Skip to content

Commit

Permalink
[incubator/rundeck] add pvc, sa, common labels, upgrade app and chart…
Browse files Browse the repository at this point in the history
… version (helm#22882)

* add pvc, sa, common labels, upgrade app and chart version

Signed-off-by: Jonathan Cole <[email protected]>

* cleanup trailing spaces

Signed-off-by: Jonathan Cole <[email protected]>

* missed readme update

Signed-off-by: Jonathan Cole <[email protected]>
  • Loading branch information
jonathan-mothership authored and includerandom committed Jul 19, 2020
1 parent bc33887 commit 8b96d73
Show file tree
Hide file tree
Showing 12 changed files with 140 additions and 51 deletions.
4 changes: 2 additions & 2 deletions incubator/rundeck/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v1
description: A Rundeck chart for Kubernetes
name: rundeck
home: https://github.com/rundeck/rundeck
version: 0.1.3
appVersion: 3.1.12
version: 0.2.0
appVersion: 3.2.7
keywords:
- rundeck
- jobs
Expand Down
19 changes: 13 additions & 6 deletions incubator/rundeck/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,15 @@ Rundeck lets you turn your operations procedures into self-service jobs. Safely

## Configuration

The following configurations may be set. It is recommended to use values.yaml for overwriting the Riemann config.
The following configurations may be set. It is recommended to use values.yaml for overwriting the Rundeck config.

Parameter | Description | Default
--------- | ----------- | -------
replicaCount | How many replicas to run. Riemann can really only work with one. | 1
annotations | You can pass annotations inside .spec.template.metadata.annotations. Every value under this is iterated as a key/value and used as a parameter. Useful for KIAM/Kube2IAM and others for example. | ""
deployment.replicaCount | How many replicas to run. Rundeck can really only work with one. | 1
deployment.annotations | You can pass annotations inside deployment.spec.template.metadata.annotations. Useful for KIAM/Kube2IAM and others for example. | {}
deployment.rolloutStrategy | Sets the K8s rollout strategy for the Rundeck deployment | { type: RollingUpdate }
image.repository | Name of the image to run, without the tag. | [rundeck/rundeck](https://github.com/rundeck/rundeck)
image.tag | The image tag to use. | 3.0.16
image.tag | The image tag to use. | 3.2.7
image.pullPolicy | The kubernetes image pull policy. | IfNotPresent
service.type | The kubernetes service type to use. | ClusterIP
service.port | The tcp port the service should listen on. | 80
Expand All @@ -27,5 +28,11 @@ rundeck.adminUser | The config to set up the admin user that should be placed at
rundeck.env | The rundeck environment variables that you would want to set | Default variables provided in docker file
rundeck.sshSecrets | A reference to the Kubernetes Secret that contains the ssh keys. | ""
rundeck.awsCredentialsSecret | A reference to the Kubernetes Secret that contains the aws credentials. | ""
rundeck.awsVolumeId | A Volume ID from a pre-existent AWS EBS volume to persist Rundeck data from /home/rundeck/server/data path. | ""
nginxConfOverride | An optional multi-line value that can replace the default nginx.conf. | ""
nginxConfOverride | An optional multi-line value that can replace the default nginx.conf. | ""
persistence.enabled | Whether or not to attach persistent storage to the Rundeck pod | false
persistence.claim.create | Whether the helm chart should create a persistent volume claim. See the values.yaml for more claim options | false
persistence.awsVolumeId | A Volume ID from a pre-existent AWS EBS volume to persist Rundeck data from /home/rundeck/server/data path. | None
persistence.existingClaim | Name of an existing volume claim | None
serviceAccount.create | Set to true to create a service account for the Rundeck pod | false
serviceAccount.annotations | A map of annotations to attach to the service account (eg: AWS IRSA) | {}
serviceAccount.name | Name of the service account the Rundeck pod should use | ""
5 changes: 4 additions & 1 deletion incubator/rundeck/files/nginx/nginx.conf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,10 @@ events {

http {
server {

location /healthz {
return 204;
access_log off;
}
location / {
recursive_error_pages on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Expand Down
19 changes: 19 additions & 0 deletions incubator/rundeck/templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,23 @@ Create chart name and version as used by the chart label.
*/}}
{{- define "rundeck.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/* Basic labels */}}
{{- define "rundeck.labels" }}
app.kubernetes.io/name: {{ template "rundeck.name" . }}
helm.sh/chart: {{ template "rundeck.chart" . }}
app.kubernetes.io/instance: {{.Release.Name }}
app.kubernetes.io/managed-by: {{.Release.Service }}
{{- end }}

{{/*
Create the name of the service account to use
*/}}
{{- define "rundeck.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "rundeck.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
60 changes: 34 additions & 26 deletions incubator/rundeck/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,32 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "rundeck.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "rundeck.name" . }}
helm.sh/chart: {{ include "rundeck.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
labels: {{ include "rundeck.labels" . | indent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
replicas: {{ .Values.deployment.replicaCount }}
strategy:
{{- with .Values.deployment.annotations }}
annotations:
{{- toYaml . | nindent 6 }}
{{- end }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "rundeck.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
{{- if .Values.annotations }}
# Annotations iteration - Useful for KIAM and others
annotations:
{{- range $key, $value := .Values.annotations }}
{{ $key }}: {{ $value | quote }}
# This will restart the rundeck pod if its environment configuration is updated by helm
checksum/config: {{ include (print $.Template.BasePath "/rundeck-environment-configmap.yaml") . | sha256sum }}
{{- with .Values.deployment.annotations }}
annotations:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
labels:
app.kubernetes.io/name: {{ include "rundeck.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
serviceAccountName: {{ include "rundeck.serviceAccountName" . }}
securityContext:
fsGroup: 1000
containers:
Expand All @@ -35,20 +37,18 @@ spec:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 120
readinessProbe:
httpGet:
path: /
port: 80
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 5
livenessProbe:
httpGet:
path: /healthz
port: 80
scheme: HTTP
periodSeconds: 5
readinessProbe:
httpGet:
path: /healthz
port: 80
scheme: HTTP
periodSeconds: 5
volumeMounts:
- name: nginx-config
mountPath: /etc/nginx
Expand Down Expand Up @@ -108,11 +108,19 @@ spec:
- key: nginx.conf
path: nginx.conf
- name: data
{{- if .Values.rundeck.awsVolumeId }}
{{- if .Values.persistence.enabled }}
{{- if .Values.persistence.awsVolumeId }}
# This AWS EBS volume must already exist.
awsElasticBlockStore:
volumeID: {{ .Values.rundeck.awsVolumeId }}
fsType: ext4
{{- else if .Values.persistence.existingClaim }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else if .Values.persistence.claim.create }}
persistentVolumeClaim:
claimName: {{ include "rundeck.fullname" . }}
{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
Expand Down
6 changes: 1 addition & 5 deletions incubator/rundeck/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,7 @@ apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app.kubernetes.io/name: {{ include "rundeck.name" . }}
helm.sh/chart: {{ include "rundeck.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
labels: {{ include "rundeck.labels" . | indent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
Expand Down
2 changes: 1 addition & 1 deletion incubator/rundeck/templates/nginx-configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-nginx-configmap
type: Opaque
labels: {{ include "rundeck.labels" . | indent 4 }}
data:
nginx.conf: |-
{{- if .Values.nginxConfOverride }}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-environment-configmap
type: Opaque
labels: {{ include "rundeck.labels" . | indent 4 }}
data:
{{ toYaml .Values.rundeck.env | indent 4}}
6 changes: 1 addition & 5 deletions incubator/rundeck/templates/service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,7 @@ apiVersion: v1
kind: Service
metadata:
name: {{ include "rundeck.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "rundeck.name" . }}
helm.sh/chart: {{ include "rundeck.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
labels: {{ include "rundeck.labels" . | indent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
Expand Down
11 changes: 11 additions & 0 deletions incubator/rundeck/templates/serviceAccount.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "rundeck.serviceAccountName" . }}
labels: {{ include "rundeck.labels" . | indent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end -}}
20 changes: 20 additions & 0 deletions incubator/rundeck/templates/volume.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@

{{- if and .Values.persistence.enabled .Values.persistence.claim.create }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "rundeck.fullname" . }}
labels: {{ include "rundeck.labels" . | indent 4 }}
annotations:
{{- with .Values.persistence.claim }}
{{- if .storageClass }}
volume.beta.kubernetes.io/storage-class: {{ .storageClass | quote }}
{{- end }}
spec:
accessModes:
- {{ .accessMode | quote }}
resources:
requests:
storage: {{ .size | quote }}
{{- end }}
{{- end }}
37 changes: 33 additions & 4 deletions incubator/rundeck/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,19 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1

image:
repository: rundeck/rundeck
tag: 3.0.16
tag: 3.2.7
pullPolicy: IfNotPresent

deployment:
replicaCount: 1
annotations: {}
rolloutStrategy:
type: RollingUpdate
# Recreate can help when using persistent volumes
# type: Recreate

rundeck:
adminUser: "admin:admin,user,admin,architect,deploy,build"
env:
Expand All @@ -26,7 +32,6 @@ rundeck:
# RUNDECK_CONFIG_STORAGE_CONVERTER_1_CONFIG_PASSWORD: ${RUNDECK_STORAGE_PASSWORD}
# sshSecrets: "ssh-secret"
awsCredentialsSecret: ""
awsVolumeId: ""

nameOverride: ""
fullnameOverride: ""
Expand All @@ -35,6 +40,30 @@ service:
type: ClusterIP
port: 80

persistence:
enabled: false
# Set existingClaim to the name of an existing PVC to reuse a volume managed outside this helm chart
# existingClaim:
# If deployed on AWS you can optionally specify an existing EBS volume by ID
# awsVolumeId:

# Set claim.create:true to have the helm chart manage the creation of a new PVC for this deployment
claim:
create: false
# storageClass:
# accessMode: ReadWriteOnce
# size: 10G

serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
annotations: {}
# AWS IRSA annotation
# eks.amazonaws.com/role-arn: arn:aws:iam::123456789012:role/rundeck
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:

ingress:
enabled: false
annotations: {}
Expand Down

0 comments on commit 8b96d73

Please sign in to comment.