From ad111dd868e7c7689c75b917435467384701ecb8 Mon Sep 17 00:00:00 2001 From: jasonbarbee Date: Wed, 9 Oct 2024 19:05:52 -0400 Subject: [PATCH] refactor api charts --- helm/charts/api/Chart.yaml | 2 +- helm/charts/api/requirements.yaml | 8 +- helm/charts/api/templates/db_secret.yaml | 17 +++ .../deployments/admin-deployment.yaml | 102 +++++++------ .../templates/deployments/api-deployment.yaml | 49 ++++-- .../deployments/traceroute-deployment.yaml | 4 +- .../api/templates/ingress/admin-ingress.yaml | 20 +++ .../api/templates/ingress/api-ingress.yaml | 18 +++ .../templates/services/admin-internal.yaml | 23 --- .../api/templates/services/admin-service.yaml | 15 ++ .../api/templates/services/api-ingress.yaml | 32 ---- .../templates/services/curri-api-service.yaml | 15 ++ .../api/templates/services/ingress.yaml | 26 ---- helm/charts/api/templates/sftp-server.yaml | 144 +++++++++--------- helm/charts/api/values.yaml | 120 +++++---------- helm/charts/ingress/requirements.lock | 4 +- .../templates/admin-load-balancer.yaml | 4 +- .../templates/primary-api-load-balancer.yaml | 2 +- .../secondary-api-load-balancer.yaml | 2 +- helm/charts/ingress/values.yaml | 18 ++- 20 files changed, 311 insertions(+), 314 deletions(-) create mode 100644 helm/charts/api/templates/db_secret.yaml create mode 100644 helm/charts/api/templates/ingress/admin-ingress.yaml create mode 100644 helm/charts/api/templates/ingress/api-ingress.yaml delete mode 100644 helm/charts/api/templates/services/admin-internal.yaml create mode 100644 helm/charts/api/templates/services/admin-service.yaml delete mode 100644 helm/charts/api/templates/services/api-ingress.yaml create mode 100644 helm/charts/api/templates/services/curri-api-service.yaml delete mode 100644 helm/charts/api/templates/services/ingress.yaml diff --git a/helm/charts/api/Chart.yaml b/helm/charts/api/Chart.yaml index 9769d43..4b4aaad 100644 --- a/helm/charts/api/Chart.yaml +++ b/helm/charts/api/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 version: 0.11.4 appVersion: 0.8.3 -name: stable-ha +name: api description: Call Telemetry for Cisco Callmanager home: https://calltelemetry.com/ icon: https://calltelemetry.com/logo.png diff --git a/helm/charts/api/requirements.yaml b/helm/charts/api/requirements.yaml index 988d39b..4157d49 100644 --- a/helm/charts/api/requirements.yaml +++ b/helm/charts/api/requirements.yaml @@ -1,4 +1,4 @@ -dependencies: - - name: nats - version: 1.2.5 - repository: https://nats-io.github.io/k8s/helm/charts/ +# dependencies: +# - name: nats +# version: 1.2.5 +# repository: https://nats-io.github.io/k8s/helm/charts/ diff --git a/helm/charts/api/templates/db_secret.yaml b/helm/charts/api/templates/db_secret.yaml new file mode 100644 index 0000000..0e10b67 --- /dev/null +++ b/helm/charts/api/templates/db_secret.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Release.Name }}-db-secret + labels: + app.kubernetes.io/name: {{ .Release.Name }}-api + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque +stringData: + db_user: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_username | quote }}{{ end }} + db_password: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_password | quote }}{{ end }} + db_name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_name | quote }}{{ end }} + db_hostname: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_hostname | quote }}{{ end }} + db_port: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_port | quote }}{{ end }} + db_ssl_enabled: {{ if .Values.db.useSecret }}{{ .Values.db.secretName | quote }}{{ else }}{{ .Values.db.values.db_ssl_enabled | quote }}{{ end }} diff --git a/helm/charts/api/templates/deployments/admin-deployment.yaml b/helm/charts/api/templates/deployments/admin-deployment.yaml index 372788b..044ae79 100644 --- a/helm/charts/api/templates/deployments/admin-deployment.yaml +++ b/helm/charts/api/templates/deployments/admin-deployment.yaml @@ -2,16 +2,15 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }}-admin-service + name: admin-service labels: - app: {{ .Release.Name }}-admin-service + app: admin-service spec: selector: matchLabels: - app: {{ .Release.Name }}-admin-service - replicas: 1 + app: admin-service + replicas: {{ .Values.admin.replicas }} strategy: - # type: Recreate rollingUpdate: maxSurge: 50% maxUnavailable: 70% @@ -19,7 +18,8 @@ spec: template: metadata: labels: - app: {{ .Release.Name }}-admin-service + app: admin-service + role_curri_api: {{ .Values.admin.api_worker | quote }} spec: securityContext: runAsUser: {{ .Values.userid }} @@ -34,78 +34,92 @@ spec: tolerationSeconds: 2 terminationGracePeriodSeconds: 5 affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - {{ .Release.Name }}-admin-service - topologyKey: "kubernetes.io/hostname" + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ .Release.Name }}-admin-service + topologyKey: "kubernetes.io/hostname" containers: - - name: admin-service + - name: {{ .Release.Name }}-admin image: {{ .Values.admin.image }} imagePullPolicy: {{ .Values.admin.imagePullPolicy }} ports: - - containerPort: 4001 - - containerPort: 4080 + {{- range .Values.admin.container_ports }} + - containerPort: {{ .port }} + name: {{ .name }} + {{- end }} resources: requests: memory: "256Mi" cpu: "100m" limits: - # memory: "1024Mi" cpu: {{ .Values.admin.cpus }} - # livenessProbe: - # httpsGet: - # path: / - # port: 4001 - # initialDelaySeconds: 15 livenessProbe: httpGet: scheme: HTTP - path: /health - port: 4000 + path: /healthz + port: 4080 initialDelaySeconds: 15 periodSeconds: 3 readinessProbe: httpGet: scheme: HTTP - path: /health - port: 4000 + path: /healthz + port: 4080 initialDelaySeconds: 3 periodSeconds: 3 env: - name: EXTERNAL_IP - value: {{ .Values.hostname}} + value: {{ .Values.hostname | quote }} - name: DB_USER - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: user} } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_user - name: DB_PASSWORD - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: password } } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_password - name: DB_NAME - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: dbname } } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_name - name: DB_HOSTNAME - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: host} } - - name: CDR_ROOT_PATH - value: {{ .Values.cdr_root_path }} + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_hostname - name: DB_PORT - value: {{ quote .Values.db_port }} + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_port - name: DB_SSL_ENABLED - value: {{ quote .Values.db_ssl_enabled }} + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_ssl_enabled + - name: CDR_ROOT_PATH + value: {{ .Values.cdr_root_path | quote }} - name: LOGGING_LEVEL - value: {{ .Values.admin.logging_level }} + value: {{ .Values.admin.logging_level | quote }} - name: LOCAL_NATS - value: {{ .Release.Name }}-nats + value: {{ .Values.nats_server | quote }} - name: WORKER_NODE - value: "TRUE" + value: {{ .Values.admin.api_worker | quote }} - name: ADMIN_NODE value: "TRUE" - name: HTTP_ADAPTER value: "HACKNEY" - name: CERT_KEY - value: /home/app/cert/appliance_key.pem + value: "/home/app/cert/appliance_key.pem" - name: CERT_PUBLIC - value: /home/app/cert/appliance.pem + value: "/home/app/cert/appliance.pem" diff --git a/helm/charts/api/templates/deployments/api-deployment.yaml b/helm/charts/api/templates/deployments/api-deployment.yaml index 65a22a0..dadb3ca 100644 --- a/helm/charts/api/templates/deployments/api-deployment.yaml +++ b/helm/charts/api/templates/deployments/api-deployment.yaml @@ -2,13 +2,14 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }}-api + name: api-worker labels: - app: {{ .Release.Name }}-api + app: api-worker + role_curri_api: "true" spec: selector: matchLabels: - app: {{ .Release.Name }}-api + app: api-worker replicas: {{ .Values.api.replicas }} strategy: rollingUpdate: @@ -18,7 +19,8 @@ spec: template: metadata: labels: - app: {{ .Release.Name }}-api + app: api-worker + role_curri_api: "true" spec: securityContext: runAsUser: {{ .Values.userid }} @@ -49,9 +51,10 @@ spec: image: {{ .Values.api.image }} imagePullPolicy: {{ .Values.api.imagePullPolicy }} ports: - - containerPort: 4080 - - containerPort: 4000 - - containerPort: 3022 + {{- range .Values.api.container_ports }} + - containerPort: {{ .port }} + name: {{ .name }} + {{- end }} resources: requests: memory: "256Mi" @@ -75,17 +78,35 @@ spec: - name: EXTERNAL_IP value: {{ .Values.hostname }} - name: DB_USER - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: user} } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_user - name: DB_PASSWORD - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: password } } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_password - name: DB_NAME - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: dbname } } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_name - name: DB_HOSTNAME - valueFrom: { secretKeyRef: { name: {{ .Values.db_secret }}, key: host} } + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_hostname - name: DB_PORT - value: {{ quote .Values.db_port }} + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_port - name: DB_SSL_ENABLED - value: {{ quote .Values.db_ssl_enabled }} + valueFrom: + secretKeyRef: + name: {{ if .Values.db.useSecret }}{{ .Values.db.secretName }}{{ else }}{{ .Release.Name }}-db-secret{{ end }} + key: db_ssl_enabled - name: CDR_ROOT_PATH value: {{ .Values.cdr_root_path }} - name: LOGGING_LEVEL @@ -93,7 +114,7 @@ spec: - name: TRACEROUTE_SERVICE value: {{ .Release.Name }}-traceroute-service - name: LOCAL_NATS - value: {{ .Release.Name }}-nats + value: {{ .Values.nats_server }} - name: ADMIN_NODE value: "FALSE" - name: WORKER_NODE diff --git a/helm/charts/api/templates/deployments/traceroute-deployment.yaml b/helm/charts/api/templates/deployments/traceroute-deployment.yaml index 9343384..eaedee9 100644 --- a/helm/charts/api/templates/deployments/traceroute-deployment.yaml +++ b/helm/charts/api/templates/deployments/traceroute-deployment.yaml @@ -9,7 +9,7 @@ spec: selector: matchLabels: app: {{ .Release.Name }}-traceroute-service - replicas: 1 + replicas: {{ .Values.traceroute.replicas }} # Update this line to use the replicas value from values.yaml strategy: rollingUpdate: maxSurge: 50% @@ -64,4 +64,4 @@ spec: cpu: {{ .Values.traceroute.cpus }} env: - name: NATS_HOSTNAME - value: {{ .Release.Name }}-nats + value: {{ .Values.nats_server }} diff --git a/helm/charts/api/templates/ingress/admin-ingress.yaml b/helm/charts/api/templates/ingress/admin-ingress.yaml new file mode 100644 index 0000000..1b8d91a --- /dev/null +++ b/helm/charts/api/templates/ingress/admin-ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: admin-ingress + namespace: {{ .Release.Namespace }} + annotations: + kubernetes.io/ingress.class: nginx +spec: + ingressClassName: nginx + rules: + - host: {{ .Values.admin.hostname }} + http: + paths: + - path: /api + pathType: Prefix + backend: + service: + name: admin-internal-service + port: + number: {{ range .Values.admin.container_ports }}{{ if eq .name "web-api" }}{{ .port }}{{ end }}{{ end }} # Reference the web-api port diff --git a/helm/charts/api/templates/ingress/api-ingress.yaml b/helm/charts/api/templates/ingress/api-ingress.yaml new file mode 100644 index 0000000..2c1b928 --- /dev/null +++ b/helm/charts/api/templates/ingress/api-ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: api-ingress + namespace: {{ .Release.Namespace }} +spec: + ingressClassName: nginx + rules: + - host: {{ .Values.api.hostname }} + http: + paths: + - path: /api/policy + pathType: Prefix + backend: + service: + name: curri-api-service + port: + number: 4080 diff --git a/helm/charts/api/templates/services/admin-internal.yaml b/helm/charts/api/templates/services/admin-internal.yaml deleted file mode 100644 index 4f42d82..0000000 --- a/helm/charts/api/templates/services/admin-internal.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Release.Name }}-admin-internal-service - labels: - app: {{ .Release.Name }}-admin-internal-service -spec: - type: ClusterIP # Internal service type - selector: - app: {{ .Release.Name }}-admin-service - ports: - - port: 4001 - targetPort: 4001 - protocol: TCP - name: https - - port: 4000 - targetPort: 4000 - protocol: TCP - name: http - - port: 4080 - targetPort: 4080 - protocol: TCP - name: api diff --git a/helm/charts/api/templates/services/admin-service.yaml b/helm/charts/api/templates/services/admin-service.yaml new file mode 100644 index 0000000..c4f1bc5 --- /dev/null +++ b/helm/charts/api/templates/services/admin-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: admin-internal-service + labels: + app: admin-internal-service +spec: + type: ClusterIP + selector: + app: admin-service + ports: + - port: 4000 + targetPort: 4000 + protocol: TCP + name: http diff --git a/helm/charts/api/templates/services/api-ingress.yaml b/helm/charts/api/templates/services/api-ingress.yaml deleted file mode 100644 index abff2c6..0000000 --- a/helm/charts/api/templates/services/api-ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ .Release.Name }}-api-ingress - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/load-balance: "round_robin" -spec: - ingressClassName: nginx - rules: - - host: {{ .Values.primary_hostname }} - http: - paths: - - path: /api/policy - pathType: Prefix - backend: - service: - name: {{ .Release.Name }}-primary-api-external - port: - number: {{ .Values.networking.api_port }} - - host: {{ .Values.secondary_hostname }} - http: - paths: - - path: /api/policy - pathType: Prefix - backend: - service: - name: {{ .Release.Name }}-secondary-api-external - port: - number: {{ .Values.networking.api_port }} - diff --git a/helm/charts/api/templates/services/curri-api-service.yaml b/helm/charts/api/templates/services/curri-api-service.yaml new file mode 100644 index 0000000..4b52049 --- /dev/null +++ b/helm/charts/api/templates/services/curri-api-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: curri-api-service + labels: + app: curri-api-service +spec: + type: ClusterIP + selector: + role_curri_api: "true" + ports: + - port: 4080 + targetPort: 4080 + protocol: TCP + name: http diff --git a/helm/charts/api/templates/services/ingress.yaml b/helm/charts/api/templates/services/ingress.yaml deleted file mode 100644 index 4b3265c..0000000 --- a/helm/charts/api/templates/services/ingress.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: admin-service-http - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: nginx -spec: - ingressClassName: nginx - rules: - - http: - paths: - - path: /api - pathType: Prefix - backend: - service: - name: {{ .Release.Name }}-admin-internal-service - port: - number: 4000 - # - path: / - # pathType: Prefix - # backend: - # service: - # name: vue-service - # port: - # number: 80 diff --git a/helm/charts/api/templates/sftp-server.yaml b/helm/charts/api/templates/sftp-server.yaml index dfff314..bfc8546 100644 --- a/helm/charts/api/templates/sftp-server.yaml +++ b/helm/charts/api/templates/sftp-server.yaml @@ -1,72 +1,72 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Release.Name }}-sftp-service - labels: - app: {{ .Release.Name }}-sftp-service - deployment: {{ .Release.Name }}-sftp-service -spec: - selector: - matchLabels: - app: {{ .Release.Name }}-sftp-service - deployment: {{ .Release.Name }}-sftp-service - replicas: 1 - strategy: - # type: Recreate - rollingUpdate: - maxSurge: 1 - maxUnavailable: 2 - type: RollingUpdate - template: - metadata: - labels: - app: {{ .Release.Name }}-sftp-service - deployment: {{ .Release.Name }}-sftp-service - spec: - tolerations: - - effect: NoExecute - key: node.kubernetes.io/unreachable - operator: Exists - tolerationSeconds: 2 - - effect: NoExecute - key: node.kubernetes.io/not-ready - operator: Exists - tolerationSeconds: 2 - terminationGracePeriodSeconds: 5 - # affinity: - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 100 - # podAffinityTerm: - # labelSelector: - # matchExpressions: - # - key: app - # operator: In - # values: - # - {{ .Release.Name }}-primary-web - # - {{ .Release.Name }}-secondary-web - # topologyKey: "kubernetes.io/hostname" - containers: - - name: sftp-service - image: {{ .Values.sftp.image }} - imagePullPolicy: {{ .Values.sftp.imagePullPolicy }} - ports: - - containerPort: 4000 - resources: - requests: - # memory: "512Mi" - cpu: "100m" - limits: - # # memory: "1024Mi" - cpu: {{ .Values.sftp.cpus }} - # livenessProbe: - # httpGet: - # path: / - # port: 8080 - # initialDelaySeconds: 120 - env: - - name: NATS_HOSTNAME - value: {{ .Release.Name }}-nats - # - name: LOGGING_LEVEL - # value: {{ .Values.sftp.logging_level }} +# --- +# apiVersion: apps/v1 +# kind: Deployment +# metadata: +# name: {{ .Release.Name }}-sftp-service +# labels: +# app: {{ .Release.Name }}-sftp-service +# deployment: {{ .Release.Name }}-sftp-service +# spec: +# selector: +# matchLabels: +# app: {{ .Release.Name }}-sftp-service +# deployment: {{ .Release.Name }}-sftp-service +# replicas: 1 +# strategy: +# # type: Recreate +# rollingUpdate: +# maxSurge: 1 +# maxUnavailable: 2 +# type: RollingUpdate +# template: +# metadata: +# labels: +# app: {{ .Release.Name }}-sftp-service +# deployment: {{ .Release.Name }}-sftp-service +# spec: +# tolerations: +# - effect: NoExecute +# key: node.kubernetes.io/unreachable +# operator: Exists +# tolerationSeconds: 2 +# - effect: NoExecute +# key: node.kubernetes.io/not-ready +# operator: Exists +# tolerationSeconds: 2 +# terminationGracePeriodSeconds: 5 +# # affinity: +# # podAntiAffinity: +# # preferredDuringSchedulingIgnoredDuringExecution: +# # - weight: 100 +# # podAffinityTerm: +# # labelSelector: +# # matchExpressions: +# # - key: app +# # operator: In +# # values: +# # - {{ .Release.Name }}-primary-web +# # - {{ .Release.Name }}-secondary-web +# # topologyKey: "kubernetes.io/hostname" +# containers: +# - name: sftp-service +# image: {{ .Values.sftp.image }} +# imagePullPolicy: {{ .Values.sftp.imagePullPolicy }} +# ports: +# - containerPort: 4000 +# resources: +# requests: +# # memory: "512Mi" +# cpu: "100m" +# limits: +# # # memory: "1024Mi" +# cpu: {{ .Values.sftp.cpus }} +# # livenessProbe: +# # httpGet: +# # path: / +# # port: 8080 +# # initialDelaySeconds: 120 +# env: +# - name: NATS_HOSTNAME +# value: {{ .Release.Name }}-nats +# # - name: LOGGING_LEVEL +# # value: {{ .Values.sftp.logging_level }} diff --git a/helm/charts/api/values.yaml b/helm/charts/api/values.yaml index 6b6f678..fca01c4 100644 --- a/helm/charts/api/values.yaml +++ b/helm/charts/api/values.yaml @@ -6,103 +6,57 @@ hostname: 192.168.123.205 environment: dev resources: {} userid: 1001 -networking: - external_api_port: 80 - external_sftp_port: 22 - external_admin_port: 443 +# networking: +# external_api_port: 80 +# external_sftp_port: 22 +# external_admin_port: 443 api: image: calltelemetry/web:0.8.3-rc26 imagePullPolicy: IfNotPresent cpus: 2 - replicas: 3 + replicas: 0 logging_level: warning -traceroute: - image: calltelemetry/traceroute:0.7.2 - imagePullPolicy: IfNotPresent - cpus: 1 - logging_level: info + container_ports: + - name: curri-api + port: 4080 + hostname: dev.calltelemetry.com + admin: - image: calltelemetry/web:0.8.3-rc26 + image: calltelemetry/web:0.8.2-rc68 imagePullPolicy: IfNotPresent replicas: 1 cpus: 2 logging_level: warning + container_ports: + - name: web-api + port: 4000 + - name: curri-api + port: 4080 + hostname: dev.calltelemetry.com + api_worker: true + +traceroute: + image: calltelemetry/traceroute:0.7.2 + imagePullPolicy: IfNotPresent + cpus: 1 + logging_level: info + replicas: 0 + sftp: image: calltelemetry/sftp:0.6.8 pullPolicy: IfNotPresent cpus: 1 logging_level: info -vue: - image: calltelemetry/vue:0.8.3-rc26 - imagePullPolicy: Always - cpus: 1 - logging_level: info - port: 80 -metallb: - existingConfigMap: metallb-config cdr_root_path: "/tmp" -db_secret: hippo-pguser-calltelemetry -# db_name: calltelemetry_prod -# db_hostname: ctsql.pgo.svc.cluster.local -# db_username: postgres -# db_password: calltelemetry -db_port: "5432" -db_ssl_enabled: "true" +db: + useSecret: false # Set to false to use direct values + secretName: calltelemetry-db-secret + values: + db_username: postgres + db_password: calltelemetry + db_name: calltelemetry_prod + db_hostname: ctsql.pgo.svc.cluster.local + db_port: "5432" + db_ssl_enabled: "true" logging_level: debug -nats: - container: - env: - # different from k8s units, suffix must be B, KiB, MiB, GiB, or TiB - # should be ~90% of memory limit - GOMEMLIMIT: 1GiB - merge: - # recommended limit is at least 2 CPU cores and 8Gi Memory for production JetStream clusters - resources: - requests: - cpu: "1" - memory: 1Gi - limits: - cpu: "1" - memory: 1Gi - - podTemplate: - topologySpreadConstraints: - kubernetes.io/hostname: - maxSkew: 1 - whenUnsatisfiable: DoNotSchedule - - config: - merge: - debug: false - trace: false - logtime: true - max_payload: << 5mb >> - cluster: - enabled: true - port: 6222 - replicas: 3 - - jetstream: - enabled: true - - memoryStore: - enabled: false - # ensure that container has a sufficient memory limit greater than maxSize - maxSize: 1Gi - - fileStore: - enabled: true - pvc: - storageClassName: local-path - size: 10Gi - merge: - max_memory_store: 1000000 - - natsbox: - enabled: true -nack: - namespaced: true - nameOverride: "ct-nack" - jetstream: - nats: - url: "nats://ct-nats:4222" +nats_server: "nats" diff --git a/helm/charts/ingress/requirements.lock b/helm/charts/ingress/requirements.lock index fca3b87..13e0b1a 100644 --- a/helm/charts/ingress/requirements.lock +++ b/helm/charts/ingress/requirements.lock @@ -5,5 +5,5 @@ dependencies: - name: metallb repository: https://metallb.github.io/metallb version: 0.14.8 -digest: sha256:7ae132abb84755f76557a8c568f81addeda5ea100f48f64e37de0b55400060fb -generated: "2024-10-05T10:26:03.357768-05:00" +digest: sha256:ce2f871b1e8622a9ea773fedfa744cd5fd89c5b9136432b5ee3e09d3d9c220f6 +generated: "2024-10-09T14:35:47.825502-04:00" diff --git a/helm/charts/ingress/templates/admin-load-balancer.yaml b/helm/charts/ingress/templates/admin-load-balancer.yaml index 7716ab2..8984862 100644 --- a/helm/charts/ingress/templates/admin-load-balancer.yaml +++ b/helm/charts/ingress/templates/admin-load-balancer.yaml @@ -6,12 +6,12 @@ metadata: namespace: {{ .Release.Namespace }} annotations: {{- if .Values.admin_api.advertiseL2MetalLb }} - metallb.universe.tf/address-pool: admin-ip + metallb.universe.tf/address-pool: {{ .Values.admin_api.addressPool }} {{- end }} spec: type: LoadBalancer selector: - app: nginx-ingress-controller + app.kubernetes.io/name: ingress-nginx ports: - port: {{ .Values.admin_api.port }} targetPort: 80 diff --git a/helm/charts/ingress/templates/primary-api-load-balancer.yaml b/helm/charts/ingress/templates/primary-api-load-balancer.yaml index a5676f2..447c26b 100644 --- a/helm/charts/ingress/templates/primary-api-load-balancer.yaml +++ b/helm/charts/ingress/templates/primary-api-load-balancer.yaml @@ -9,7 +9,7 @@ metadata: annotations: kubernetes.io/ingress.class: nginx {{- if .Values.primary_api.advertiseL2MetalLb }} - metallb.universe.tf/address-pool: primary-ip + metallb.universe.tf/address-pool: {{ .Values.primary_api.addressPool }} {{- end }} spec: type: LoadBalancer diff --git a/helm/charts/ingress/templates/secondary-api-load-balancer.yaml b/helm/charts/ingress/templates/secondary-api-load-balancer.yaml index 88af0ea..a3b83c9 100644 --- a/helm/charts/ingress/templates/secondary-api-load-balancer.yaml +++ b/helm/charts/ingress/templates/secondary-api-load-balancer.yaml @@ -9,7 +9,7 @@ metadata: annotations: kubernetes.io/ingress.class: nginx {{- if .Values.secondary_api.advertiseL2MetalLb }} - metallb.universe.tf/address-pool: secondary-ip + metallb.universe.tf/address-pool: {{ .Values.secondary_api.addressPool }} {{- end }} spec: type: LoadBalancer diff --git a/helm/charts/ingress/values.yaml b/helm/charts/ingress/values.yaml index b00bf68..308691b 100644 --- a/helm/charts/ingress/values.yaml +++ b/helm/charts/ingress/values.yaml @@ -5,22 +5,24 @@ metallb: enabled: false ingress-nginx: controller: - replicaCount: 3 + replicaCount: 1 service: enabled: false + create: false serviceAccount: create: true - name: nginx-ingress-serviceaccount + # name: nginx-ingress-serviceaccount + name: nginx-ingress-serviceaccount-{{ .Release.Namespace }} rbac: create: true scope: namespaced clusterRole: create: true name: "{{ .Release.Name }}-{{ .Release.Namespace }}-ingress-nginx" - labels: - app: nginx-ingress-controller - podLabels: - app: nginx-ingress-controller + # labels: + # app: nginx-ingress-controller-{{ .Release.Namespace }} + # podLabels: + # app: nginx-ingress-controller-{{ .Release.Namespace }} # Primary API Load Balancer primary_api: @@ -29,6 +31,7 @@ primary_api: ip: "192.168.123.205" port: 80 https_port: 443 + addressPool: "primary-api-ip" # Secondary API Load Balancer secondary_api: @@ -37,7 +40,7 @@ secondary_api: ip: "192.168.123.206" port: 80 https_port: 443 - + addressPool: "secondary-api-ip" # Admin API Load Balancer admin_api: createLoadBalancer: true @@ -45,4 +48,5 @@ admin_api: ip: "192.168.123.207" port: 80 https_port: 443 + addressPool: "admin-ip"