations
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: px-schedule
# operator: NotIn
# values:
# - "false"
nodesConfiguration: # override certain cluster level configuration for individual or group of nodes.
# - selector: # Selector for the node(s) to which the configuration in this section will be applied
# nodeName: # Name of the node to which this configuration will be applied. Node name takes precedence over selector.labelSelector
# labelSelector: # selector for nodes to which this configuration will be applied.
# network: # Specify network configuration for the selected nodes, similar to the one specified at cluster level.
# # If this network configuration is empty, then cluster level (dataInterface,managementInterface) values are used.
# dataInterface:
# mgmtInterface:
# storage: # Specify storage configuration for the selected nodes, similar to the one specified at cluster level. If some of the config is left empty,
# # the cluster level storage values are passed to the nodes.
# env: # Specify extra environment variables for the selected nodes. Cluster level environment variables are combined with these and sent to the selected nodes.
# # If same variable is present at cluster level, then the node level variable takes precedence.
# - name: AWS_CA_BUNDLE
# value: "/etc/pwx/objectstore-cert/objectstore.pem"
# - name: AWS_ACCESS_KEY_ID
# valueFrom:
# secretKeyRef:
# name: aws-creds
# key: access-key
# runtimeOptions: # Specify runtime options for the selected nodes. If specified, cluster level options are ignored and only these runtime options are passed to the nodes.
serviceAccount:
hook:
create: true
name:
clusterToken:
create: false # Create cluster token
secretName: px-vol-encryption # Name of kubernetes secret to be created. Requires clusterToken.create to be true.
serviceAccountName: px-create-cluster-token # Service account name to use for post-install hook to create cluster token
#requirePxEnabledTag: true # if set to true, portworx will only install on nodes with px/enabled: true label. Not required in most scenarios.
deleteStrategy: # Optional: Delete strategy for the portworx cluster
type: # Valid values: Uninstall, UninstallAndWipe
updateStrategy:
type: # portworx supports the following update strategies- RollingUpdate and OnDelete
# maxUnavailable and minReadySeconds applicable only on selecting type RollingUpdate
disruption:
allow: # This field is used to enable smart and parallel upgrade. Smart upgrade is disabled by default,
# Enable it by setting to false. we can use the `maxUnavailable` field to control the maximum number of Portworx nodes that can be upgraded at a time.
maxUnavailable: # Similarly to how Kubernetes rolling update strategies work, this field specifies how many nodes can be down at any given time.
minReadySeconds: # During rolling updates, this flag will wait for all pods to be ready for at least minReadySeconds before updating the next batch of pods,
# where the size of the pod batch is specified through the spec.updateStrategy.rollingUpdate.maxUnavailable flag.
autoUpdateComponents: # Indicates the update strategy for the component images
# valid values None,Once,Always

33
index.yaml
View File

@ -34205,6 +34205,37 @@ entries:
urls:
- assets/fairwinds/polaris-5.11.1.tgz
version: 5.11.1
portworx:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Portworx Enterprise
catalog.cattle.io/kube-version: '>=1.26-0'
catalog.cattle.io/release-name: ""
apiVersion: v1
appVersion: 3.2.1.1
created: "2025-01-13T09:55:27.983116+05:30"
description: A Helm chart for installing Portworx on Kubernetes.
digest: a9485781d5246aeb35585fac3c1f0758bd929d4f7ed5c20bc6d75484f2ae7845
home: https://portworx.com/
icon: file://assets/icons/portworx.svg
keywords:
- Storage
- ICP
- IKS
- persistent disk
- pvc
- cloud native storage
- persistent storage
- portworx
- amd64
- Commercial
kubeVersion: '>=1.26-0'
name: portworx
sources:
- https://github.com/portworx/helm
urls:
- assets/portworx/portworx-5.1.1.tgz
version: 5.1.1
psmdb-db:
- annotations:
catalog.cattle.io/certified: partner
@ -47716,4 +47747,4 @@ entries:
urls:
- assets/netfoundry/ziti-host-1.5.1.tgz
version: 1.5.1
generated: "2025-01-12T00:01:48.181240315Z"
generated: "2025-01-13T09:55:23.131093+05:30"

8
packages/portworx/portworx/overlay/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
# Portworx
[Portworx](https://portworx.com/) is a software defined storage overlay that allows you to
* Run containerized stateful applications that are highly-available (HA) across multiple nodes, cloud instances, regions, data centers or even clouds
* Migrate workflows between multiple clusters running across same or hybrid clouds
* Run hyperconverged workloads where the data resides on the same host as the applications
* Have programmatic control on your storage resources

43
packages/portworx/portworx/overlay/questions.yml Normal file
View File

@ -0,0 +1,43 @@
questions:
################################## Basic Settings ############################
- variable: imageVersion
default: "3.2.1.1"
type: string
label: Portworx version to be deployed.
group: "Basic Settings"
- variable: clusterName
type: string
label: Portworx cluster name
default: mycluster
group: "Basic Settings"
############ Storage Parameters ##############
- variable: usedrivesAndPartitions
label: "Use unmounted drives and partitions"
descrition: "Use unmounted disks even if they have a partition or filesystem on it. PX will never use a drive or partition that is mounted."
type: boolean
default: false
group: "Storage Parameters"
################################### Registry settings options ################################
- variable: customRegistry
label: "Use a custom container registry?"
type: boolean
default: false
group: "Container Registry Parameters"
- variable: registrySecret
show_if: "customRegistry=true"
description: "Specify a custom Kubernetes secret that will be used to authenticate with a container registry. Must be defined in kube-system namespace. (example: regcred)"
type: string
label: "Registry Kubernetes Secret"
group: "Container Registry Parameters"
- variable: customRegistryURL
show_if: "customRegistry=true"
description: "Specify a custom container registry server (including repository) that will be used instead of index.docker.io to download Docker images. (example: dockerhub.acme.net:5443 or myregistry.com/myrepository/)"
label: "Custom Registry URL"
type: string
group: "Container Registry Parameters"

8
packages/portworx/portworx/upstream.yaml Normal file
View File

@ -0,0 +1,8 @@
GitRepo: https://github.com/portworx/helm.git
GitBranch: master
GitSubdirectory: charts/portworx
Vendor: Portworx
DisplayName: Portworx Enterprise
ChartMetadata:
kubeVersion: '>=1.26-0'
icon: https://central.portworx.com/assets/images/logo/small.svg