Sreekb/krv 17923 gitops #419

bharathsreekanth · 2024-05-07T15:47:01Z

Is this a new chart?

No (Redis deployment within the csm-auth helm charts enhanced to deploy Redis with sentinel. Existing charts modified and new charts added for deploying Redis in sentinel mode).

What this PR does / why we need it:

Enhancements to deploy Redis to support multiple replicas in a master-replica configuration (with replicas continuously replicating from the current master) along with sentinels to monitor the Redis DB.

Which issue(s) is this PR associated with:

dell/csm#1281

#Issue_Number

Special notes for your reviewer:

Redis sentinel names are dynamically computed depending on the number of replicas configured in values.
Simple K8s secret used to set the authentication via password for redis instances to communicate with each other as well as the proxy-server. Redis does not support any K8S secret or encrypted passwords natively. All passwords are handled natively in plain-text. I am using a plain text password here for some security, but It could be base64 encoded if needed. If you have more questions on secret here, let me know.
Proxy-server and tenant-service charts modified to use sentinel hosts instead of Redis DB addresses to talk to Redis database instances.
Merging this PR also requires PR in csm-authorization repo to go in simultaneously. (I will coordinate that).

Checklist:

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

Chart Version bumped
Variables are documented in the chart README.md
Title of the PR starts with the chart name (e.g. [charts_dir/mychartname]) if applicable

charts/csm-authorization/values.yaml

atye

Commits should be signed.

bharathsreekanth · 2024-05-08T16:00:22Z

Commits should be signed.

@atye TY for helping me with signed commits.

bharathsreekanth · 2024-05-09T12:04:56Z

Commits should be signed.

done.

charts/csm-authorization/charts/redis/templates/redis.yaml

Helm chart update to deploy Redis with sentinels.

* add proxy-server sa * [csm-authorization]: Add Vault configuration to storage-service (#350) * Add Storage and CSMRole CRD into Authorization helm chart. (#305) * add crds * change group name * Revert "change group name" This reverts commit de262a3. * vault updates * vault agent updates * remove vault configs * revert to vautl client * configure vault certs * finish updates * revert values * revert values * revert values --------- Co-authored-by: Luna Xu <[email protected]> * customize namespace (#352) * Update role-service for gitops (#356) * pass in storage service to role service * remove duplicate * add tenant crd (#351) * add event watch (#396) * add csmtenants access to proxy-server (#403) * add csmtenants access to proxy-server * add csmtenants access to proxy-server * remove storage service (#411) * Use default openshift ingress (#414) * use default openshift ingress * update comments * update crds for storage, role, and tenant (#415) * [KRV-21812] Storage capacity poll interval (#416) * [KRV-21812] Added storagePollInterval param * [KRV-21812] Rename param * [KRV-21812] Move param in config map * [KRV-21812] Comment * [KRV-21812] Capitalize parameter * Sreekb/krv 17923 gitops (#419) Helm chart update to deploy Redis with sentinels. * add vault role to values (#422) * Add snapshot policy and storage service compatibility (#423) * Add snapshots create policy * Add clusterroles for storage service * Add leaderelection arg * Address PR comments * Address PR comments * chart/csm-authorization support authorization-controller deployment in cluster (#429) * add support for authorization-controller deployment in cluster * add support for authorization-controller deployment in cluster * add password to redis commander (#430) * fix rebase * address PR comments --------- Co-authored-by: Luna Xu <[email protected]> Co-authored-by: shaynafinocchiaro <[email protected]> Co-authored-by: alikdell <[email protected]> Co-authored-by: EvgenyUglov <[email protected]> Co-authored-by: Bharath Sreekanth <[email protected]> Co-authored-by: Fernando Alfaro Campos <[email protected]>

* Release 1.10.1 (#401) (#405) * Fix Helm deployment of vxflexos driver (#397) * [csm-application-mobility] Revert app mobility version changes (#399) * Revert app mobility version changes --------- Co-authored-by: Adarsh Kumar Yadav <[email protected]> Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> * Bump chart driver versions for CSM 1.11 (#407) * Luna/fix encryption (#404) * fix conflicts * Bumping reverseproxy version (#371) * COSI driver verion bump up (#370) * CSI-Sidecars version bumpup (#372) * CSI-Sidecars version bumpup * Snapshotter patch version update * app mobility version bump (#374) * change default value (#381) * version bumps (#378) * Updated CSI Metadata Version (#382) * change to deploy encryption * Update Chart.yaml * Update values.yaml * Update Chart.yaml * Update values.yaml --------- Co-authored-by: boyamurthy <[email protected]> Co-authored-by: Adarsh Kumar Yadav <[email protected]> Co-authored-by: Rishabh Raj <[email protected]> Co-authored-by: Aaron Tye <[email protected]> Co-authored-by: Luna Xu <[email protected]> Co-authored-by: Luna Xu <[email protected]> Co-authored-by: shaynafinocchiaro <[email protected]> * `[charts/csi-unity]` fix: add allowedNetworks parameter (#406) * fix: add allowedNetworks parameter * change release version * [multiple charts] Set default container to driver (#409) * Remove check on maximum version of kube (#410) * Bump Observability version (#412) * Bump the module versions (#417) * Address linting errors (#450) * fix linting issues * revert version changes * [BUG]: [csi-vxflexos]: Update `controller.yaml` template (#428) * Release 1.10.1 (#401) * Fix Helm deployment of vxflexos driver (#397) * [csm-application-mobility] Revert app mobility version changes (#399) * Revert app mobility version changes --------- Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> * Update driver/module versions for 10.0.2 (#424) * Revert "Update driver/module versions for 10.0.2 (#424)" (#425) * Update controller.yaml Removed unknown field under "spec.template.spec.affinity.nodeSelector" --------- Co-authored-by: Adarsh Kumar Yadav <[email protected]> Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> Co-authored-by: boyamurthy <[email protected]> Co-authored-by: shaynafinocchiaro <[email protected]> * Powermax resiliency changes (#421) * Do not install additional instance of retriever when Encryption is enabled. (#453) * Updating latest sidecar versions (#454) * update usage of allowedNetworks in unity values.yaml (#455) * Removed warning from Chart (#457) Add complex version check example back * Added the patch verb to volumesnapshotcontents/status to fix snapshots creation. (#458) Co-authored-by: JacobGros <[email protected]> * [charts/csm-authorization]: CSM Authorization v2 (#459) * add proxy-server sa * [csm-authorization]: Add Vault configuration to storage-service (#350) * Add Storage and CSMRole CRD into Authorization helm chart. (#305) * add crds * change group name * Revert "change group name" This reverts commit de262a3. * vault updates * vault agent updates * remove vault configs * revert to vautl client * configure vault certs * finish updates * revert values * revert values * revert values --------- Co-authored-by: Luna Xu <[email protected]> * customize namespace (#352) * Update role-service for gitops (#356) * pass in storage service to role service * remove duplicate * add tenant crd (#351) * add event watch (#396) * add csmtenants access to proxy-server (#403) * add csmtenants access to proxy-server * add csmtenants access to proxy-server * remove storage service (#411) * Use default openshift ingress (#414) * use default openshift ingress * update comments * update crds for storage, role, and tenant (#415) * [KRV-21812] Storage capacity poll interval (#416) * [KRV-21812] Added storagePollInterval param * [KRV-21812] Rename param * [KRV-21812] Move param in config map * [KRV-21812] Comment * [KRV-21812] Capitalize parameter * Sreekb/krv 17923 gitops (#419) Helm chart update to deploy Redis with sentinels. * add vault role to values (#422) * Add snapshot policy and storage service compatibility (#423) * Add snapshots create policy * Add clusterroles for storage service * Add leaderelection arg * Address PR comments * Address PR comments * chart/csm-authorization support authorization-controller deployment in cluster (#429) * add support for authorization-controller deployment in cluster * add support for authorization-controller deployment in cluster * add password to redis commander (#430) * fix rebase * address PR comments --------- Co-authored-by: Luna Xu <[email protected]> Co-authored-by: shaynafinocchiaro <[email protected]> Co-authored-by: alikdell <[email protected]> Co-authored-by: EvgenyUglov <[email protected]> Co-authored-by: Bharath Sreekanth <[email protected]> Co-authored-by: Fernando Alfaro Campos <[email protected]> * Updated SDC Version (#460) * make roundoff_file_system param to true (#462) * make roundoff_file_system param default to true (#463) * [charts/csm-authorization-v2.0] Move Authorization V2 to a new chart (#464) * move authorization v2 to separate helm chart * update v2 version in chart.yaml * add new line * remove storage secret * Updated migrator and node-rescanner versions for 1.11 (#467) * [charts/csm-application-mobility] Fix am charts (#466) * Change 0.4 -> 0.3, there is no 0.4 AM version * Update values.yaml --------- Co-authored-by: shaynafinocchiaro <[email protected]> * Merge main branch into release-v1.11 branch (#468) * Release 1.10.1 (#401) * Fix Helm deployment of vxflexos driver (#397) * [csm-application-mobility] Revert app mobility version changes (#399) * Revert app mobility version changes --------- Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> * Update driver/module versions for 10.0.2 (#424) * Revert "Update driver/module versions for 10.0.2 (#424)" (#425) * Release v1.10.2 rebase resolved (#440) * Update driver/module versions for 10.0.2 (#426) * removed extra space from sidecar suffix (#433) * Update cosi versions (#434) * Rebase branch (#436) * Update driver/module versions for 10.0.2 (#424) * Revert "Update driver/module versions for 10.0.2 (#424)" (#425) --------- Co-authored-by: boyamurthy <[email protected]> * Update driver/module versions for 10.0.2 (#426) * removed extra space from sidecar suffix (#433) * Update cosi versions (#434) --------- Co-authored-by: boyamurthy <[email protected]> * Revert "Release v1.10.2 rebase resolved (#440)" (#441) This reverts commit 34e764e. * Release v1.10.2 (#445) * Update driver/module versions for 10.0.2 (#426) * removed extra space from sidecar suffix (#433) * Update cosi versions (#434) * Rebase branch (#436) * Update driver/module versions for 10.0.2 (#424) * Revert "Update driver/module versions for 10.0.2 (#424)" (#425) --------- Co-authored-by: boyamurthy <[email protected]> * Update driver/module versions for 10.0.2 (#426) * removed extra space from sidecar suffix (#433) * Update cosi versions (#434) * Reverse proxy issue * Reverse proxy issue (#443) --------- Co-authored-by: boyamurthy <[email protected]> Co-authored-by: shefali-malhotra <[email protected]> * Add yaml lint GitHub Action (#447) * add yamllint github action * add exception * Update helm chart validation action (#449) * remove outdated helm-validations actions and replace with updated action * don't validate maintainers * disable error on braces * update rule * update rules * update rules * ignore template and crd files * lint file * version changes * edits * ignore linting on crd files because they are autogenerated * fix chart linting * fix linting * disable chart linting temporarily * remove doc separator --------- Co-authored-by: Adarsh Kumar Yadav <[email protected]> Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> Co-authored-by: boyamurthy <[email protected]> Co-authored-by: shefali-malhotra <[email protected]> Co-authored-by: HarishH-DELL <[email protected]> Co-authored-by: Chiman Jain <[email protected]> * Updated Encryption images for CSM 1.11 (#470) * Fix version mismatch in 1.11 branch (#471) * Fix version mismatch in 1.11 branch * Revert app mobility changes * Delete charts/csm-application-mobility directory (#472) * Address PR comments for "Release v1.11.0" (#473) * address PR comments * close quotation marks * add new line * make sdc image consistent * Update Health Monitor Sidecar (#474) --------- Co-authored-by: Surya Gupta <[email protected]> Co-authored-by: Adarsh Kumar Yadav <[email protected]> Co-authored-by: KshitijaKakde <[email protected]> Co-authored-by: gallacher <[email protected]> Co-authored-by: boyamurthy <[email protected]> Co-authored-by: bogdanNovikovDell <[email protected]> Co-authored-by: Rishabh Raj <[email protected]> Co-authored-by: Aaron Tye <[email protected]> Co-authored-by: Luna Xu <[email protected]> Co-authored-by: Luna Xu <[email protected]> Co-authored-by: mdutka-dell <[email protected]> Co-authored-by: coulof <[email protected]> Co-authored-by: HarishH-DELL <[email protected]> Co-authored-by: Waji <[email protected]> Co-authored-by: delldubey <[email protected]> Co-authored-by: alexemc <[email protected]> Co-authored-by: Bharath Sreekanth <[email protected]> Co-authored-by: JacobGros <[email protected]> Co-authored-by: alikdell <[email protected]> Co-authored-by: EvgenyUglov <[email protected]> Co-authored-by: Fernando Alfaro Campos <[email protected]> Co-authored-by: shefali-malhotra <[email protected]> Co-authored-by: Santhosh Lakshmanan <[email protected]> Co-authored-by: Chiman Jain <[email protected]> Co-authored-by: Akshay Saini <[email protected]> Co-authored-by: Trevor Dawe <[email protected]>

* add proxy-server sa * [csm-authorization]: Add Vault configuration to storage-service (#350) * Add Storage and CSMRole CRD into Authorization helm chart. (#305) * add crds * change group name * Revert "change group name" This reverts commit de262a3. * vault updates * vault agent updates * remove vault configs * revert to vautl client * configure vault certs * finish updates * revert values * revert values * revert values --------- Co-authored-by: Luna Xu <[email protected]> * customize namespace (#352) * Update role-service for gitops (#356) * pass in storage service to role service * remove duplicate * add tenant crd (#351) * add event watch (#396) * add csmtenants access to proxy-server (#403) * add csmtenants access to proxy-server * add csmtenants access to proxy-server * remove storage service (#411) * Use default openshift ingress (#414) * use default openshift ingress * update comments * update crds for storage, role, and tenant (#415) * [KRV-21812] Storage capacity poll interval (#416) * [KRV-21812] Added storagePollInterval param * [KRV-21812] Rename param * [KRV-21812] Move param in config map * [KRV-21812] Comment * [KRV-21812] Capitalize parameter * Sreekb/krv 17923 gitops (#419) Helm chart update to deploy Redis with sentinels. * add vault role to values (#422) * Add snapshot policy and storage service compatibility (#423) * Add snapshots create policy * Add clusterroles for storage service * Add leaderelection arg * Address PR comments * Address PR comments * chart/csm-authorization support authorization-controller deployment in cluster (#429) * add support for authorization-controller deployment in cluster * add support for authorization-controller deployment in cluster * add password to redis commander (#430) * fix rebase * address PR comments --------- Co-authored-by: Luna Xu <[email protected]> Co-authored-by: shaynafinocchiaro <[email protected]> Co-authored-by: alikdell <[email protected]> Co-authored-by: EvgenyUglov <[email protected]> Co-authored-by: Bharath Sreekanth <[email protected]> Co-authored-by: Fernando Alfaro Campos <[email protected]>

bharathsreekanth closed this May 7, 2024

bharathsreekanth reopened this May 7, 2024

bharathsreekanth marked this pull request as ready for review May 8, 2024 11:43

atye reviewed May 8, 2024

View reviewed changes

charts/csm-authorization/values.yaml Outdated Show resolved Hide resolved

atye reviewed May 8, 2024

View reviewed changes

charts/csm-authorization/values.yaml Outdated Show resolved Hide resolved

atye requested changes May 8, 2024

View reviewed changes

bharathsreekanth added 10 commits May 8, 2024 11:49

updates to charts for passwords among other things

ffca174

Changes to sentinel info

a931589

Minor changes for clean code

d10b941

REDIS helm chart for auth-proxy

d613f7c

fix merge issues

e263aae

fix more merge issues

c46eb11

fix vault address

7903526

fix more merge/rebase issues

1a11c49

fixed review comments

c11a46c

Fix comment

1f45379

bharathsreekanth force-pushed the sreekb/KRV-17923-gitops branch from df30fb9 to 1f45379 Compare May 8, 2024 15:50

bharathsreekanth added 2 commits May 8, 2024 11:52

Fix typo

7d26b49

Fix proxy and tenant address

965ce02

atye approved these changes May 8, 2024

View reviewed changes

KerryKovacevic approved these changes May 8, 2024

View reviewed changes

tdawe reviewed May 9, 2024

View reviewed changes

charts/csm-authorization/charts/redis/templates/redis.yaml Show resolved Hide resolved

Fix naming terminology

298c924

bharathsreekanth requested a review from tdawe May 9, 2024 13:32

tdawe approved these changes May 9, 2024

View reviewed changes

bharathsreekanth merged commit 3fca425 into authorization-gitops May 9, 2024
1 check passed

bharathsreekanth deleted the sreekb/KRV-17923-gitops branch June 12, 2024 14:32

atye pushed a commit that referenced this pull request Jun 21, 2024

Sreekb/krv 17923 gitops (#419)

4e95896

Helm chart update to deploy Redis with sentinels.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sreekb/krv 17923 gitops #419

Sreekb/krv 17923 gitops #419

bharathsreekanth commented May 7, 2024 •

edited

Loading

atye left a comment

bharathsreekanth commented May 8, 2024

bharathsreekanth commented May 9, 2024

Sreekb/krv 17923 gitops #419

Sreekb/krv 17923 gitops #419

Conversation

bharathsreekanth commented May 7, 2024 • edited Loading

Is this a new chart?

What this PR does / why we need it:

Which issue(s) is this PR associated with:

Special notes for your reviewer:

Checklist:

atye left a comment

Choose a reason for hiding this comment

bharathsreekanth commented May 8, 2024

bharathsreekanth commented May 9, 2024

bharathsreekanth commented May 7, 2024 •

edited

Loading