Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add helm chart #59

Merged
merged 1 commit into from
Dec 15, 2018
Merged

Add helm chart #59

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions chart/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
description: Helm chart for etcd
name: etcd
version: 0.1.0
69 changes: 69 additions & 0 deletions chart/templates/etcd-bootstrap-configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: etcd-bootstrap-{{ .Values.role }}
namespace: {{ .Release.Namespace }}
labels:
app: etcd
data:
bootstrap.sh: |-
#!/bin/sh
while true;
do
wget http://localhost:8080/initialization/status -S -O status;
STATUS=`cat status`;
case $STATUS in
"New")
wget http://localhost:8080/initialization/start -S -O - ;;
"Progress")
sleep 1;
continue;;
"Failed")
continue;;
"Successful")
exec etcd --config-file /var/etcd/config/etcd.conf.yaml
;;
esac;
done
etcd.conf.yaml: |-
# Human-readable name for this member.
name: etcd-{{.Values.role}}

# Path to the data directory.
data-dir: /var/etcd/data/new.etcd

# Number of committed transactions to trigger a snapshot to disk.
snapshot-count: 75000

# Raise alarms when backend size exceeds the given quota. 0 means use the
# default quota.
quota-backend-bytes: 8589934592

# List of comma separated URLs to listen on for client traffic.
listen-client-urls: {{ if .Values.tls }}https{{ else }}http{{ end }}://0.0.0.0:2379

# List of this member's client URLs to advertise to the public.
# The URLs needed to be a comma-separated list.
advertise-client-urls: {{ if .Values.tls }}https{{ else }}http{{ end }}://0.0.0.0:2379

# Initial cluster token for the etcd cluster during bootstrap.
initial-cluster-token: 'new'

# Initial cluster state ('new' or 'existing').
initial-cluster-state: 'new'

{{- if .Values.tls }}
client-transport-security:
# Path to the client server TLS cert file.
cert-file: /var/etcd/ssl/server/tls.crt

# Path to the client server TLS key file.
key-file: /var/etcd/ssl/server/tls.key

# Enable client cert authentication.
client-cert-auth: true

# Path to the client server TLS trusted CA cert file.
trusted-ca-file: /var/etcd/ssl/ca/ca.crt
{{- end }}
19 changes: 19 additions & 0 deletions chart/templates/etcd-client-service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: v1
kind: Service
metadata:
name: etcd-{{ .Values.role }}-client
namespace: {{ .Release.Namespace }}
labels:
app: etcd-statefulset
role: {{ .Values.role }}
spec:
type: ClusterIP
sessionAffinity: None
selector:
app: etcd-statefulset
role: {{ .Values.role }}
ports:
- name: client
protocol: TCP
port: 2379
targetPort: 2379
180 changes: 180 additions & 0 deletions chart/templates/etcd-statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: etcd-{{ .Values.role }}
namespace: {{ .Release.Namespace }}
labels:
app: etcd-statefulset
role: {{ .Values.role }}
spec:
updateStrategy:
type: RollingUpdate
serviceName: etcd-{{.Values.role}}
replicas: {{ .Values.replicas }}
selector:
matchLabels:
app: etcd-statefulset
role: {{ .Values.role }}
template:
metadata:
annotations:
checksum/configmap-etcd-bootstrap: {{ include (print $.Template.BasePath "/etcd-bootstrap-configmap.yaml") . | sha256sum }}
{{- if .Values.podAnnotations }}
swapnilgm marked this conversation as resolved.
Show resolved Hide resolved
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
labels:
app: etcd-statefulset
role: {{ .Values.role }}
spec:
containers:
- name: etcd
image: {{ index .Values.images "etcd" }}
imagePullPolicy: IfNotPresent
command:
- /var/etcd/bin/bootstrap.sh
readinessProbe:
httpGet:
path: /healthz
port: 8080
initialDelaySeconds: 15
periodSeconds: 5
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- ETCDCTL_API=3
- etcdctl
- --config-file=/var/etcd/config/etcd.conf.yaml
- get
- foo
initialDelaySeconds: 15
periodSeconds: 5
ports:
- containerPort: 2380
name: serverport
protocol: TCP
- containerPort: 2379
name: clientport
protocol: TCP
resources:
requests:
cpu: 200m
memory: 500Mi
limits:
cpu: 750m
memory: 2560Mi
volumeMounts:
- name: etcd-{{ .Values.role }}
mountPath: /var/etcd/data
- name: etcd-bootstrap-sh
mountPath: /var/etcd/bin/
- name: etcd-config-file
mountPath: /var/etcd/config/
{{- if .Values.tls }}
- name: ca-etcd
mountPath: /var/etcd/ssl/ca
- name: etcd-server-tls
mountPath: /var/etcd/ssl/server
- name: etcd-client-tls
mountPath: /var/etcd/ssl/client
{{- end }}
- name: backup-restore
command:
- etcdbrctl
- server
- --schedule={{ .Values.backup.schedule }}
{{- if eq .Values.backup.garbageCollectionPolicy "LimitBased" }}
- --max-backups={{ .Values.backup.maxBackups }}
swapnilgm marked this conversation as resolved.
Show resolved Hide resolved
- --garbage-collection-policy={{ .Values.gabageCollectionPolicy }}
{{- end }}
- --data-dir=/var/etcd/data/new.etcd
- --storage-provider={{ .Values.backup.storageProvider }}
- --store-prefix=etcd-{{ .Values.role }}
{{- if .Values.tls }}
- --cert=/var/etcd/ssl/client/tls.crt
- --key=/var/etcd/ssl/client/tls.key
- --cacert=/var/etcd/ssl/ca/ca.crt
- --insecure-transport=false
- --insecure-skip-tls-verify=false
- --endpoints=https://etcd-{{ .Values.role }}-0:2379
{{ else }}
- --insecure-transport=true
- --insecure-skip-tls-verify=true
- --endpoints=http://etcd-{{ .Values.role }}-0:2379
{{- end }}
- --etcd-connection-timeout=300
- --delta-snapshot-period-seconds=300
image: {{ index .Values.images "etcd-backup-restore" }}
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: server
protocol: TCP
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 300m
memory: 1Gi
env:
- name: STORAGE_CONTAINER
value: {{ .Values.backup.storageContainer }}
{{- if .Values.backup.env }}
{{ toYaml .Values.backup.env | indent 8 }}
{{- end }}
volumeMounts:
- name: etcd-{{ .Values.role }}
mountPath: /var/etcd/data
- name: etcd-config-file
mountPath: /var/etcd/config/
{{- if .Values.tls }}
- name: ca-etcd
mountPath: /var/etcd/ssl/ca
- name: etcd-client-tls
mountPath: /var/etcd/ssl/client
{{- end }}
{{- if .Values.backup.volumeMounts }}
{{ toYaml .Values.backup.volumeMounts | indent 8 }}
{{- end }}
volumes:
- name: etcd-bootstrap-sh
configMap:
name: etcd-bootstrap-{{ .Values.role }}
defaultMode: 0744
items:
- key: bootstrap.sh
path: bootstrap.sh
- name: etcd-config-file
configMap:
name: etcd-bootstrap-{{ .Values.role }}
defaultMode: 0644
items:
- key: etcd.conf.yaml
path: etcd.conf.yaml
{{- if .Values.tls }}
- name: etcd-server-tls
secret:
secretName: {{ .Values.tls.serverSecret }}
- name: etcd-client-tls
secret:
secretName: {{ .Values.tls.clientSecret }}
- name: ca-etcd
secret:
secretName: {{ .Values.tls.caSecret }}
{{- end }}
{{- if not (eq .Values.backup.storageProvider "Local") }}
- name: {{ .Values.backup.backupSecret }}
secret:
secretName: {{ .Values.backup.backupSecret }}
{{- end }}
volumeClaimTemplates:
- metadata:
name: etcd-{{ .Values.role }}
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: 10Gi
Loading