-
Notifications
You must be signed in to change notification settings - Fork 101
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Copied and modified teh helm chart available in Gardener repo.
- Loading branch information
Showing
5 changed files
with
405 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| apiVersion: v1 | ||
| description: Helm chart for etcd | ||
| name: etcd | ||
| version: 0.1.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| --- | ||
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: etcd-bootstrap-{{ .Values.role }} | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| app: etcd | ||
| data: | ||
| bootstrap.sh: |- | ||
| #!/bin/sh | ||
| while true; | ||
| do | ||
| wget http://localhost:8080/initialization/status -S -O status; | ||
| STATUS=`cat status`; | ||
| case $STATUS in | ||
| "New") | ||
| wget http://localhost:8080/initialization/start -S -O - ;; | ||
| "Progress") | ||
| sleep 1; | ||
| continue;; | ||
| "Failed") | ||
| continue;; | ||
| "Successful") | ||
| exec etcd --config-file /var/etcd/config/etcd.conf.yaml | ||
| ;; | ||
| esac; | ||
| done | ||
| etcd.conf.yaml: |- | ||
| # Human-readable name for this member. | ||
| name: etcd-{{.Values.role}} | ||
| # Path to the data directory. | ||
| data-dir: /var/etcd/data/new.etcd | ||
| # Number of committed transactions to trigger a snapshot to disk. | ||
| snapshot-count: 75000 | ||
| # Raise alarms when backend size exceeds the given quota. 0 means use the | ||
| # default quota. | ||
| quota-backend-bytes: 8589934592 | ||
| # List of comma separated URLs to listen on for client traffic. | ||
| listen-client-urls: {{ if .Values.tls }}https{{ else }}http{{ end }}://0.0.0.0:2379 | ||
| # List of this member's client URLs to advertise to the public. | ||
| # The URLs needed to be a comma-separated list. | ||
| advertise-client-urls: {{ if .Values.tls }}https{{ else }}http{{ end }}://0.0.0.0:2379 | ||
| # Initial cluster token for the etcd cluster during bootstrap. | ||
| initial-cluster-token: 'new' | ||
| # Initial cluster state ('new' or 'existing'). | ||
| initial-cluster-state: 'new' | ||
| {{- if .Values.tls }} | ||
| client-transport-security: | ||
| # Path to the client server TLS cert file. | ||
| cert-file: /var/etcd/ssl/server/tls.crt | ||
|
|
||
| # Path to the client server TLS key file. | ||
| key-file: /var/etcd/ssl/server/tls.key | ||
|
|
||
| # Enable client cert authentication. | ||
| client-cert-auth: true | ||
|
|
||
| # Path to the client server TLS trusted CA cert file. | ||
| trusted-ca-file: /var/etcd/ssl/ca/ca.crt | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: etcd-{{ .Values.role }}-client | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| app: etcd-statefulset | ||
| role: {{ .Values.role }} | ||
| spec: | ||
| type: ClusterIP | ||
| sessionAffinity: None | ||
| selector: | ||
| app: etcd-statefulset | ||
| role: {{ .Values.role }} | ||
| ports: | ||
| - name: client | ||
| protocol: TCP | ||
| port: 2379 | ||
| targetPort: 2379 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,180 @@ | ||
| apiVersion: apps/v1 | ||
| kind: StatefulSet | ||
| metadata: | ||
| name: etcd-{{ .Values.role }} | ||
| namespace: {{ .Release.Namespace }} | ||
| labels: | ||
| app: etcd-statefulset | ||
| role: {{ .Values.role }} | ||
| spec: | ||
| updateStrategy: | ||
| type: RollingUpdate | ||
| serviceName: etcd-{{.Values.role}} | ||
| replicas: {{ .Values.replicas }} | ||
| selector: | ||
| matchLabels: | ||
| app: etcd-statefulset | ||
| role: {{ .Values.role }} | ||
| template: | ||
| metadata: | ||
| annotations: | ||
| checksum/configmap-etcd-bootstrap: {{ include (print $.Template.BasePath "/etcd-bootstrap-configmap.yaml") . | sha256sum }} | ||
| {{- if .Values.podAnnotations }} | ||
| {{ toYaml .Values.podAnnotations | indent 8 }} | ||
| {{- end }} | ||
| labels: | ||
| app: etcd-statefulset | ||
| role: {{ .Values.role }} | ||
| spec: | ||
| containers: | ||
| - name: etcd | ||
| image: {{ index .Values.images "etcd" }} | ||
| imagePullPolicy: IfNotPresent | ||
| command: | ||
| - /var/etcd/bin/bootstrap.sh | ||
| readinessProbe: | ||
| httpGet: | ||
| path: /healthz | ||
| port: 8080 | ||
| initialDelaySeconds: 15 | ||
| periodSeconds: 5 | ||
| livenessProbe: | ||
| exec: | ||
| command: | ||
| - /bin/sh | ||
| - -ec | ||
| - ETCDCTL_API=3 | ||
| - etcdctl | ||
| - --config-file=/var/etcd/config/etcd.conf.yaml | ||
| - get | ||
| - foo | ||
| initialDelaySeconds: 15 | ||
| periodSeconds: 5 | ||
| ports: | ||
| - containerPort: 2380 | ||
| name: serverport | ||
| protocol: TCP | ||
| - containerPort: 2379 | ||
| name: clientport | ||
| protocol: TCP | ||
| resources: | ||
| requests: | ||
| cpu: 200m | ||
| memory: 500Mi | ||
| limits: | ||
| cpu: 750m | ||
| memory: 2560Mi | ||
| volumeMounts: | ||
| - name: etcd-{{ .Values.role }} | ||
| mountPath: /var/etcd/data | ||
| - name: etcd-bootstrap-sh | ||
| mountPath: /var/etcd/bin/ | ||
| - name: etcd-config-file | ||
| mountPath: /var/etcd/config/ | ||
| {{- if .Values.tls }} | ||
| - name: ca-etcd | ||
| mountPath: /var/etcd/ssl/ca | ||
| - name: etcd-server-tls | ||
| mountPath: /var/etcd/ssl/server | ||
| - name: etcd-client-tls | ||
| mountPath: /var/etcd/ssl/client | ||
| {{- end }} | ||
| - name: backup-restore | ||
| command: | ||
| - etcdbrctl | ||
| - server | ||
| - --schedule={{ .Values.backup.schedule }} | ||
| {{- if eq .Values.backup.garbageCollectionPolicy "LimitBased" }} | ||
| - --max-backups={{ .Values.backup.maxBackups }} | ||
| - --garbage-collection-policy={{ .Values.gabageCollectionPolicy }} | ||
| {{- end }} | ||
| - --data-dir=/var/etcd/data/new.etcd | ||
| - --storage-provider={{ .Values.backup.storageProvider }} | ||
| - --store-prefix=etcd-{{ .Values.role }} | ||
| {{- if .Values.tls }} | ||
| - --cert=/var/etcd/ssl/client/tls.crt | ||
| - --key=/var/etcd/ssl/client/tls.key | ||
| - --cacert=/var/etcd/ssl/ca/ca.crt | ||
| - --insecure-transport=false | ||
| - --insecure-skip-tls-verify=false | ||
| - --endpoints=https://etcd-{{ .Values.role }}-0:2379 | ||
| {{ else }} | ||
| - --insecure-transport=true | ||
| - --insecure-skip-tls-verify=true | ||
| - --endpoints=http://etcd-{{ .Values.role }}-0:2379 | ||
| {{- end }} | ||
| - --etcd-connection-timeout=300 | ||
| - --delta-snapshot-period-seconds=300 | ||
| image: {{ index .Values.images "etcd-backup-restore" }} | ||
| imagePullPolicy: IfNotPresent | ||
| ports: | ||
| - containerPort: 8080 | ||
| name: server | ||
| protocol: TCP | ||
| resources: | ||
| requests: | ||
| cpu: 100m | ||
| memory: 128Mi | ||
| limits: | ||
| cpu: 300m | ||
| memory: 1Gi | ||
| env: | ||
| - name: STORAGE_CONTAINER | ||
| value: {{ .Values.backup.storageContainer }} | ||
| {{- if .Values.backup.env }} | ||
| {{ toYaml .Values.backup.env | indent 8 }} | ||
| {{- end }} | ||
| volumeMounts: | ||
| - name: etcd-{{ .Values.role }} | ||
| mountPath: /var/etcd/data | ||
| - name: etcd-config-file | ||
| mountPath: /var/etcd/config/ | ||
| {{- if .Values.tls }} | ||
| - name: ca-etcd | ||
| mountPath: /var/etcd/ssl/ca | ||
| - name: etcd-client-tls | ||
| mountPath: /var/etcd/ssl/client | ||
| {{- end }} | ||
| {{- if .Values.backup.volumeMounts }} | ||
| {{ toYaml .Values.backup.volumeMounts | indent 8 }} | ||
| {{- end }} | ||
| volumes: | ||
| - name: etcd-bootstrap-sh | ||
| configMap: | ||
| name: etcd-bootstrap-{{ .Values.role }} | ||
| defaultMode: 0744 | ||
| items: | ||
| - key: bootstrap.sh | ||
| path: bootstrap.sh | ||
| - name: etcd-config-file | ||
| configMap: | ||
| name: etcd-bootstrap-{{ .Values.role }} | ||
| defaultMode: 0644 | ||
| items: | ||
| - key: etcd.conf.yaml | ||
| path: etcd.conf.yaml | ||
| {{- if .Values.tls }} | ||
| - name: etcd-server-tls | ||
| secret: | ||
| secretName: {{ .Values.tls.serverSecret }} | ||
| - name: etcd-client-tls | ||
| secret: | ||
| secretName: {{ .Values.tls.clientSecret }} | ||
| - name: ca-etcd | ||
| secret: | ||
| secretName: {{ .Values.tls.caSecret }} | ||
| {{- if .Values.backup.storageProvider }} | ||
| - name: {{ .Values.backup.backupSecret }} | ||
| secret: | ||
| secretName: {{ .Values.backup.backupSecret }} | ||
| {{- end }} | ||
| {{- end }} | ||
| volumeClaimTemplates: | ||
| - metadata: | ||
| name: etcd-{{ .Values.role }} | ||
| spec: | ||
| accessModes: | ||
| - "ReadWriteOnce" | ||
| resources: | ||
| requests: | ||
| storage: 10Gi |
Oops, something went wrong.