diff --git a/assets/argo/argo-cd-5.46.8.tgz b/assets/argo/argo-cd-5.46.8.tgz index 5b6e473ab..4b17865e9 100644 Binary files a/assets/argo/argo-cd-5.46.8.tgz and b/assets/argo/argo-cd-5.46.8.tgz differ diff --git a/assets/argo/argo-cd-5.47.0.tgz b/assets/argo/argo-cd-5.47.0.tgz new file mode 100644 index 000000000..77503fb15 Binary files /dev/null and b/assets/argo/argo-cd-5.47.0.tgz differ diff --git a/assets/bitnami/redis-18.2.0.tgz b/assets/bitnami/redis-18.2.0.tgz new file mode 100644 index 000000000..5bbf2433c Binary files /dev/null and b/assets/bitnami/redis-18.2.0.tgz differ diff --git a/assets/bitnami/wordpress-18.0.11.tgz b/assets/bitnami/wordpress-18.0.11.tgz new file mode 100644 index 000000000..9d5abfbb1 Binary files /dev/null and b/assets/bitnami/wordpress-18.0.11.tgz differ diff --git a/assets/datadog/datadog-3.42.1.tgz b/assets/datadog/datadog-3.42.1.tgz new file mode 100644 index 000000000..0cd904f72 Binary files /dev/null and b/assets/datadog/datadog-3.42.1.tgz differ diff --git a/assets/kong/kong-2.30.0.tgz b/assets/kong/kong-2.30.0.tgz new file mode 100644 index 000000000..6596555fa Binary files /dev/null and b/assets/kong/kong-2.30.0.tgz differ diff --git a/assets/linkerd/linkerd-control-plane-1.16.2.tgz b/assets/linkerd/linkerd-control-plane-1.16.2.tgz index 4f6c2429e..f3d95e971 100644 Binary files a/assets/linkerd/linkerd-control-plane-1.16.2.tgz and b/assets/linkerd/linkerd-control-plane-1.16.2.tgz differ diff --git a/assets/linkerd/linkerd-control-plane-1.16.3.tgz b/assets/linkerd/linkerd-control-plane-1.16.3.tgz new file mode 100644 index 000000000..fd3c8adda Binary files /dev/null and b/assets/linkerd/linkerd-control-plane-1.16.3.tgz differ diff --git a/assets/redpanda/redpanda-5.6.35.tgz b/assets/redpanda/redpanda-5.6.35.tgz new file mode 100644 index 000000000..239fd649c Binary files /dev/null and b/assets/redpanda/redpanda-5.6.35.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 6f55660c3..1a550c344 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/changes: | - - kind: fixed - description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + - kind: added + description: add terminationGracePeriodSeconds artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -33,4 +33,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.46.8 +version: 5.47.0 diff --git a/charts/argo/argo-cd/README.md b/charts/argo/argo-cd/README.md index b2101038f..d870dbdc6 100644 --- a/charts/argo/argo-cd/README.md +++ b/charts/argo/argo-cd/README.md @@ -561,6 +561,7 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | +| controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -653,6 +654,7 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | +| repoServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | @@ -807,6 +809,7 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | +| server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | @@ -915,6 +918,7 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | +| dex.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | @@ -986,6 +990,7 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | +| redis.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | @@ -1136,6 +1141,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | +| applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | @@ -1214,6 +1220,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | +| notifications.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | diff --git a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3583a2b72..31bce2993 100644 --- a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - args: diff --git a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml index d8fb8cbc4..ed161d538 100644 --- a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.applicationSet.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} diff --git a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml index d2eca77f4..633e19432 100644 --- a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml @@ -51,6 +51,9 @@ spec: {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.notifications.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} diff --git a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml index ea54e79d3..515984d7a 100644 --- a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -62,6 +62,9 @@ spec: {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.repoServer.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} diff --git a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml index e3f322cb2..983121a98 100644 --- a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml @@ -53,6 +53,9 @@ spec: {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} diff --git a/charts/argo/argo-cd/templates/dex/deployment.yaml b/charts/argo/argo-cd/templates/dex/deployment.yaml index abca6e142..9f782c8d6 100644 --- a/charts/argo/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo/argo-cd/templates/dex/deployment.yaml @@ -55,6 +55,9 @@ spec: {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.dex.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} diff --git a/charts/argo/argo-cd/templates/redis/deployment.yaml b/charts/argo/argo-cd/templates/redis/deployment.yaml index 419e5f316..3f272d027 100644 --- a/charts/argo/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo/argo-cd/templates/redis/deployment.yaml @@ -48,6 +48,9 @@ spec: {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.redis.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} diff --git a/charts/argo/argo-cd/values.yaml b/charts/argo/argo-cd/values.yaml index b029dfaab..0352ef2e8 100644 --- a/charts/argo/argo-cd/values.yaml +++ b/charts/argo/argo-cd/values.yaml @@ -731,6 +731,9 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the application controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -1074,6 +1077,9 @@ dex: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create dex service account create: true @@ -1313,6 +1319,9 @@ redis: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create a service account for the redis pod create: false @@ -1718,6 +1727,9 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the Argo CD server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2261,6 +2273,9 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2618,6 +2633,9 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2931,6 +2949,9 @@ notifications: drop: - ALL + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index c1daf7db5..1f8149ae3 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 18.1.6 +version: 18.2.0 diff --git a/charts/bitnami/redis/README.md b/charts/bitnami/redis/README.md index 666ae2f66..81f6c6705 100644 --- a/charts/bitnami/redis/README.md +++ b/charts/bitnami/redis/README.md @@ -11,9 +11,11 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Redis®](https://github.com/bitnami/containers/tree/main/bitnami/redis) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,7 +37,7 @@ The main features of each chart are the following: | Single write point (single master) | Multiple write points (multiple masters) | | ![Redis® Topology](img/redis-topology.png) | ![Redis® Cluster Topology](img/redis-cluster-topology.png) | -Looking to use Redisreg; in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. +Looking to use Redisreg; in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. ## Prerequisites @@ -48,9 +50,11 @@ Looking to use Redisreg; in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Redis® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -97,15 +101,14 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® Image parameters -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Redis® image registry | `docker.io` | -| `image.repository` | Redis® image repository | `bitnami/redis` | -| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Redis® image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Redis® image registry | `REGISTRY_NAME` | +| `image.repository` | Redis® image repository | `REPOSITORY_NAME/redis` | +| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Redis® image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Redis® common configuration parameters @@ -348,98 +351,97 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® Sentinel configuration parameters -| Name | Description | Value | -| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | -| `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | -| `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | -| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | -| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | -| `sentinel.image.debug` | Enable image debug mode | `false` | -| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | -| `sentinel.masterSet` | Master set name | `mymaster` | -| `sentinel.quorum` | Sentinel Quorum | `2` | -| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `99` | -| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | -| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | -| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | -| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | -| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | -| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | -| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | -| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | -| `sentinel.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | -| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | -| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | -| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | -| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | -| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | -| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | -| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | -| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | -| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | -| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | -| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `sentinel.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | -| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | -| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | -| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | -| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `0` | -| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | -| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | -| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | -| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | -| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | -| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | -| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | -| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | -| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | -| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | -| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | -| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | -| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | -| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | -| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | -| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | -| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | -| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | +| Name | Description | Value | +| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | +| `sentinel.image.registry` | Redis® Sentinel image registry | `REGISTRY_NAME` | +| `sentinel.image.repository` | Redis® Sentinel image repository | `REPOSITORY_NAME/redis-sentinel` | +| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | +| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | +| `sentinel.image.debug` | Enable image debug mode | `false` | +| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | +| `sentinel.masterSet` | Master set name | `mymaster` | +| `sentinel.quorum` | Sentinel Quorum | `2` | +| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `99` | +| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | +| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | +| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | +| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | +| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | +| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | +| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | +| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | +| `sentinel.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | +| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | +| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | +| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | +| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | +| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | +| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | +| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | +| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | +| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | +| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | +| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | +| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | +| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | +| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | +| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | +| `sentinel.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | +| `sentinel.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | +| `sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | +| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | +| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | +| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | +| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | +| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `0` | +| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | +| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | +| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | +| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | +| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | +| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | +| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | +| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | +| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | +| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | +| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | +| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | +| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | +| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | +| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | +| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | +| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | +| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | ### Other Parameters @@ -478,102 +480,110 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | -| `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | -| `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.55.0-debian-11-r0` | -| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | -| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | -| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `0` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | -| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | -| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | -| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | -| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | -| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | -| `metrics.service.port` | Redis® exporter service port | `9121` | -| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | -| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | -| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | -| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | +| `metrics.image.registry` | Redis® Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Redis® Exporter image repository | `REPOSITORY_NAME/redis-exporter` | +| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | +| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | +| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | +| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `0` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | +| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | +| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | +| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | +| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | +| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | +| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | +| `metrics.service.port` | Redis® exporter service port | `9121` | +| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | +| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | +| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | +| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | +| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | +| `metrics.podMonitor.enabled` | Create PodMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.podMonitor.namespace` | The namespace in which the PodMonitor will be created | `""` | +| `metrics.podMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.podMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.podMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.podMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.podMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.podMonitor.additionalLabels` | Additional labels that can be used so PodMonitor resource(s) can be discovered by Prometheus | `{}` | +| `metrics.podMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | +| `metrics.podMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | +| `metrics.podMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | +| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | +| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | -| `sysctl.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `sysctl.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | -| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctl.resources.limits` | The resources limits for the init container | `{}` | -| `sysctl.resources.requests` | The requested resources for the init container | `{}` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | +| `sysctl.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `sysctl.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | +| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | +| `sysctl.resources.limits` | The resources limits for the init container | `{}` | +| `sysctl.resources.requests` | The requested resources for the init container | `{}` | ### useExternalDNS Parameters @@ -589,9 +599,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.password=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/redis + oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Redis® server password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -599,9 +611,10 @@ The above command sets the Redis® server password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -763,9 +776,11 @@ By default, the chart mounts a [Persistent Volume](https://kubernetes.io/docs/co 3. Install the chart ```console -helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Backup and restore Refer to the chart documentation for more information on [backing up and restoring Redis® deployments](https://docs.bitnami.com/kubernetes/infrastructure/redis/administration/backup-restore/). @@ -798,9 +813,9 @@ For example, on a rolling update `master-0` and `replica-2` are updated first fr This issue can be mitigated by splitting the upgrade into two stages: one for all replicas and another for any master. - Stage 1 (replicas only, as there's no master with an ordinal higher than 99): -`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis --set master.updateStrategy.rollingUpdate.partition=99` +`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set master.updateStrategy.rollingUpdate.partition=99` - Stage 2 (anything else that is not up to date, in this case only master): -`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis` +`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis` ### To 18.0.0 @@ -858,9 +873,11 @@ Backwards compatibility is not guaranteed. To upgrade to `14.0.0`, install a new - Reuse the PVC used to hold the master data on your previous release. To do so, use the `master.persistence.existingClaim` parameter. The following example assumes that the release name is `redis`: ```console -helm install redis oci://registry-1.docker.io/bitnamicharts/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC] +helm install redis oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder *[EXISTING_PVC]* with the name of the PVC used on your previous release, and *[PASSWORD]* with the password used in your previous release. ### To 13.0.0 @@ -922,16 +939,20 @@ This version causes a change in the Redis® Master StatefulSet definition, so - Recommended: Create a clone of the Redis® Master PVC (for example, using projects like [this one](https://github.com/edseymour/pvc-transfer)). Then launch a fresh release reusing this cloned PVC. ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis --set persistence.existingClaim= +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set persistence.existingClaim= ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Alternative (not recommended, do at your own risk): `helm delete --purge` does not remove the PVC assigned to the Redis® Master StatefulSet. As a consequence, the following commands can be done to upgrade the release ```console helm delete --purge -helm install oci://registry-1.docker.io/bitnamicharts/redis +helm install oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Previous versions of the chart were not using persistence in the slaves, so this upgrade would add it to them. Another important change is that no values are inherited from master to slaves. For example, in 6.0.0 `slaves.readinessProbe.periodSeconds`, if empty, would be set to `master.readinessProbe.periodSeconds`. This approach lacked transparency and was difficult to maintain. From now on, all the slave parameters must be configured just as it is done with the masters. Some values have changed as well: @@ -994,4 +1015,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/redis/templates/podmonitor.yaml b/charts/bitnami/redis/templates/podmonitor.yaml new file mode 100644 index 000000000..a7c8bd942 --- /dev/null +++ b/charts/bitnami/redis/templates/podmonitor.yaml @@ -0,0 +1,52 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.enabled .Values.metrics.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ template "common.names.fullname" . }} + namespace: {{ default .Release.Namespace .Values.metrics.podMonitor.namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.metrics.podMonitor.additionalLabels }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podMonitor.additionalLabels "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podMetricsEndpoints: + - port: http-metrics + {{- if .Values.metrics.podMonitor.interval }} + interval: {{ .Values.metrics.podMonitor.interval }} + {{- end }} + {{- if .Values.metrics.podMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.podMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.podMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.podMonitor.honorLabels }} + {{- end }} + {{- if .Values.metrics.podMonitor.relabellings }} + relabelings: {{- toYaml .Values.metrics.podMonitor.relabellings | nindent 6 }} + {{- end }} + {{- if .Values.metrics.podMonitor.metricRelabelings }} + metricRelabelings: {{- toYaml .Values.metrics.podMonitor.metricRelabelings | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.podTargetLabels }} + podTargetLabels: {{- toYaml .Values.metrics.podMonitor.podTargetLabels | nindent 4 }} + {{- end }} + {{- with .Values.metrics.podMonitor.sampleLimit -}} + sampleLimit: {{ . }} + {{- end }} + {{- with .Values.metrics.podMonitor.targetLimit -}} + targetLimit: {{ . }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: metrics +{{- end }} diff --git a/charts/bitnami/redis/values.yaml b/charts/bitnami/redis/values.yaml index a80223e83..38147b567 100644 --- a/charts/bitnami/redis/values.yaml +++ b/charts/bitnami/redis/values.yaml @@ -80,9 +80,9 @@ diagnosticMode: ## Bitnami Redis® image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry Redis® image registry -## @param image.repository Redis® image repository -## @param image.tag Redis® image tag (immutable tags are recommended) +## @param image.registry [default: REGISTRY_NAME] Redis® image registry +## @param image.repository [default: REPOSITORY_NAME/redis] Redis® image repository +## @skip image.tag Redis® image tag (immutable tags are recommended) ## @param image.digest Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Redis® image pull policy ## @param image.pullSecrets Redis® image pull secrets @@ -1045,9 +1045,9 @@ sentinel: enabled: false ## Bitnami Redis® Sentinel image version ## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/ - ## @param sentinel.image.registry Redis® Sentinel image registry - ## @param sentinel.image.repository Redis® Sentinel image repository - ## @param sentinel.image.tag Redis® Sentinel image tag (immutable tags are recommended) + ## @param sentinel.image.registry [default: REGISTRY_NAME] Redis® Sentinel image registry + ## @param sentinel.image.repository [default: REPOSITORY_NAME/redis-sentinel] Redis® Sentinel image repository + ## @skip sentinel.image.tag Redis® Sentinel image tag (immutable tags are recommended) ## @param sentinel.image.digest Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sentinel.image.pullPolicy Redis® Sentinel image pull policy ## @param sentinel.image.pullSecrets Redis® Sentinel image pull secrets @@ -1525,9 +1525,9 @@ metrics: enabled: false ## Bitnami Redis® Exporter image ## ref: https://hub.docker.com/r/bitnami/redis-exporter/tags/ - ## @param metrics.image.registry Redis® Exporter image registry - ## @param metrics.image.repository Redis® Exporter image repository - ## @param metrics.image.tag Redis® Exporter image tag (immutable tags are recommended) + ## @param metrics.image.registry [default: REGISTRY_NAME] Redis® Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/redis-exporter] Redis® Exporter image repository + ## @skip metrics.image.tag Redis® Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Redis® Exporter image pull policy ## @param metrics.image.pullSecrets Redis® Exporter image pull secrets @@ -1735,6 +1735,44 @@ metrics: ## @param metrics.serviceMonitor.targetLimit Limit of how many targets should be scraped ## targetLimit: false + ## Prometheus Pod Monitor + ## ref: https://github.com/coreos/prometheus-operator + ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#podmonitor + ## + podMonitor: + ## @param metrics.podMonitor.enabled Create PodMonitor resource(s) for scraping metrics using PrometheusOperator + ## + enabled: false + ## @param metrics.podMonitor.namespace The namespace in which the PodMonitor will be created + ## + namespace: "" + ## @param metrics.podMonitor.interval The interval at which metrics should be scraped + ## + interval: 30s + ## @param metrics.podMonitor.scrapeTimeout The timeout after which the scrape is ended + ## + scrapeTimeout: "" + ## @param metrics.podMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. + ## + relabellings: [] + ## @param metrics.podMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. + ## + metricRelabelings: [] + ## @param metrics.podMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## @param metrics.podMonitor.additionalLabels Additional labels that can be used so PodMonitor resource(s) can be discovered by Prometheus + ## + additionalLabels: {} + ## @param metrics.podMonitor.podTargetLabels Labels from the Kubernetes pod to be transferred to the created metrics + ## + podTargetLabels: [] + ## @param metrics.podMonitor.sampleLimit Limit of how many samples should be scraped from every Pod + ## + sampleLimit: false + ## @param metrics.podMonitor.targetLimit Limit of how many targets should be scraped + ## + targetLimit: false ## Custom PrometheusRule to be defined ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions @@ -1799,9 +1837,9 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository - ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets @@ -1847,9 +1885,9 @@ sysctl: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param sysctl.image.registry OS Shell + Utility image registry - ## @param sysctl.image.repository OS Shell + Utility image repository - ## @param sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param sysctl.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param sysctl.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository + ## @skip sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy ## @param sysctl.image.pullSecrets OS Shell + Utility image pull secrets diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 6ef8116a8..270bc2795 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -10,7 +10,7 @@ annotations: - name: os-shell image: docker.io/bitnami/os-shell:11-debian-11-r90 - name: wordpress - image: docker.io/bitnami/wordpress:6.3.2-debian-11-r3 + image: docker.io/bitnami/wordpress:6.3.2-debian-11-r4 licenses: Apache-2.0 apiVersion: v2 appVersion: 6.3.2 @@ -47,4 +47,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 18.0.10 +version: 18.0.11 diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 513014098..5b7e4e0cb 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -76,7 +76,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.3.2-debian-11-r3 + tag: 6.3.2-debian-11-r4 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index 1c7fa0c9a..ed50cff1b 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.42.1 + +* Bump FIPS proxy OpenSSL version to 3.0.12 + ## 3.42.0 * Allow enabling SBOM collection for host and container images. diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index e97171e6b..e5c59b28e 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.42.0 +version: 3.42.1 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index 3beefed2e..4151dd9b7 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.42.0](https://img.shields.io/badge/Version-3.42.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.42.1](https://img.shields.io/badge/Version-3.42.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -752,7 +752,7 @@ helm install \ | fips.image.name | string | `"fips-proxy"` | | | fips.image.pullPolicy | string | `"IfNotPresent"` | Datadog the FIPS sidecar image pull policy | | fips.image.repository | string | `nil` | Override default registry + image.name for the FIPS sidecar container. | -| fips.image.tag | string | `"0.6.0"` | Define the FIPS sidecar container version to use. | +| fips.image.tag | string | `"0.6.1"` | Define the FIPS sidecar container version to use. | | fips.local_address | string | `"127.0.0.1"` | | | fips.port | int | `9803` | | | fips.portRange | int | `15` | | diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index d18e23b33..af819cfa6 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -1228,7 +1228,7 @@ fips: name: fips-proxy # fips.image.tag -- Define the FIPS sidecar container version to use. - tag: 0.6.0 + tag: 0.6.1 # fips.image.pullPolicy -- Datadog the FIPS sidecar image pull policy pullPolicy: IfNotPresent diff --git a/charts/kong/kong/CHANGELOG.md b/charts/kong/kong/CHANGELOG.md index 00435b52f..5a1e4bbec 100644 --- a/charts/kong/kong/CHANGELOG.md +++ b/charts/kong/kong/CHANGELOG.md @@ -1,13 +1,29 @@ # Changelog -## Unreleased +## 2.30.0 -Nothing yet. +### Improvements + +* Prevent installing PodDisruptionBudget for `replicaCount: 1` or `autoscaling.minReplicas: 1`. + [#896](https://github.com/Kong/charts/pull/896) +* The admission webhook now will be triggered on Secrets creation for KIC 2.12.1+. + [#907](https://github.com/Kong/charts/pull/907) +* Container security context defaults now comply with the restricted pod + security standard. This includes an enforced run as user ID set to 1000. UID + 1000 is used for official Kong images other than Alpine images (which use UID + 100) and for KIC images 3.0.0+ (older images use UID 65532). Images that do + not use UID 1000 can still run with this user, as static image files are + world-accessible and runtime-created files are created in temporary + directories created for the run as user. + [#911](https://github.com/Kong/charts/pull/911) +* Allow using templates (via `tpl`) when specifying `controller.proxy.nameOverride`. + [#914](https://github.com/Kong/charts/pull/914) ## 2.29.0 ### Improvements * Make it possible to set the admission webhook's `timeoutSeconds`. + [#894](https://github.com/Kong/charts/pull/894) ## 2.28.1 @@ -16,6 +32,7 @@ Nothing yet. * The admission webhook now includes Gateway API resources and Ingress resources for controller versions 2.12+. This version introduces new validations for Kong's regex path implementation. + [#892](https://github.com/Kong/charts/pull/892) ## 2.28.0 diff --git a/charts/kong/kong/Chart.yaml b/charts/kong/kong/Chart.yaml index 355dd0539..bb97a8046 100644 --- a/charts/kong/kong/Chart.yaml +++ b/charts/kong/kong/Chart.yaml @@ -13,11 +13,9 @@ description: The Cloud-Native Ingress and API-management home: https://konghq.com/ icon: https://s3.amazonaws.com/downloads.kong/universe/assets/icon-kong-inc-large.png maintainers: -- email: harry@konghq.com - name: hbagdi -- email: traines@konghq.com - name: rainest +- email: team-k8s@konghq.com + name: team-k8s-bot name: kong sources: - https://github.com/Kong/charts/tree/main/charts/kong -version: 2.29.0 +version: 2.30.0 diff --git a/charts/kong/kong/README.md b/charts/kong/kong/README.md index 559b8ee39..efdedf6a3 100644 --- a/charts/kong/kong/README.md +++ b/charts/kong/kong/README.md @@ -11,10 +11,10 @@ This chart bootstraps all the components needed to run Kong on a ## TL;DR; ```bash -$ helm repo add kong https://charts.konghq.com -$ helm repo update +helm repo add kong https://charts.konghq.com +helm repo update -$ helm install kong/kong --generate-name +helm install kong/kong --generate-name ``` ## Table of contents @@ -91,10 +91,10 @@ $ helm install kong/kong --generate-name To install Kong: ```bash -$ helm repo add kong https://charts.konghq.com -$ helm repo update +helm repo add kong https://charts.konghq.com +helm repo update -$ helm install kong/kong --generate-name +helm install kong/kong --generate-name ``` ## Uninstall @@ -102,7 +102,7 @@ $ helm install kong/kong --generate-name To uninstall/delete a Helm release `my-release`: ```bash -$ helm delete my-release +helm delete my-release ``` The command removes all the Kubernetes components associated with the @@ -878,7 +878,7 @@ On the Gateway release side, set either `admin.tls.client.secretName` to the nam | priorityClassName | Set pod scheduling priority class for Kong pods | `""` | | secretVolumes | Mount given secrets as a volume in Kong container to override default certs and keys. | `[]` | | securityContext | Set the securityContext for Kong Pods | `{}` | -| containerSecurityContext | Set the securityContext for Containers | `{"readOnlyRootFilesystem": true}` | +| containerSecurityContext | Set the securityContext for Containers | See values.yaml | | serviceMonitor.enabled | Create ServiceMonitor for Prometheus Operator | `false` | | serviceMonitor.interval | Scraping interval | `30s` | | serviceMonitor.namespace | Where to create ServiceMonitor | | @@ -1013,7 +1013,7 @@ If you have paid for a license, but you do not have a copy of yours, please contact Kong Support. Once you have it, you will need to store it in a Secret: ```bash -$ kubectl create secret generic kong-enterprise-license --from-file=license=./license.json +kubectl create secret generic kong-enterprise-license --from-file=license=./license.json ``` Set the secret name in `values.yaml`, in the `.enterprise.license_secret` key. @@ -1031,7 +1031,7 @@ from \ \> Edit Profile \> API Key. Use this to create registry secrets: ```bash -$ kubectl create secret docker-registry kong-enterprise-edition-docker \ +kubectl create secret docker-registry kong-enterprise-edition-docker \ --docker-server=hub.docker.io \ --docker-username= \ --docker-password= @@ -1107,14 +1107,30 @@ whereas this is optional for the Developer Portal on versions 0.36+. Providing Portal session configuration in values.yaml provides the default session configuration, which can be overridden on a per-workspace basis. +```bash +cat admin_gui_session_conf ``` -$ cat admin_gui_session_conf + +```json {"cookie_name":"admin_session","cookie_samesite":"off","secret":"admin-secret-CHANGEME","cookie_secure":true,"storage":"kong"} -$ cat portal_session_conf +``` + +```bash +cat portal_session_conf +``` + +```json {"cookie_name":"portal_session","cookie_samesite":"off","secret":"portal-secret-CHANGEME","cookie_secure":true,"storage":"kong"} -$ kubectl create secret generic kong-session-config --from-file=admin_gui_session_conf --from-file=portal_session_conf +``` + +```bash +kubectl create secret generic kong-session-config --from-file=admin_gui_session_conf --from-file=portal_session_conf +``` + +```bash secret/kong-session-config created ``` + The exact plugin settings may vary in your environment. The `secret` should always be changed for both configurations. @@ -1175,7 +1191,7 @@ between the initial install and upgrades. Both operations are a "sync" in Argo terms. This affects when migration Jobs execute in database-backed Kong installs. -The chart sets the `Sync` and `BeforeHookCreation` deletion +The chart sets the `Sync` and `BeforeHookCreation` deletion [hook policies](https://argo-cd.readthedocs.io/en/stable/user-guide/resource_hooks/) on the `init-migrations` and `pre-upgrade-migrations` Jobs. diff --git a/charts/kong/kong/UPGRADE.md b/charts/kong/kong/UPGRADE.md index 906d9613c..893527759 100644 --- a/charts/kong/kong/UPGRADE.md +++ b/charts/kong/kong/UPGRADE.md @@ -193,7 +193,7 @@ database](https://www.postgresql.org/docs/current/backup-dump.html) and creating a separate release if you wish to continue using 8.6.8: ``` -$ helm install my-release -f values.yaml --version 8.6.8 bitnami/postgresql +helm install my-release -f values.yaml --version 8.6.8 bitnami/postgresql ``` Afterwords, you will upgrade your Kong chart release with @@ -233,26 +233,28 @@ upgrade in multiple steps: First, pin the controller version and upgrade to chart 2.4.0: ```console -$ helm upgrade --wait \ +helm upgrade --wait \ --set ingressController.image.tag= \ --version 2.4.0 \ --namespace \ kong/kong ``` + Second, temporarily disable the ingress controller: ```console -$ helm upgrade --wait \ +helm upgrade --wait \ --set ingressController.enabled=false \ --set deployment.serviceaccount.create=true \ --version 2.4.0 \ --namespace \ kong/kong ``` + Finally, re-enable the ingress controller at the new version: ```console -$ helm upgrade --wait \ +helm upgrade --wait \ --set ingressController.enabled=true \ --set ingressController.image.tag= \ --version 2.4.0 \ diff --git a/charts/kong/kong/ci/test2-values.yaml b/charts/kong/kong/ci/test2-values.yaml index 07ed193a3..b635642ca 100644 --- a/charts/kong/kong/ci/test2-values.yaml +++ b/charts/kong/kong/ci/test2-values.yaml @@ -45,9 +45,6 @@ proxy: parameters: - ssl -# - PDB is enabled -podDisruptionBudget: - enabled: true # update strategy updateStrategy: type: "RollingUpdate" diff --git a/charts/kong/kong/ci/test5-values.yaml b/charts/kong/kong/ci/test5-values.yaml index 76318b4a4..fbbdb65fb 100644 --- a/charts/kong/kong/ci/test5-values.yaml +++ b/charts/kong/kong/ci/test5-values.yaml @@ -37,9 +37,6 @@ proxy: annotations: {} path: / -# - PDB is enabled -podDisruptionBudget: - enabled: true # update strategy updateStrategy: type: "RollingUpdate" diff --git a/charts/kong/kong/example-values/doc-examples/quickstart-enterprise-licensed-aio.yaml b/charts/kong/kong/example-values/doc-examples/quickstart-enterprise-licensed-aio.yaml index 521bef685..373ebdd03 100644 --- a/charts/kong/kong/example-values/doc-examples/quickstart-enterprise-licensed-aio.yaml +++ b/charts/kong/kong/example-values/doc-examples/quickstart-enterprise-licensed-aio.yaml @@ -9,7 +9,6 @@ admin: konghq.com/https-redirect-status-code: "301" konghq.com/protocols: https konghq.com/strip-path: "true" - kubernetes.io/ingress.class: default nginx.ingress.kubernetes.io/app-root: / nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/permanent-redirect-code: "301" @@ -176,8 +175,8 @@ manager: ingress: annotations: konghq.com/https-redirect-status-code: "301" - kubernetes.io/ingress.class: default nginx.ingress.kubernetes.io/backend-protocol: HTTPS + ingressClassName: kong enabled: true hostname: kong.127-0-0-1.nip.io path: / @@ -209,7 +208,7 @@ portal: konghq.com/https-redirect-status-code: "301" konghq.com/protocols: https konghq.com/strip-path: "false" - kubernetes.io/ingress.class: default + ingressClassName: kong enabled: true hostname: developer.127-0-0-1.nip.io path: / @@ -232,8 +231,8 @@ portalapi: konghq.com/https-redirect-status-code: "301" konghq.com/protocols: https konghq.com/strip-path: "true" - kubernetes.io/ingress.class: default nginx.ingress.kubernetes.io/app-root: / + ingressClassName: kong enabled: true hostname: developer.127-0-0-1.nip.io path: /api diff --git a/charts/kong/kong/example-values/full-k4k8s-with-kong-enterprise.yaml b/charts/kong/kong/example-values/full-k4k8s-with-kong-enterprise.yaml index b794e1f77..6be6ed8e7 100644 --- a/charts/kong/kong/example-values/full-k4k8s-with-kong-enterprise.yaml +++ b/charts/kong/kong/example-values/full-k4k8s-with-kong-enterprise.yaml @@ -40,8 +40,7 @@ admin: enabled: true tls: CHANGEME-admin-tls-secret hostname: admin.kong.CHANGEME.example - annotations: - kubernetes.io/ingress.class: "kong" + ingressClassName: kong path: / proxy: @@ -148,8 +147,7 @@ portal: enabled: true tls: CHANGEME-portal-tls-secret hostname: portal.kong.CHANGEME.example - annotations: - kubernetes.io/ingress.class: "kong" + ingressClassName: kong path: / externalIPs: [] @@ -177,8 +175,7 @@ portalapi: enabled: true tls: CHANGEME-portalapi-tls-secret hostname: portalapi.kong.CHANGEME.example - annotations: - kubernetes.io/ingress.class: "kong" + ingressClassName: kong path: / externalIPs: [] diff --git a/charts/kong/kong/templates/_helpers.tpl b/charts/kong/kong/templates/_helpers.tpl index 7564c2e6d..8736b4994 100644 --- a/charts/kong/kong/templates/_helpers.tpl +++ b/charts/kong/kong/templates/_helpers.tpl @@ -447,14 +447,28 @@ The name of the service used for the ingress controller's validation webhook {{ include "kong.fullname" . }}-validation-webhook {{- end -}} + +{{/* +The name of the Service which will be used by the controller to update the Ingress status field. +*/}} + +{{- define "kong.controller-publish-service" -}} +{{- $proxyOverride := "" -}} + {{- if .Values.proxy.nameOverride -}} + {{- $proxyOverride = ( tpl .Values.proxy.nameOverride . ) -}} + {{- end -}} +{{- (printf "%s/%s" ( include "kong.namespace" . ) ( default ( printf "%s-proxy" (include "kong.fullname" . )) $proxyOverride )) -}} +{{- end -}} + {{- define "kong.ingressController.env" -}} {{/* ====== AUTO-GENERATED ENVIRONMENT VARIABLES ====== */}} + {{- $autoEnv := dict -}} {{- $_ := set $autoEnv "CONTROLLER_KONG_ADMIN_TLS_SKIP_VERIFY" true -}} - {{- $_ := set $autoEnv "CONTROLLER_PUBLISH_SERVICE" (printf "%s/%s" ( include "kong.namespace" . ) ( .Values.proxy.nameOverride | default ( printf "%s-proxy" (include "kong.fullname" . )))) -}} + {{- $_ := set $autoEnv "CONTROLLER_PUBLISH_SERVICE" ( include "kong.controller-publish-service" . ) -}} {{- $_ := set $autoEnv "CONTROLLER_INGRESS_CLASS" .Values.ingressController.ingressClass -}} {{- $_ := set $autoEnv "CONTROLLER_ELECTION_ID" (printf "kong-ingress-controller-leader-%s" .Values.ingressController.ingressClass) -}} diff --git a/charts/kong/kong/templates/admission-webhook.yaml b/charts/kong/kong/templates/admission-webhook.yaml index f7e5c404c..bb7cb3f42 100644 --- a/charts/kong/kong/templates/admission-webhook.yaml +++ b/charts/kong/kong/templates/admission-webhook.yaml @@ -80,6 +80,9 @@ webhooks: apiVersions: - 'v1' operations: +{{- if (semverCompare ">= 2.12.1" (include "kong.effectiveVersion" .Values.ingressController.image)) }} + - CREATE +{{- end }} - UPDATE resources: - secrets diff --git a/charts/kong/kong/templates/pdb.yaml b/charts/kong/kong/templates/pdb.yaml index da1866236..8d918c5a5 100644 --- a/charts/kong/kong/templates/pdb.yaml +++ b/charts/kong/kong/templates/pdb.yaml @@ -1,4 +1,10 @@ {{- if .Values.podDisruptionBudget.enabled }} +{{- if and (not .Values.autoscaling.enabled) (le (int .Values.replicaCount) 1) }} +{{- fail "Enabling PodDisruptionBudget with replicaCount: 1 and no autoscaling prevents pod restarts during upgrades" }} +{{- end }} +{{- if and .Values.autoscaling.enabled (le (int .Values.autoscaling.minReplicas) 1) }} +{{- fail "Enabling PodDisruptionBudget with autoscaling.minReplicas: 1 prevents pod restarts during upgrades" }} +{{- end }} apiVersion: policy/v1 kind: PodDisruptionBudget metadata: diff --git a/charts/kong/kong/templates/tests/test-resources.yaml b/charts/kong/kong/templates/tests/test-resources.yaml index cc66be617..79e32d7e2 100644 --- a/charts/kong/kong/templates/tests/test-resources.yaml +++ b/charts/kong/kong/templates/tests/test-resources.yaml @@ -32,9 +32,9 @@ metadata: name: "{{ .Release.Name }}-httpbin" annotations: httpbin.ingress.kubernetes.io/rewrite-target: / - kubernetes.io/ingress.class: "kong" konghq.com/strip-path: "true" spec: + ingressClassName: kong rules: - http: paths: @@ -46,14 +46,14 @@ spec: port: number: 80 --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1beta1 kind: GatewayClass metadata: name: "{{ .Release.Name }}-kong-test" spec: controllerName: konghq.com/kic-gateway-controller --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1beta1 kind: Gateway metadata: name: "{{ .Release.Name }}-kong-test" @@ -66,7 +66,7 @@ spec: protocol: HTTP port: 80 --- -apiVersion: gateway.networking.k8s.io/v1alpha2 +apiVersion: gateway.networking.k8s.io/v1beta1 kind: HTTPRoute metadata: name: "{{ .Release.Name }}-httpbin" diff --git a/charts/kong/kong/values.yaml b/charts/kong/kong/values.yaml index 676df7f27..115c73b2a 100644 --- a/charts/kong/kong/values.yaml +++ b/charts/kong/kong/values.yaml @@ -948,6 +948,14 @@ securityContext: {} # securityContext for containers. containerSecurityContext: readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsUser: 1000 + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Optional DNS configuration for Kong pods # dnsPolicy: ClusterFirst diff --git a/charts/linkerd/linkerd-control-plane/Chart.yaml b/charts/linkerd/linkerd-control-plane/Chart.yaml index 977ff11a7..ce12ba6bd 100644 --- a/charts/linkerd/linkerd-control-plane/Chart.yaml +++ b/charts/linkerd/linkerd-control-plane/Chart.yaml @@ -5,7 +5,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21.0-0' catalog.cattle.io/release-name: linkerd-control-plane apiVersion: v2 -appVersion: stable-2.14.1 +appVersion: stable-2.14.2 dependencies: - name: partials repository: file://./charts/partials @@ -25,4 +25,4 @@ name: linkerd-control-plane sources: - https://github.com/linkerd/linkerd2/ type: application -version: 1.16.2 +version: 1.16.3 diff --git a/charts/linkerd/linkerd-control-plane/README.md b/charts/linkerd/linkerd-control-plane/README.md index 524100867..4d3be4715 100644 --- a/charts/linkerd/linkerd-control-plane/README.md +++ b/charts/linkerd/linkerd-control-plane/README.md @@ -3,7 +3,7 @@ Linkerd gives you observability, reliability, and security for your microservices — with no code change required. -![Version: 1.16.2](https://img.shields.io/badge/Version-1.16.2-informational?style=flat-square) +![Version: 1.16.3](https://img.shields.io/badge/Version-1.16.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) diff --git a/charts/linkerd/linkerd-control-plane/values.yaml b/charts/linkerd/linkerd-control-plane/values.yaml index a105f4044..d9b8c67d1 100644 --- a/charts/linkerd/linkerd-control-plane/values.yaml +++ b/charts/linkerd/linkerd-control-plane/values.yaml @@ -22,7 +22,7 @@ controlPlaneTracing: false # -- namespace to send control plane traces to controlPlaneTracingNamespace: linkerd-jaeger # -- control plane version. See Proxy section for proxy version -linkerdVersion: stable-2.14.1 +linkerdVersion: stable-2.14.2 # -- default kubernetes deployment strategy deploymentStrategy: rollingUpdate: diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index fe59f190f..8f2fc0cda 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.redpanda.com version: 0.1.7 digest: sha256:2be209fa1660b3c8a030bb35e9e7fa25dcb81aa456ce7a73c2ab1ae6eebb3d04 -generated: "2023-10-23T19:46:17.355259286Z" +generated: "2023-10-27T18:34:04.296697929Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 2b988f7a1..838b52cf5 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/images: | - name: redpanda - image: docker.redpanda.com/redpandadata/redpanda:v23.2.12 + image: docker.redpanda.com/redpandadata/redpanda:v23.2.13 - name: busybox image: busybox:latest - name: mintel/docker-alpine-bash-curl-jq @@ -17,7 +17,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/release-name: redpanda apiVersion: v2 -appVersion: v23.2.12 +appVersion: v23.2.13 dependencies: - condition: console.enabled name: console @@ -37,4 +37,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.6.29 +version: 5.6.35 diff --git a/charts/redpanda/redpanda/templates/_configmap.tpl b/charts/redpanda/redpanda/templates/_configmap.tpl index 860d7d0f1..dd2eb4f20 100644 --- a/charts/redpanda/redpanda/templates/_configmap.tpl +++ b/charts/redpanda/redpanda/templates/_configmap.tpl @@ -70,6 +70,11 @@ bootstrap.yaml: | {{- end }} {{- with (dig "cluster" dict .Values.config) }} {{- range $key, $element := .}} + {{- if eq $key "default_topic_replications" }} + {{/* "sub (add $i (mod $i 2)) 1" calculates the closest odd number less than or equal to $element: 1=1, 2=1, 3=3, ... */}} + {{- $r := $.Values.statefulset.replicas }} + {{- $element = min $element (sub (add $r (mod $r 2)) 1) }} + {{- end }} {{- if or (eq (typeOf $element) "bool") $element }} {{- dict $key $element | toYaml | nindent 2 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/_helpers.tpl b/charts/redpanda/redpanda/templates/_helpers.tpl index fb3e84917..0e166e204 100644 --- a/charts/redpanda/redpanda/templates/_helpers.tpl +++ b/charts/redpanda/redpanda/templates/_helpers.tpl @@ -202,7 +202,7 @@ Use AppVersion if image.tag is not set Input can be: b | B | k | K | m | M | g | G | Ki | Mi | Gi Or number without suffix */}} - {{- $si := . -}} + {{- $si := . | toString -}} {{- $bytes := 0 -}} {{- if or (hasSuffix "B" $si) (hasSuffix "b" $si) -}} {{- $bytes = $si | trimSuffix "B" | trimSuffix "b" | float64 | floor -}} diff --git a/charts/redpanda/redpanda/templates/_statefulset.tpl b/charts/redpanda/redpanda/templates/_statefulset.tpl index 2de33fe3f..704314e69 100644 --- a/charts/redpanda/redpanda/templates/_statefulset.tpl +++ b/charts/redpanda/redpanda/templates/_statefulset.tpl @@ -75,13 +75,13 @@ Set affinity for statefulset, defaults to global affinity if not defined in stat nodeAffinity: {{ toYaml .Values.statefulset.nodeAffinity | nindent 2 }} {{- else if not ( empty .Values.affinity.nodeAffinity ) -}} nodeAffinity: {{ toYaml .Values.affinity.nodeAffinity | nindent 2 }} -{{- end }} +{{- end -}} {{- if not ( empty .Values.statefulset.podAffinity ) -}} podAffinity: {{ toYaml .Values.statefulset.podAffinity | nindent 2 }} {{- else if not ( empty .Values.affinity.podAffinity ) -}} podAffinity: {{ toYaml .Values.affinity.podAffinity | nindent 2 }} -{{- end }} -{{- if not ( empty .Values.statefulset.podAntiAffinity ) -}} +{{- end -}} +{{- if not ( empty .Values.statefulset.podAntiAffinity ) }} podAntiAffinity: {{- if eq .Values.statefulset.podAntiAffinity.type "hard" }} requiredDuringSchedulingIgnoredDuringExecution: @@ -100,12 +100,12 @@ podAntiAffinity: {{- end -}} {{- else if not ( empty .Values.affinity.podAntiAffinity ) -}} podAntiAffinity: {{ toYaml .Values.affinity.podAntiAffinity | nindent 2 }} -{{- end }} +{{- end -}} {{- end -}} {{/* statefulset-checksum-annotation calculates a checksum that is used -as the value for the annotation, "checksum/conifg". When this value +as the value for the annotation, "checksum/config". When this value changes, kube-controller-manager will roll the pods. Append any additional dependencies that require the pods to restart @@ -119,4 +119,4 @@ to the $dependencies list. {{- $dependencies = append $dependencies (dig "addresses" "" .Values.external) -}} {{- end -}} {{- toJson $dependencies | sha256sum -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml b/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml index 74bce2370..d62a31cdf 100644 --- a/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml +++ b/charts/redpanda/redpanda/templates/console/configmap-and-deployment.yaml @@ -116,6 +116,8 @@ limitations under the License. "connect" $connectConfig }} +{{ $consoleConfig := deepCopy .Values.console.config | merge $consoleConfig }} + {{ $config := dict "Values" (dict "console" (dict "config" $consoleConfig) diff --git a/charts/redpanda/redpanda/templates/post-upgrade.yaml b/charts/redpanda/redpanda/templates/post-upgrade.yaml index 009626b88..83d297d93 100644 --- a/charts/redpanda/redpanda/templates/post-upgrade.yaml +++ b/charts/redpanda/redpanda/templates/post-upgrade.yaml @@ -70,6 +70,11 @@ spec: set -e rpk cluster config import -f /etc/redpanda/bootstrap.yaml {{- range $key, $value := .Values.config.cluster }} + {{- if eq $key "default_topic_replications" }} + {{/* "sub (add $i (mod $i 2)) 1" calculates the closest odd number less than or equal to $i: 1=1, 2=1, 3=3, ... */}} + {{- $r := $.Values.statefulset.replicas }} + {{- $value = min $value (sub (add $r (mod $r 2)) 1) }} + {{- end }} {{- if and (typeIs "float64" $value) (eq (floor $value) $value) }} {{- $value = int64 $value }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml index b01e2df24..0dd387800 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml @@ -68,6 +68,10 @@ spec: export {{ include "rpk-sasl-environment-variables" . }} if [[ -n "$old_setting" ]]; then set -x; fi {{- end }} + {{- $i := .Values.statefulset.replicas }} + {{- $default_topic_replicas := sub (add $i (mod $i 2)) 1 }} + # wait for post-upgrade job to update the default_topic_replications value + timeout 600 bash -c "until [[ $(rpk cluster config get default_topic_replications) = {{ $default_topic_replicas }} ]]; do sleep 1; done" until rpk topic create produce.consume.test.$POD_NAME {{ $cloudStorageFlags }} do sleep 2 done diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index fc5054918..81e4f54e5 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -567,11 +567,6 @@ "tieredConfig":{ "deprecated": true, "type": "object", - "required": [ - "cloud_storage_enabled", - "cloud_storage_region", - "cloud_storage_bucket" - ], "properties": { "cloud_storage_enable_remote_write": { "type": "boolean" @@ -842,6 +837,9 @@ } } }, + "nodeAffinity": { + "type": "object" + }, "podAffinity": { "type": "object" }, diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 7420b473c..ce9fbec44 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -884,10 +884,13 @@ listeners: config: rpk: {} # additional_start_flags: # List of flags to pass to rpk, e.g., ` "--idle-poll-time-us=0"` - cluster: {} + cluster: + default_topic_replications: 3 # Default replication factor for new topics + # There is logic in the chart that will set this to 1 if there are fewer than 3 statefulset.replicas # auto_create_topics_enabled: true # Allow topic auto creation # transaction_coordinator_replication: 1 # Replication factor for a transaction coordinator topic # id_allocator_replication: 1 # Replication factor for an ID allocator topic + # default_topic_partitions: 1 # Default number of partitions per topic # disable_metrics: false # Disable registering metrics # enable_coproc: false # Enable coprocessing mode # enable_idempotence: false # Enable idempotent producer @@ -1101,13 +1104,11 @@ config: # Any of these properties will be ignored. These otherwise valid properties are not allowed # to be used in this section since they impact deploying Redpanda in Kubernetes. # Make use of the above sections to modify these values instead (see comments below). - # admin: "127.0.0.1:9644" # Address and port of admin server - # admin_api_tls: validate_many # TLS configuration for admin HTTP server + # admin: "127.0.0.1:9644" # Address and port of admin server: use listeners.admin + # admin_api_tls: validate_many # TLS configuration for admin HTTP server: use listeners.admin.tls # advertised_kafka_api: None # Address of Kafka API published to the clients # advertised_pandaproxy_api: None # Rest API address and port to publish to client # advertised_rpc_api: None # Address of RPC endpoint published to other cluster members - # default_topic_partitions: 1 # Default number of partitions per topic - # default_topic_replications: 3 # Default replication factor for new topics # enable_admin_api: true # Enable the admin API # enable_sasl: false # Enable SASL authentication for Kafka connections # kafka_api: "127.0.0.1:9092" # Address and port of an interface to listen for Kafka API requests @@ -1116,5 +1117,4 @@ config: # pandaproxy_api_tls: validate_many # TLS configuration for Pandaproxy api # rpc_server: "127.0.0.1:33145" # IP address and port for RPC server # rpc_server_tls: validate # TLS configuration for RPC server - # seed_servers: None # List of the seed servers used to join current cluster; If the seed_server list is empty the node will be a cluster root and it will form a new cluster # superusers: None # List of superuser usernames diff --git a/index.yaml b/index.yaml index 3948b4167..578e0034b 100644 --- a/index.yaml +++ b/index.yaml @@ -2145,8 +2145,8 @@ entries: argo-cd: - annotations: artifacthub.io/changes: | - - kind: fixed - description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + - kind: added + description: add terminationGracePeriodSeconds artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -2157,7 +2157,7 @@ entries: catalog.cattle.io/release-name: argo-cd apiVersion: v2 appVersion: v2.8.4 - created: "2023-10-16T14:36:01.092047577Z" + created: "2023-10-27T19:53:03.270897287Z" dependencies: - condition: redis-ha.enabled name: redis-ha @@ -2165,7 +2165,46 @@ entries: version: 4.23.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. - digest: 3c1ff329bcda57a4e24228bdb1d45f3e33ef487b76c7bd95884622c7ba67932e + digest: 3d0f1d15650ab52ba90760b7a80c96c783b31fa4421942a89a2767ac709f758c + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.23.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.47.0.tgz + version: 5.47.0 + - annotations: + artifacthub.io/changes: | + - kind: fixed + description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.23.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.8.4 + created: "2023-10-27T19:52:45.629553819Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.23.0 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: 6058cd50e4b5fc9a7901550c8e6656a36db58b3364ef183953bb6d73cf31a282 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17136,6 +17175,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-10-27T19:53:08.887747119Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 1.0.1 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: 75272295a7870328fc8e43759fae546ea237305c30e413841e1a6fe60ae5a28c + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.42.1.tgz + version: 3.42.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -33961,6 +34037,31 @@ entries: - assets/elastic/kibana-7.17.3.tgz version: 7.17.3 kong: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kong Gateway + catalog.cattle.io/release-name: kong + apiVersion: v2 + appVersion: "3.4" + created: "2023-10-27T19:53:11.939583629Z" + dependencies: + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 11.9.13 + description: The Cloud-Native Ingress and API-management + digest: 858abafaad4033b6c349ba7b5c33e22671c93242712b193c438e510e8f7347a6 + home: https://konghq.com/ + icon: https://s3.amazonaws.com/downloads.kong/universe/assets/icon-kong-inc-large.png + maintainers: + - email: team-k8s@konghq.com + name: team-k8s-bot + name: kong + sources: + - https://github.com/Kong/charts/tree/main/charts/kong + urls: + - assets/kong/kong-2.30.0.tgz + version: 2.30.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kong Gateway @@ -36196,15 +36297,46 @@ entries: catalog.cattle.io/kube-version: '>=1.21.0-0' catalog.cattle.io/release-name: linkerd-control-plane apiVersion: v2 - appVersion: stable-2.14.1 - created: "2023-09-27T13:45:09.49522651Z" + appVersion: stable-2.14.2 + created: "2023-10-27T19:53:27.187736789Z" dependencies: - name: partials repository: file://./charts/partials version: 0.1.0 description: 'Linkerd gives you observability, reliability, and security for your microservices — with no code change required. ' - digest: c3eec7f9fef5650d628e0d5b9e1abffab8d15c90aec7a4e60b5d89c7a09b562f + digest: 457176d1a19d9d60725efa7b3db6db53573c622c1da385c00e26d5d9ed46e8c1 + home: https://linkerd.io + icon: https://linkerd.io/images/logo-only-200h.png + keywords: + - service-mesh + kubeVersion: '>=1.21.0-0' + maintainers: + - email: cncf-linkerd-dev@lists.cncf.io + name: Linkerd authors + url: https://linkerd.io/ + name: linkerd-control-plane + sources: + - https://github.com/linkerd/linkerd2/ + type: application + urls: + - assets/linkerd/linkerd-control-plane-1.16.3.tgz + version: 1.16.3 + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Linkerd Control Plane + catalog.cattle.io/kube-version: '>=1.21.0-0' + catalog.cattle.io/release-name: linkerd-control-plane + apiVersion: v2 + appVersion: stable-2.14.1 + created: "2023-10-27T19:53:12.495765379Z" + dependencies: + - name: partials + repository: file://./charts/partials + version: 0.1.0 + description: 'Linkerd gives you observability, reliability, and security for your + microservices — with no code change required. ' + digest: 3819293a8495377b0d416bacdae461f40178c99a8a7250729bfe4e0586bdbb5e home: https://linkerd.io icon: https://linkerd.io/images/logo-only-200h.png keywords: @@ -49204,6 +49336,50 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + images: | + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r90 + - name: redis-exporter + image: docker.io/bitnami/redis-exporter:1.55.0-debian-11-r0 + - name: redis-sentinel + image: docker.io/bitnami/redis-sentinel:7.2.2-debian-11-r0 + - name: redis + image: docker.io/bitnami/redis:7.2.2-debian-11-r0 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 7.2.2 + created: "2023-10-27T19:53:06.484843183Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: c0a527983d89013fb17f8019f4c118af8e534ff24a8a26d86c0b5d1e282844f2 + home: https://bitnami.com + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-18.2.0.tgz + version: 18.2.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -51348,6 +51524,50 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.2.13 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.2.13 + created: "2023-10-27T19:53:28.846616633Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: ae7381e91998cf919b4b4899576a54be77d473c0ab9151a9d8805413e570cf84 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.6.35.tgz + version: 5.6.35 - annotations: artifacthub.io/images: | - name: redpanda @@ -64500,6 +64720,60 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.3-debian-11-r0 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r90 + - name: wordpress + image: docker.io/bitnami/wordpress:6.3.2-debian-11-r4 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.3.2 + created: "2023-10-27T19:53:07.705133665Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 14.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: c2b1687f0821523e502e1e5a158bd0de470900998481f3a9a272288835ec1250 + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-18.0.11.tgz + version: 18.0.11 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress