diff --git a/calyptia-cloud-standalone.yaml b/calyptia-cloud-standalone.yaml
index c6c88c5..37a30bd 100644
--- a/calyptia-cloud-standalone.yaml
+++ b/calyptia-cloud-standalone.yaml
@@ -5,10 +5,10 @@ kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: controller-manager
@@ -51,10 +51,10 @@ kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
name: calyptia-cloud-standalone-calyptia-standalone-cloud
namespace: "calyptia"
---
@@ -64,37 +64,23 @@ kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
name: calyptia-cloud-standalone-calyptia-standalone-frontend
namespace: "calyptia"
---
-# Source: calyptia-standalone/templates/reloader/service-account.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
- name: calyptia-cloud-standalone-calyptia-standalone-reloader
- namespace: "calyptia"
----
# Source: calyptia-standalone/templates/monitoring/configmap-daemonset.yaml
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: monitoring
name: monitoring-daemonset
namespace: "calyptia"
@@ -176,10 +162,10 @@ kind: ConfigMap
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: monitoring
name: monitoring-aggregator
namespace: "calyptia"
@@ -220,14 +206,6 @@ data:
metrics_path /api/v2/metrics/prometheus
scrape_interval 30s
- [INPUT]
- name prometheus_scrape
- tag metrics.reloader
- host reloader.calyptia
- port 9090
- metrics_path /metrics
- scrape_interval 30s
-
[INPUT]
name prometheus_scrape
tag metrics.operator
@@ -303,7 +281,7 @@ spec:
config:
type: string
fluentBitImage:
- default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1'
+ default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3'
type: string
ingestCheckSidecarImage:
default: 'ghcr.io/calyptia/core/ingest-check:0.0.7'
@@ -489,7 +467,7 @@ spec:
default: 'ghcr.io/calyptia/configmap-reload:0.11.1'
type: string
image:
- default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1'
+ default: 'ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3'
type: string
kind:
description: Enums
@@ -801,10 +779,10 @@ kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
calyptia.core: core-operator
name: calyptia-core-manager-role
rules:
@@ -858,10 +836,10 @@ kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: metrics-reader
@@ -882,10 +860,10 @@ kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
calyptia.core: core-operator
name: calyptia-core-pod-role
rules:
@@ -930,10 +908,10 @@ kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: proxy-role
@@ -1006,10 +984,10 @@ kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: manager-rolebinding
@@ -1033,10 +1011,10 @@ kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: proxy-rolebinding
@@ -1116,53 +1094,6 @@ rules:
resources: ["pods", "secrets"]
verbs: ["get", "watch", "list"]
---
-# Source: calyptia-standalone/templates/reloader/rbac.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrole.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrolebinding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: reloader-reloader-role
- namespace: "calyptia"
-rules:
- - apiGroups:
- - ""
- resources:
- - secrets
- - configmaps
- verbs:
- - list
- - get
- - watch
- - apiGroups:
- - "apps"
- resources:
- - deployments
- - daemonsets
- - statefulsets
- verbs:
- - list
- - get
- - update
- - patch
- - apiGroups:
- - "extensions"
- resources:
- - deployments
- - daemonsets
- verbs:
- - list
- - get
- - update
- - patch
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
# Source: calyptia-standalone/templates/cloud/rbac.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
@@ -1193,21 +1124,6 @@ roleRef:
kind: Role
name: calyptia-read-role
---
-# Source: calyptia-standalone/templates/reloader/rbac.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: reloader-reloader-role-binding
- namespace: "calyptia"
-subjects:
- - kind: ServiceAccount
- name: calyptia-cloud-standalone-calyptia-standalone-reloader
- namespace: "calyptia"
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: reloader-reloader-role
----
# Source: calyptia-standalone/charts/core-operator/templates/service.yaml
apiVersion: v1
kind: Service
@@ -1218,10 +1134,10 @@ metadata:
prometheus.io/scrape: "true"
labels:
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: operator
app.kubernetes.io/instance: controller-manager-metrics-service
@@ -1321,10 +1237,10 @@ metadata:
metrics.dynatrace.com/port: "5000"
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-api
name: cloud-api
namespace: "calyptia"
@@ -1336,10 +1252,10 @@ spec:
targetPort: 5000
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-api
---
# Source: calyptia-standalone/templates/cloud/service-influxdb.yaml
@@ -1348,10 +1264,10 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: influxdb
name: influxdb
namespace: "calyptia"
@@ -1363,10 +1279,10 @@ spec:
targetPort: 8086
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: influxdb
---
# Source: calyptia-standalone/templates/cloud/service-postgres.yaml
@@ -1375,10 +1291,10 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: postgres
name: postgres
namespace: "calyptia"
@@ -1390,10 +1306,10 @@ spec:
targetPort: 5432
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: postgres
---
# Source: calyptia-standalone/templates/frontend/service-core-ui.yaml
@@ -1402,10 +1318,10 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: core
name: core
namespace: "calyptia"
@@ -1417,10 +1333,10 @@ spec:
targetPort: 3000
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: core
---
# Source: calyptia-standalone/templates/frontend/service-luasandbox.yaml
@@ -1429,10 +1345,10 @@ kind: Service
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-lua-sandbox
name: cloud-lua-sandbox
namespace: "calyptia"
@@ -1444,47 +1360,12 @@ spec:
targetPort: 5555
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-lua-sandbox
---
-# Source: calyptia-standalone/templates/reloader/sevice-reloader.yaml
-apiVersion: v1
-kind: Service
-metadata:
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: '9090'
- # Set up Dynatrace scraping
- metrics.dynatrace.com/scrape: "true"
- metrics.dynatrace.com/path: "/metrics"
- metrics.dynatrace.com/port: '9090'
- labels:
- app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
- app.kubernetes.io/component: reloader
- name: reloader
- namespace: "calyptia"
-spec:
- type: ClusterIP
- ports:
- - name: http
- port: 9090
- targetPort: 9090
- selector:
- app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
- app.kubernetes.io/component: reloader
----
# Source: calyptia-standalone/templates/vivo/service-vivo.yaml
apiVersion: v1
kind: Service
@@ -1499,10 +1380,10 @@ metadata:
metrics.dynatrace.com/port: '2020'
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: vivo
calyptia.vivo.input.http: '9010'
calyptia.vivo.input.forward: '9000'
@@ -1528,10 +1409,10 @@ spec:
targetPort: 2020
selector:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: vivo
---
# Source: calyptia-standalone/charts/monitoring-daemonset/templates/daemonset.yaml
@@ -1546,8 +1427,6 @@ metadata:
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/version: "2.2.0"
app.kubernetes.io/managed-by: Helm
- annotations:
- reloader.stakater.com/auto: "true"
spec:
selector:
matchLabels:
@@ -1576,7 +1455,7 @@ spec:
securityContext:
runAsNonRoot: false
runAsUser: 0
- image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1"
+ image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3"
imagePullPolicy: IfNotPresent
env:
- name: NODE_NAME
@@ -1660,10 +1539,10 @@ metadata:
labels:
#
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
app.kubernetes.io/component: manager
app.kubernetes.io/created-by: operator
calyptia.core: core-operator
@@ -1683,10 +1562,10 @@ spec:
labels:
#
app.kubernetes.io/name: core-operator
- helm.sh/chart: core-operator-2.0.4
+ helm.sh/chart: core-operator-2.0.8
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v2.0.20"
+ app.kubernetes.io/version: "v2.0.24"
#
#
calyptia.core: core-operator
@@ -1695,7 +1574,7 @@ spec:
containers:
- command:
- /manager
- image: ghcr.io/calyptia/core-operator:2.0.21
+ image: ghcr.io/calyptia/core-operator:2.0.25
imagePullPolicy: "IfNotPresent"
livenessProbe:
httpGet:
@@ -1747,8 +1626,6 @@ metadata:
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/version: "2.2.0"
app.kubernetes.io/managed-by: Helm
- annotations:
- reloader.stakater.com/auto: "true"
spec:
replicas: 1
selector:
@@ -1768,7 +1645,7 @@ spec:
dnsPolicy: ClusterFirst
containers:
- name: monitoring-aggregator
- image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.1"
+ image: "ghcr.io/calyptia/core/calyptia-fluent-bit:23.11.3"
imagePullPolicy: IfNotPresent
command:
- /fluent-bit/bin/fluent-bit
@@ -1813,10 +1690,10 @@ metadata:
kubectl.kubernetes.io/default-container: cloud-api
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-api
name: cloud-api
namespace: "calyptia"
@@ -1832,10 +1709,10 @@ spec:
annotations:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-api
spec:
serviceAccount: calyptia-cloud-standalone-calyptia-standalone-cloud
@@ -1843,7 +1720,7 @@ spec:
imagePullSecrets:
- name: regcreds
containers:
- - image: ghcr.io/calyptia/cloud:1.6.5
+ - image: ghcr.io/calyptia/cloud:1.6.8
imagePullPolicy: "IfNotPresent"
name: cloud-api
ports:
@@ -1864,12 +1741,14 @@ spec:
# - name: ALLOWED_ORIGINS
# # value: "https://config-viewer-ui-dev.herokuapp.com,https://visual-ui.herokuapp.com,https://cloud-api.calyptia.com,https://core-jet.vercel.app,https://core-git-*-calyptia.vercel.app"
# value: "*"
- # Cross-mount a token file
+ # To enable secret export we have to specify a token file but we do not want to expose this
- name: DEFAULT_TOKEN_FILE
- value: /token/token.txt
+ value: /dev/null
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+ value: auth-secret
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
+ value: "calyptia"
volumeMounts:
- - mountPath: /token
- name: token
startupProbe:
failureThreshold: 30
httpGet:
@@ -1888,45 +1767,7 @@ spec:
path: /
port: http
periodSeconds: 60
- - name: token-secret-creator
- image: docker.io/bitnami/kubectl:1.25.12
- imagePullPolicy: "IfNotPresent"
- # Need access to the filesystem - cloud runs as root
- securityContext:
- runAsUser: 0
- resources:
- limits: {}
- requests: {}
- command: ["/bin/bash"]
- args:
- - "-c"
- - |
- if kubectl delete -n ${CORE_NAMESPACE} secret auth-secret ; then
- echo 'Deleted existing token'
- fi
- until [[ -f /token/token.txt ]]; do
- sleep 5
- done
- echo 'Token file found'
- until kubectl create -n ${CORE_NAMESPACE} secret generic auth-secret --from-file=ONPREM_CLOUD_API_PROJECT_TOKEN=/token/token.txt ; do
- sleep 5
- done
- echo 'Secret created - complete'
- while true; do
- sleep 5
- done
- env:
- - name: CORE_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: token
- mountPath: /token
volumes:
- - name: token
- emptyDir:
- sizeLimit: 1Mi
restartPolicy: Always
---
# Source: calyptia-standalone/templates/cloud/deployment-influxdb.yaml
@@ -1935,10 +1776,10 @@ kind: Deployment
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: influxdb
name: influxdb
namespace: "calyptia"
@@ -1954,10 +1795,10 @@ spec:
annotations:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: influxdb
spec:
@@ -1997,10 +1838,10 @@ kind: Deployment
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: postgres
name: postgres
namespace: "calyptia"
@@ -2016,10 +1857,10 @@ spec:
annotations:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: postgres
spec:
@@ -2047,14 +1888,12 @@ spec:
apiVersion: apps/v1
kind: Deployment
metadata:
- annotations:
- reloader.stakater.com/auto: "true"
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: core
name: core
namespace: "calyptia"
@@ -2069,10 +1908,10 @@ spec:
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: core
spec:
serviceAccount: calyptia-cloud-standalone-calyptia-standalone-frontend
@@ -2091,16 +1930,19 @@ spec:
args:
- "-c"
- |
- until kubectl get secret -n ${CORE_NAMESPACE} auth-secret; do
- sleep 30
+ until kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}"; do
+ sleep 10
done
+ kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}" -o yaml
env:
- - name: CORE_NAMESPACE
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+ value: auth-secret
containers:
- - image: ghcr.io/calyptia/frontend:1.5.0
+ - image: ghcr.io/calyptia/frontend:1.5.3
imagePullPolicy: "IfNotPresent"
name: core
ports:
@@ -2124,9 +1966,13 @@ spec:
value: '1'
- name: NEXT_TELEMETRY_DISABLED
value: '1'
- envFrom:
- - secretRef:
- name: auth-secret
+ # Extract the value for this from the secret specified
+ - name: ONPREM_CLOUD_API_PROJECT_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: auth-secret
+ # Fixed name generated by Cloud since >=1.6.8
+ key: token
resources:
limits:
cpu: 500m
@@ -2160,10 +2006,10 @@ kind: Deployment
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-lua-sandbox
name: cloud-lua-sandbox
namespace: "calyptia"
@@ -2178,10 +2024,10 @@ spec:
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: cloud-lua-sandbox
spec:
@@ -2201,92 +2047,16 @@ spec:
imagePullPolicy: "IfNotPresent"
restartPolicy: Always
---
-# Source: calyptia-standalone/templates/reloader/deployment-reloader.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
- app.kubernetes.io/component: reloader
- name: reloader
- namespace: "calyptia"
-spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/name: calyptia-standalone
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/component: reloader
- template:
- metadata:
- labels:
- app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
- app.kubernetes.io/instance: calyptia-cloud-standalone
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
- app.kubernetes.io/component: reloader
- spec:
-
- imagePullSecrets:
- - name: regcreds
- containers:
- - image: ghcr.io/calyptia/reloader:1.0.41
- name: reloader
- ports:
- - name: http
- containerPort: 9090
- resources:
- limits: {}
- requests: {}
- imagePullPolicy: "IfNotPresent"
- readinessProbe:
- failureThreshold: 5
- httpGet:
- path: /metrics
- port: http
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 5
- livenessProbe:
- failureThreshold: 5
- httpGet:
- path: /live
- port: http
- initialDelaySeconds: 10
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 5
- env:
- - name: KUBERNETES_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- args:
- - "--reload-on-create=true"
- - "--sync-after-restart=true"
- restartPolicy: Always
- securityContext:
- runAsNonRoot: true
- runAsUser: 65534
- serviceAccountName: calyptia-cloud-standalone-calyptia-standalone-reloader
----
# Source: calyptia-standalone/templates/vivo/deployment-vivo.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: vivo
name: vivo
namespace: "calyptia"
@@ -2301,10 +2071,10 @@ spec:
metadata:
labels:
app.kubernetes.io/name: calyptia-standalone
- helm.sh/chart: calyptia-standalone-2.0.1
+ helm.sh/chart: calyptia-standalone-2.1.0
app.kubernetes.io/instance: calyptia-cloud-standalone
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/version: "v1.6.5"
+ app.kubernetes.io/version: "v1.6.8"
app.kubernetes.io/component: vivo
spec:
diff --git a/charts/calyptia-cloud-standalone/Chart.lock b/charts/calyptia-cloud-standalone/Chart.lock
index 3bbd839..02251d9 100644
--- a/charts/calyptia-cloud-standalone/Chart.lock
+++ b/charts/calyptia-cloud-standalone/Chart.lock
@@ -1,10 +1,10 @@
dependencies:
- name: core-operator
repository: https://helm.calyptia.com
- version: 2.0.4
+ version: 2.0.8
- name: core-crd
repository: https://helm.calyptia.com
- version: 2.0.4
+ version: 2.0.8
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.13.3
@@ -17,5 +17,5 @@ dependencies:
- name: fluent-bit
repository: https://fluent.github.io/helm-charts
version: 0.40.0
-digest: sha256:9cfa57a9a7c6335dc0dfc6d7f712f0ddf0089802f1e8f5b7203c456840967102
-generated: "2023-11-20T17:15:52.049928985Z"
+digest: sha256:847acb545de6be43b49572875a879831eb59f5e3091ea2461b75fb47a502937a
+generated: "2023-11-23T12:07:35.001448206Z"
diff --git a/charts/calyptia-cloud-standalone/Chart.yaml b/charts/calyptia-cloud-standalone/Chart.yaml
index 3d07ffc..e534d8a 100644
--- a/charts/calyptia-cloud-standalone/Chart.yaml
+++ b/charts/calyptia-cloud-standalone/Chart.yaml
@@ -4,8 +4,8 @@ description: Umbrella chart to configure a Calyptia Core control plane and suppo
home: https://calyptia.com/products/calyptia-core/
icon: https://storage.googleapis.com/calyptia_public_resources_bucket/logo-darkmode.svg
type: application
-version: 2.0.1
-appVersion: "v1.6.5"
+version: 2.1.0
+appVersion: "v1.6.8"
maintainers:
- name: Calyptia
email: hello@calyptia.com
@@ -30,13 +30,6 @@ dependencies:
version: 2.9.10
alias: loki-stack
condition: monitoring.grafana
- # Cannot use the chart due to incompatible usage of global.imagePullSecrets
- # Instead we embed it
- # - name: reloader
- # version: 1.x.x
- # repository: https://stakater.github.io/stakater-charts
- # alias: reloader
- # condition: reloader.enabled
# Use the OSS Fluent Bit chart for monitoring
- name: fluent-bit
version: 0.x.x
diff --git a/charts/calyptia-cloud-standalone/README.md b/charts/calyptia-cloud-standalone/README.md
index 1033a6e..ba1c151 100644
--- a/charts/calyptia-cloud-standalone/README.md
+++ b/charts/calyptia-cloud-standalone/README.md
@@ -47,10 +47,10 @@ helm upgrade --install \
## Upgrade
-To upgrade the chart, the two main things to ensure are:
+To upgrade the chart without service interruption, the two main things to ensure are:
1. The Postgres database state does not change.
-1. The CRDs for the operator are not removed.
+1. The CRDs for the operator (if deployed with this chart) are not removed.
The chart includes a Postgres database default deployment in-cluster but this is not recommended for production and provides no guarantees.
An external database (external to this chart, it could be in-cluster) with high availability should be provided.
@@ -64,11 +64,18 @@ This includes CRD configuration but note Helm has caveats on managing existing C
Any upgrade should first ensure the correct CRDs are installed via `kubectl replace -f crd.yaml`.
The CRD YAML files are available on the specific release being installed here:
-If CRDs are removed then all workloads associated with them will also be destroyed.
+If CRDs are removed then all workloads associated with them will also be destroyed (but will be recreated when the CRD is added again if the config is in the database).
+
CRD removal can be prevented with the following annotation:
```shell
kubectl annotate crd pipelines.core.calyptia.com helm.sh/resource-policy=keep --overwrite
+kubectl annotate crd ingestchecks.core.calyptia.com helm.sh/resource-policy=keep --overwrite
+```
+
+To upgrade from 1.x series chart to 2.x, also add these annotations to prevent replacement of the CRD:
+
+```shell
kubectl annotate crd pipelines.core.calyptia.com meta.helm.sh/release-name=calyptia-cloud --overwrite
kubectl annotate crd pipelines.core.calyptia.com meta.helm.sh/release-namespace="$CALYPTIA_NAMESPACE" --overwrite
kubectl label crd pipelines.core.calyptia.com app.kubernetes.io/managed-by=Helm --overwrite
@@ -76,6 +83,26 @@ kubectl label crd pipelines.core.calyptia.com app.kubernetes.io/managed-by=Helm
The recommendation would be to deploy the Core Operator separately and disable it in this chart to maintain full control over lifecycle.
+## Production deployment
+
+The default configuration for this chart is intended to provide a simple in-cluster working deployment and as such is not recommended for production.
+Specifically, for a production deployment the recommendations are:
+
+* Deploy Postgres (and Influx) separately and manage with high availability.
+* Deploy the Core Operator separately and manage the data plane independently of the control plane.
+
+```yaml
+operator:
+ enabled: false
+cloudApi:
+ postgres:
+ enabled: false
+ connectionString:
+ influxdb:
+ enabled: false
+ server:
+```
+
## Services
The helm chart provides the following services:
@@ -231,6 +258,39 @@ operator:
Once the operator is deployed, the [`core-instance`](https://github.com/calyptia/charts/tree/master/charts/core-instance) chart can be used to add workloads to the cluster.
Alternatively the legacy [`core`](https://github.com/calyptia/charts/tree/master/charts/core) chart can also be used without operator support.
+### Autoscaling
+
+Each of the main services can be set up to use [Horizontal Pod Autoscaling (HPA)](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/), however this is disabled by default.
+
+To enable, set the `autoscaling.enabled=true` property in the appropriate sections below:
+
+```yaml
+cloudApi:
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
+frontend:
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
+ luaSandbox:
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
+```
+
+Remember HPA requires a controller (as well as a metrics server and any other supporting infrastructure) in the cluster to actually implement and manage scaling.
+Ensure this is deployed as well in an appropriate fashion.
+
## Troubleshooting
### Calyptia Fluent Bit LTS
diff --git a/charts/calyptia-cloud-standalone/templates/NOTES.txt b/charts/calyptia-cloud-standalone/templates/NOTES.txt
index bc74d97..2be6ea1 100644
--- a/charts/calyptia-cloud-standalone/templates/NOTES.txt
+++ b/charts/calyptia-cloud-standalone/templates/NOTES.txt
@@ -5,7 +5,7 @@ Calyptia Core Operator correctly installed.
To get the project token:
-kubectl get secret -n {{ .Release.Namespace }} auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode
+kubectl get secret -n {{ .Release.Namespace }} auth-secret -o jsonpath='{.data.token}'| base64 --decode
To create an instance in the cluster run:
@@ -17,7 +17,7 @@ export INSTANCE_NAMESPACE=core-instance
export INSTANCE_NAME=test
{{- if .Values.operator.enabled }}
helm upgrade --install --namespace "$INSTANCE_NAMESPACE" --create-namespace calyptia-core-instance calyptia/core-instance \
- --set cloudToken="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)" \
+ --set cloudToken="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.token}'| base64 --decode)" \
--set coreInstance="$INSTANCE_NAME" --set cloudUrl="http://cloud-api.${CLOUD_NAMESPACE}:5000" \
--debug --wait
@@ -51,7 +51,7 @@ This will spin up a pod to handle the pipeline as a test, however this should be
export INSTANCE_TAG=test
helm upgrade --install --namespace "$INSTANCE_NAMESPACE" --create-namespace calyptia-core calyptia/core \
- --set project_token="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)" \
+ --set project_token="$(kubectl get secret -n "$CLOUD_NAMESPACE" auth-secret -o jsonpath='{.data.token}'| base64 --decode)" \
--set name="$INSTANCE_NAME" --set core_instance_tags="$INSTANCE_TAG" --set api_url="http://cloud-api.$CLOUD_NAMESPACE:5000" \
--debug --wait
@@ -123,3 +123,9 @@ A different configuration can be provided via the '.monitoring-aggregator.existi
Each of these provides Prometheus metrics via port 2021 `/metrics` endpoint.
{{- end }}
+{{- if .Values.cloudApi.postgres.enabled }}
+WARNING: This is a non-production deployment as it is using an in-cluster Postgres database deployed by this chart.
+{{- end }}
+{{- if .Values.operator.enabled }}
+WARNING: This is a non-production deployment as it is using an in-cluster Core Operator deployed by this chart.
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/_helpers.tpl b/charts/calyptia-cloud-standalone/templates/_helpers.tpl
index e75aa4b..50f9558 100644
--- a/charts/calyptia-cloud-standalone/templates/_helpers.tpl
+++ b/charts/calyptia-cloud-standalone/templates/_helpers.tpl
@@ -65,13 +65,6 @@ Return the proper ingress.image image name
{{ include "common.images.image" (dict "imageRoot" .Values.ingress.images.nginx "global" .Values.global) }}
{{- end -}}
-{{/*
-Return the proper reloader.image image name
-*/}}
-{{- define "reloader.image" -}}
-{{ include "common.images.image" (dict "imageRoot" .Values.reloader.images.reloader "global" .Values.global) }}
-{{- end -}}
-
{{/*
Returns the proper service account name depending if an explicit service account name is set
in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create
@@ -106,23 +99,6 @@ is true or default otherwise.
{{- end -}}
{{- end -}}
-{{/*
-Returns the proper service account name depending if an explicit service account name is set
-in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create
-is true or default otherwise.
-*/}}
-{{- define "reloader.serviceAccountName" -}}
- {{- if .Values.reloader.serviceAccount.create -}}
- {{- if (empty .Values.reloader.serviceAccount.name) -}}
- {{- printf "%s-reloader" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
- {{- else -}}
- {{ default "default" .Values.reloader.serviceAccount.name }}
- {{- end -}}
- {{- else -}}
- {{ default "default" .Values.reloader.serviceAccount.name }}
- {{- end -}}
-{{- end -}}
-
{{/*
Return the proper Container Registry Secret Names
*/}}
@@ -165,15 +141,19 @@ Return the proper Container Registry Secret Names
{{ include "common.images.pullSecrets" (dict "images" (list .Values.vivo.images.vivo) "global" .Values.global) }}
{{- end -}}
-{{/*
-Return the proper Container Registry Secret Names
-*/}}
-{{- define "reloader.imagePullSecrets" -}}
-{{ include "common.images.pullSecrets" (dict "images" (list .Values.reloader.images.reloader) "global" .Values.global) }}
-{{- end -}}
-
{{- define "createImagePullSecret" -}}
{{- with .Values.imageCredentials }}
{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
{{- end -}}
{{- end -}}
+
+{{/*
+Return the proper name for the shared authentication secret
+*/}}
+{{- define "cloud.authSecretName" -}}
+ {{- if .Values.authentication -}}
+ {{- default "auth-secret" .Values.authentication.secret.name | trunc 63 | trimSuffix "-" -}}
+ {{- else -}}
+ {{- "auth-secret" | trunc 63 | trimSuffix "-" -}}
+ {{- end -}}
+{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml b/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
index 57dca1f..80a1dd8 100644
--- a/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
+++ b/charts/calyptia-cloud-standalone/templates/cloud/deployment-cloud.yaml
@@ -65,12 +65,14 @@ spec:
# - name: ALLOWED_ORIGINS
# # value: "https://config-viewer-ui-dev.herokuapp.com,https://visual-ui.herokuapp.com,https://cloud-api.calyptia.com,https://core-jet.vercel.app,https://core-git-*-calyptia.vercel.app"
# value: "*"
- # Cross-mount a token file
+ # To enable secret export we have to specify a token file but we do not want to expose this
- name: DEFAULT_TOKEN_FILE
- value: /token/token.txt
+ value: /dev/null
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+ value: {{ template "cloud.authSecretName" . }}
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
+ value: {{ .Release.Namespace | quote }}
volumeMounts:
- - mountPath: /token
- name: token
{{- if .Values.cloudApi.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.cloudApi.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
@@ -83,45 +85,7 @@ spec:
{{- if .Values.cloudApi.livenessProbe }}
livenessProbe: {{- toYaml .Values.cloudApi.livenessProbe | nindent 12 }}
{{- end }}
- - name: token-secret-creator
- image: {{ template "cloud.kubectl.image" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
- # Need access to the filesystem - cloud runs as root
- securityContext:
- runAsUser: 0
- {{- if .Values.cloudApi.kubectl.resources }}
- resources: {{- toYaml .Values.cloudApi.kubectl.resources | nindent 12 }}
- {{- end }}
- command: ["/bin/bash"]
- args:
- - "-c"
- - |
- if kubectl delete -n ${CORE_NAMESPACE} secret auth-secret ; then
- echo 'Deleted existing token'
- fi
- until [[ -f /token/token.txt ]]; do
- sleep 5
- done
- echo 'Token file found'
- until kubectl create -n ${CORE_NAMESPACE} secret generic auth-secret --from-file=ONPREM_CLOUD_API_PROJECT_TOKEN=/token/token.txt ; do
- sleep 5
- done
- echo 'Secret created - complete'
- while true; do
- sleep 5
- done
- env:
- - name: CORE_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- volumeMounts:
- - name: token
- mountPath: /token
volumes:
- - name: token
- emptyDir:
- sizeLimit: 1Mi
{{- if .Values.cloudApi.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.cloudApi.extraVolumes "context" $) | nindent 8 }}
{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml b/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml
new file mode 100644
index 0000000..7a6bd69
--- /dev/null
+++ b/charts/calyptia-cloud-standalone/templates/cloud/hpa.yaml
@@ -0,0 +1,31 @@
+{{- if (and .Values.cloudApi.autoscaling .Values.cloudApi.autoscaling.enabled) }}
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+ name: cloud-api
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: cloud-api
+ minReplicas: {{ default 1 .Values.cloudApi.autoscaling.minReplicas }}
+ maxReplicas: {{ default 5 .Values.cloudApi.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.cloudApi.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ targetAverageUtilization: {{ .Values.cloudApi.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.cloudApi.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ targetAverageUtilization: {{ .Values.cloudApi.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml b/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
index 84d7e8a..76dd9bf 100644
--- a/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
+++ b/charts/calyptia-cloud-standalone/templates/frontend/deployment-core-ui.yaml
@@ -2,11 +2,10 @@
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
+ {{- if .Values.commonAnnotations }}
annotations:
- reloader.stakater.com/auto: "true"
- {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
+ {{- end }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: core
name: core
@@ -47,14 +46,17 @@ spec:
args:
- "-c"
- |
- until kubectl get secret -n ${CORE_NAMESPACE} auth-secret; do
- sleep 30
+ until kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}"; do
+ sleep 10
done
+ kubectl get secret -n "${DEFAULT_TOKEN_K8S_SECRET_NAMESPACE}" "${DEFAULT_TOKEN_K8S_SECRET_NAME}" -o yaml
env:
- - name: CORE_NAMESPACE
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
+ - name: DEFAULT_TOKEN_K8S_SECRET_NAME
+ value: {{ template "cloud.authSecretName" . }}
containers:
- image: {{ template "frontend.image" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
@@ -80,9 +82,13 @@ spec:
value: '1'
- name: NEXT_TELEMETRY_DISABLED
value: '1'
- envFrom:
- - secretRef:
- name: auth-secret
+ # Extract the value for this from the secret specified
+ - name: ONPREM_CLOUD_API_PROJECT_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: {{ template "cloud.authSecretName" . }}
+ # Fixed name generated by Cloud since >=1.6.8
+ key: token
{{- if .Values.frontend.resources }}
resources: {{- toYaml .Values.frontend.resources | nindent 12 }}
{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml b/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml
new file mode 100644
index 0000000..97cdf71
--- /dev/null
+++ b/charts/calyptia-cloud-standalone/templates/frontend/hpa.yaml
@@ -0,0 +1,64 @@
+{{- if (and .Values.frontend.autoscaling .Values.frontend.autoscaling.enabled) }}
+---
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+ name: core
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: core
+ minReplicas: {{ default 1 .Values.frontend.autoscaling.minReplicas }}
+ maxReplicas: {{ default 5 .Values.frontend.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ targetAverageUtilization: {{ .Values.frontend.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ targetAverageUtilization: {{ .Values.frontend.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
+{{- if (and .Values.frontend.luaSandbox.autoscaling .Values.frontend.luaSandbox.autoscaling.enabled) }}
+---
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+ name: cloud-lua-sandbox
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: cloud-lua-sandbox
+ minReplicas: {{ default 1 .Values.frontend.luaSandbox.autoscaling.minReplicas }}
+ maxReplicas: {{ default 5 .Values.frontend.luaSandbox.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.frontend.luaSandbox.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ targetAverageUtilization: {{ .Values.frontend.luaSandbox.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.frontend.luaSandbox.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ targetAverageUtilization: {{ .Values.frontend.luaSandbox.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml b/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
index ea66245..140156b 100644
--- a/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
+++ b/charts/calyptia-cloud-standalone/templates/monitoring/configmap-deployment.yaml
@@ -46,14 +46,6 @@ data:
metrics_path /api/v2/metrics/prometheus
scrape_interval 30s
- [INPUT]
- name prometheus_scrape
- tag metrics.reloader
- host reloader.calyptia
- port 9090
- metrics_path /metrics
- scrape_interval 30s
-
[INPUT]
name prometheus_scrape
tag metrics.operator
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml b/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml
deleted file mode 100644
index 5d65988..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/deployment-reloader.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-{{- if .Values.reloader.enabled -}}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/deployment.yaml
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- {{- if .Values.commonAnnotations }}
- annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
- labels: {{- include "common.labels.standard" . | nindent 4 }}
- app.kubernetes.io/component: reloader
- name: reloader
- namespace: {{ .Release.Namespace | quote }}
-spec:
- replicas: {{ default 1 .Values.reloader.replicas }}
- selector:
- matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
- app.kubernetes.io/component: reloader
- {{- if .Values.reloader.updateStrategy }}
- strategy: {{- toYaml .Values.reloader.updateStrategy | nindent 4 }}
- {{- end }}
- template:
- metadata:
- {{- if .Values.reloader.podAnnotations }}
- {{- include "common.tplvalues.render" (dict "value" .Values.reloader.podAnnotations "context" $) | nindent 8 }}
- {{- end }}
- labels: {{- include "common.labels.standard" . | nindent 8 }}
- app.kubernetes.io/component: reloader
- {{- if .Values.commonLabels }}
- {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 8 }}
- {{- end }}
- {{- if .Values.reloader.podLabels }}
- {{- include "common.tplvalues.render" (dict "value" .Values.frontend.podLabels "context" $) | nindent 8 }}
- {{- end }}
- spec:
- {{- include "reloader.imagePullSecrets" . | nindent 6 }}
- containers:
- - image: {{ template "reloader.image" . }}
- name: reloader
- ports:
- - name: http
- containerPort: 9090
- {{- if .Values.reloader.resources }}
- resources: {{- toYaml .Values.reloader.resources | nindent 12 }}
- {{- end }}
- imagePullPolicy: {{ .Values.global.pullPolicy | quote }}
- {{- if .Values.reloader.startupProbe }}
- startupProbe: {{- toYaml .Values.reloader.startupProbe | nindent 12 }}
- {{- end }}
- {{- if .Values.reloader.readinessProbe }}
- readinessProbe: {{- toYaml .Values.reloader.readinessProbe | nindent 12 }}
- {{- end }}
- {{- if .Values.reloader.livenessProbe }}
- livenessProbe: {{- toYaml .Values.reloader.livenessProbe | nindent 12 }}
- {{- end }}
- env:
- - name: KUBERNETES_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- args:
- {{- if eq .Values.reloader.reloadOnCreate true }}
- - "--reload-on-create={{ .Values.reloader.reloadOnCreate }}"
- {{- end }}
- {{- if eq .Values.reloader.syncAfterRestart true }}
- - "--sync-after-restart={{ .Values.reloader.syncAfterRestart }}"
- {{- end }}
- restartPolicy: {{ default "Always" .Values.reloader.restartPolicy }}
- securityContext:
- runAsNonRoot: true
- runAsUser: 65534
- serviceAccountName: {{ template "reloader.serviceAccountName" . }}
-{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml b/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml
deleted file mode 100644
index ad4c2d6..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/rbac.yaml
+++ /dev/null
@@ -1,63 +0,0 @@
-{{- if and (.Values.reloader.enabled) (.Values.reloader.rbac.create) }}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrole.yaml
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/clusterrolebinding.yaml
-apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
-kind: Role
-metadata:
- name: reloader-reloader-role
- namespace: {{ .Release.Namespace | quote }}
-rules:
- - apiGroups:
- - ""
- resources:
- - secrets
- - configmaps
- verbs:
- - list
- - get
- - watch
- - apiGroups:
- - "apps"
- resources:
- - deployments
- - daemonsets
- - statefulsets
- verbs:
- - list
- - get
- - update
- - patch
- - apiGroups:
- - "extensions"
- resources:
- - deployments
- - daemonsets
- verbs:
- - list
- - get
- - update
- - patch
- - apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }}
-kind: RoleBinding
-metadata:
- name: reloader-reloader-role-binding
- namespace: {{ .Release.Namespace | quote }}
-subjects:
- - kind: ServiceAccount
- name: {{ template "reloader.serviceAccountName" . }}
- namespace: {{ .Release.Namespace | quote }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: reloader-reloader-role
----
-{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml b/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml
deleted file mode 100644
index 35cbac6..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/service-account.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-{{- if and (.Values.reloader.enabled) (.Values.reloader.serviceAccount.create) }}
----
-# https://github.com/stakater/Reloader/blob/master/deployments/kubernetes/manifests/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- {{- include "common.labels.standard" . | nindent 4 }}
- name: {{ template "reloader.serviceAccountName" . }}
- {{- $mergedAnnotations := merge .Values.reloader.serviceAccount.annotations .Values.commonAnnotations }}
- {{- if $mergedAnnotations }}
- annotations: {{- include "common.tplvalues.render" ( dict "value" $mergedAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
- namespace: {{ .Release.Namespace | quote }}
-{{- end }}
diff --git a/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml b/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml
deleted file mode 100644
index f5e86ed..0000000
--- a/charts/calyptia-cloud-standalone/templates/reloader/sevice-reloader.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{- if .Values.reloader.enabled -}}
----
-apiVersion: v1
-kind: Service
-metadata:
- annotations:
- prometheus.io/scrape: "true"
- prometheus.io/path: "/metrics"
- prometheus.io/port: '9090'
- # Set up Dynatrace scraping
- metrics.dynatrace.com/scrape: "true"
- metrics.dynatrace.com/path: "/metrics"
- metrics.dynatrace.com/port: '9090'
- {{- if .Values.commonAnnotations }}
- {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
- {{- end }}
- labels: {{- include "common.labels.standard" . | nindent 4 }}
- app.kubernetes.io/component: reloader
- name: reloader
- namespace: {{ .Release.Namespace | quote }}
-spec:
- type: ClusterIP
- ports:
- - name: http
- port: 9090
- targetPort: 9090
- selector: {{- include "common.labels.standard" . | nindent 4 }}
- app.kubernetes.io/component: reloader
-{{- end -}}
diff --git a/charts/calyptia-cloud-standalone/values.yaml b/charts/calyptia-cloud-standalone/values.yaml
index cbc65dd..74b197c 100644
--- a/charts/calyptia-cloud-standalone/values.yaml
+++ b/charts/calyptia-cloud-standalone/values.yaml
@@ -37,6 +37,12 @@ global:
# password:
# email: ci@calyptia.com
#
+# Shared authentication for back and front ends
+authentication:
+ secret:
+ name: auth-secret
+ # Only supported mode is singleTenant
+ # mode: singleTenant
cloudApi:
enabled: true
service:
@@ -70,7 +76,7 @@ cloudApi:
cloud:
registry: ghcr.io
repository: calyptia/cloud
- tag: 1.6.5
+ tag: 1.6.8
pullSecrets: []
kubectl:
registry: docker.io
@@ -91,6 +97,12 @@ cloudApi:
create: true
name: ""
annotations: {}
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
# All influx config
influxdb:
# Disable if providing separately
@@ -137,7 +149,7 @@ frontend:
frontend:
registry: ghcr.io
repository: calyptia/frontend
- tag: 1.5.0
+ tag: 1.5.3
pullSecrets: []
luaSandbox:
registry: ghcr.io
@@ -171,6 +183,12 @@ frontend:
port: http
failureThreshold: 30
periodSeconds: 60
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
luaSandbox:
replicas: 1
resources:
@@ -178,6 +196,12 @@ frontend:
memory: 500Mi
cpu: 500m
requests: {}
+ autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetMemoryUtilizationPercentage: 50
+ targetCPUUtilizationPercentage: 50
kubectl:
resources:
limits: {}
@@ -251,44 +275,6 @@ ingress:
monitoring:
fluentBit: true
grafana: false
-# Auto reload support
-reloader:
- enabled: true
- reloadOnCreate: true
- syncAfterRestart: true
- rbac:
- create: true
- serviceAccount:
- create: true
- name: ""
- annotations: {}
- images:
- reloader:
- registry: ghcr.io
- repository: calyptia/reloader
- tag: 1.0.41
- pullSecrets: []
- livenessProbe:
- httpGet:
- path: /live
- port: http
- timeoutSeconds: 5
- failureThreshold: 5
- periodSeconds: 10
- successThreshold: 1
- initialDelaySeconds: 10
- readinessProbe:
- httpGet:
- path: /metrics
- port: http
- timeoutSeconds: 5
- failureThreshold: 5
- periodSeconds: 10
- successThreshold: 1
- initialDelaySeconds: 10
- resources:
- limits: {}
- requests: {}
#
# Dependent chart config: https://github.com/calyptia/charts/tree/master/charts/core-crd
core-crd:
@@ -301,7 +287,7 @@ core-crd:
fluentBit:
registry: ghcr.io
repository: calyptia/core/calyptia-fluent-bit
- tag: 23.11.1
+ tag: 23.11.3
pullSecrets: []
ingestCheck:
registry: ghcr.io
@@ -315,7 +301,7 @@ core-operator:
operator:
registry: ghcr.io
repository: calyptia/core-operator
- tag: 2.0.21
+ tag: 2.0.25
pullSecrets: []
hotReload:
registry: ghcr.io
@@ -326,12 +312,12 @@ core-operator:
toCloud:
registry: ghcr.io
repository: calyptia/core-operator/sync-to-cloud
- tag: 2.0.21
+ tag: 2.0.25
pullSecrets: []
fromCloud:
registry: ghcr.io
repository: calyptia/core-operator/sync-from-cloud
- tag: 2.0.21
+ tag: 2.0.25
pullSecrets: []
annotations:
prometheus.io/scrape: "true"
@@ -395,7 +381,7 @@ monitoring-daemonset:
image:
# Have to customise separately
repository: ghcr.io/calyptia/core/calyptia-fluent-bit
- tag: 23.11.1
+ tag: 23.11.3
pullPolicy: IfNotPresent
# Modify this to use any other CM you want
existingConfigMap: monitoring-daemonset
@@ -470,8 +456,6 @@ monitoring-daemonset:
- name: hostsys
mountPath: /host/sys
readOnly: true
- annotations:
- reloader.stakater.com/auto: "true"
monitoring-aggregator:
kind: Deployment
replicaCount: 1
@@ -479,7 +463,7 @@ monitoring-aggregator:
- regcreds
image:
repository: ghcr.io/calyptia/core/calyptia-fluent-bit
- tag: 23.11.1
+ tag: 23.11.3
pullPolicy: IfNotPresent
# Modify this to use any other CM you want
existingConfigMap: monitoring-aggregator
@@ -509,5 +493,3 @@ monitoring-aggregator:
metrics.dynatrace.com/scrape: "true"
metrics.dynatrace.com/path: "/metrics"
metrics.dynatrace.com/port: '2021'
- annotations:
- reloader.stakater.com/auto: "true"
diff --git a/support.sh b/support.sh
index 52d5f77..a38fb25 100755
--- a/support.sh
+++ b/support.sh
@@ -38,6 +38,7 @@ mkdir -p "$OUTPUT_DIR"
\kubectl get nodes -o yaml > "$OUTPUT_DIR"/kubectl-nodes.yaml
\kubectl get pods --all-namespaces -o yaml > "$OUTPUT_DIR"/kubectl-all-pods.yaml
\kubectl describe all --all-namespaces > "$OUTPUT_DIR"/kubectl-all.log
+\kubectl get -o yaml crd > "$OUTPUT_DIR"/kubectl-crds.yaml
mkdir -p "$OUTPUT_DIR"/cluster
\kubectl cluster-info dump --all-namespaces -o yaml --output-directory="$OUTPUT_DIR"/cluster
@@ -55,8 +56,13 @@ do
# Attempt to discover token and url for cloud-api in cluster
if [[ -z "$CALYPTIA_CLOUD_TOKEN" ]]; then
if \kubectl get --namespace "$namespace" secret auth-secret &>/dev/null; then
- CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)
+ CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.token}'| base64 --decode)
export CALYPTIA_CLOUD_TOKEN
+ if [[ -z "$CALYPTIA_CLOUD_TOKEN" ]]; then
+ # Use the old approach
+ CALYPTIA_CLOUD_TOKEN=$(kubectl get --namespace "$namespace" secret auth-secret -o jsonpath='{.data.ONPREM_CLOUD_API_PROJECT_TOKEN}'| base64 --decode)
+ export CALYPTIA_CLOUD_TOKEN
+ fi
# Detain the token for comparison in the pod specs
echo -n "$CALYPTIA_CLOUD_TOKEN" > "${OUTPUT_DIR}"/token.txt
fi