use default k8s cluster plugin from rabbitmq (helm#4591)

* use default k8s cluster plugin from rabbitmq

* changes to reflect pr review comments

* remove trailing spaces

* futher changes from PR review

* doing sed in the copy as it fails in gce due to filesystem permisions when starting the pod

Chart.yaml

@@ -1,5 +1,5 @@
 name: rabbitmq
-version: 0.6.27
+version: 0.7.1
 appVersion: 3.7.4
 description: Open source message broker software that implements the Advanced Message Queuing Protocol (AMQP)
 keywords:

README.md

@@ -45,39 +45,55 @@ The following table lists the configurable parameters of the RabbitMQ chart and
 
 |          Parameter          |                       Description                       |                         Default                          |
 |-----------------------------|---------------------------------------------------------|----------------------------------------------------------|
-| `image`                     | RabbitMQ image                                          | `bitnami/rabbitmq:{VERSION}`                             |
-| `imagePullPolicy`           | Image pull policy                                       | `Always` if `imageTag` is `latest`, else `IfNotPresent`. |
-| `rabbitmqUsername`          | RabbitMQ application username                           | `user`                                                   |
-| `rabbitmqPassword`          | RabbitMQ application password                           | _random 10 character long alphanumeric string_           |
-| `rabbitmqErlangCookie`      | Erlang cookie                                           | _random 32 character long alphanumeric string_           |
-| `rabbitmqNodePort`          | Node port                                               | `5672`                                                   |
-| `rabbitmqNodeType`          | Node type                                               | `stats`                                                  |
-| `rabbitmqNodeName`          | Node name                                               | `rabbit`                                                 |
-| `rabbitmqClusterNodeName`   | Node name to cluster with. e.g.: `clusternode@hostname` | `nil`                                                    |
-| `rabbitmqVhost`             | RabbitMQ application vhost                              | `/`                                                      |
-| `rabbitmqManagerPort`       | RabbitMQ Manager port                                   | `15672`                                                  |
-| `rabbitmqDiskFreeLimit`     | Disk free limit                                         | `"6GiB"`                                                 |
+| `image.registry`            | Rabbitmq Image registry                                 | `docker.io`                                              |
+| `image.repository`          | Rabbitmq Image name                                     | `bitnami/rabbitmq`                                       |
+| `image.tag`                 | Rabbitmq Image tag                                      | `{VERSION}`                                              |
+| `image.pullPolicy`          | Image pull policy                                       | `Always` if `imageTag` is `latest`, else `IfNotPresent`  |
+| `image.pullSecrets`         | Specify docker-ragistry secret names as an array        | `nil`                                                    |
+| `image.debug`               | Specify if debug values should be set                   | `false`                                                  |
+| `rbacEnabled`               | Specify if rbac is enabled in your cluster              | `false`                                                  |
+| `rabbitmq.username`         | RabbitMQ application username                           | `user`                                                   |
+| `rabbitmq.password`         | RabbitMQ application password                           | _random 10 character long alphanumeric string_           |
+| `rabbitmq.erlangCookie`     | Erlang cookie                                           | _random 32 character long alphanumeric string_           |
+| `rabbitmq.nodePort`         | Node port                                               | `5672`                                                   |
+| `rabbitmq.managerPort`      | RabbitMQ Manager port                                   | `15672`                                                  |
+| `rabbitmq.diskFreeLimit`    | Disk free limit                                         | `"6GiB"`                                                 |
+| `rabbitmq.plugins`         | configuration file for plugins to enable                 | `[rabbitmq_management,rabbitmq_peer_discovery_k8s].`  |
+| `rabbitmq.configuration`    | rabbitmq.conf content                                   | see values.yaml                                                 |
 | `serviceType`               | Kubernetes Service type                                 | `ClusterIP`                                              |
 | `persistence.enabled`       | Use a PVC to persist data                               | `true`                                                   |
 | `persistence.existingClaim` | Use an existing PVC to persist data                     | `nil`                                                    |
 | `persistence.storageClass`  | Storage class of backing PVC                            | `nil` (uses alpha storage class annotation)              |
 | `persistence.accessMode`    | Use volume as ReadOnly or ReadWrite                     | `ReadWriteOnce`                                          |
 | `persistence.size`          | Size of data volume                                     | `8Gi`                                                    |
+| `resources`                  | resource needs and limits to apply to the pod           | {}                                                       |
 | `nodeSelector`              | Node labels for pod assignment                          | {}                                                       |
 | `affinity`                  | Affinity settings for pod assignment                    | {}                                                       |
 | `tolerations`               | Toleration labels for pod assignment                    | []                                                       |
+| `ingress.enabled`           | enable ingress for management console                   | `false`                                                  |
+| `ingress.tls`               | enable ingress with tls                                 | `false`                                                  |
+| `ingress.tlsSecret`         | tls type secret to be used                              | `myTlsSecret`                                            |
+| `ingress.annotations`       | ingress annotations as an array                         |  []                                                      |
+| `livenessProbe.enabled`               | would you like a livessProbed to be enabled             |  `true`                                        |
+| `livenessProbe.initialDelaySeconds`   | number of seconds                                       |  120                                           |
+| `livenessProbe.timeoutSeconds`        | number of seconds                                       |  5                                             |
+| `livenessProbe.failureThreshold`      | number of faliures                                      |  6                                             |
+| `readinessProbe.enabled`              | would you like a readinessProbe to be enabled           |  `true`                                        |
+| `readinessProbe.initialDelaySeconds`  | number of seconds                                       |  10                                            |
+| `readinessProbe.timeoutSeconds`       | number of seconds                                       |  3                                             |
+| `readinessProbe.periodSeconds   `     | number of seconds                                       |  5                                             |
 
 The above parameters map to the env variables defined in [bitnami/rabbitmq](http://github.com/bitnami/bitnami-docker-rabbitmq). For more information please refer to the [bitnami/rabbitmq](http://github.com/bitnami/bitnami-docker-rabbitmq) image documentation.
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
 
 ```bash
 $ helm install --name my-release \
-  --set rabbitmqUsername=admin,rabbitmqPassword=secretpassword,rabbitmqErlangCookie=secretcookie \
+  --set rabbitmq.username=admin,rabbitmq.password=secretpassword,rabbitmq.erlangCookie=secretcookie \
     stable/rabbitmq
 ```
 
-The above command sets the RabbitMQ admin username and password to `admin` and `secretpassword` respectively. Additionally, the secure erlang cookie is set to `secretcookie`.
+The above command sets the RabbitMQ admin username and password to `admin` and `secretpassword` respectively. Additionally the secure erlang cookie is set to `secretcookie`.
 
 Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
 
@@ -87,6 +103,12 @@ $ helm install --name my-release -f values.yaml stable/rabbitmq
 
 > **Tip**: You can use the default [values.yaml](values.yaml)
 
+## Production configuration
+A standard configuration is provided by default that will run on most development environments. To operate this chart in a production environment, we recommend you use the alternative file values-production.yaml provided in this repository.
+```bash
+$ helm install --name my-release -f values-production.yaml stable/rabbitmq
+```
+
 ## Persistence
 
 The [Bitnami RabbitMQ](https://github.com/bitnami/bitnami-docker-rabbitmq) image stores the RabbitMQ data and configurations at the `/bitnami/rabbitmq` path of the container.

templates/NOTES.txt

@@ -3,11 +3,11 @@
 
   Credentials:
 
-    echo Username      : {{ .Values.rabbitmqUsername }}
+    echo Username      : {{ .Values.rabbitmq.username }}
     echo Password      : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "rabbitmq.fullname" . }} -o jsonpath="{.data.rabbitmq-password}" | base64 --decode)
     echo ErLang Cookie : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "rabbitmq.fullname" . }} -o jsonpath="{.data.rabbitmq-erlang-cookie}" | base64 --decode)
 
-  RabbitMQ can be accessed within the cluster on port {{ .Values.rabbitmqNodePort }} at {{ template "rabbitmq.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
+  RabbitMQ can be accessed within the cluster on port {{ .Values.rabbitmq.nodePort }} at {{ template "rabbitmq.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
 
   To access for outside the cluster execute the following commands:
 
@@ -34,22 +34,21 @@
 
   To Access the RabbitMQ AMQP port:
 
-    echo amqp://$SERVICE_IP:{{ .Values.rabbitmqNodePort }}/
+    echo amqp://$SERVICE_IP:{{ .Values.rabbitmq.nodePort }}/
 
   To Access the RabbitMQ Management interface:
 
-    echo http://$SERVICE_IP:{{ .Values.rabbitmqManagerPort }}/
+    echo http://$SERVICE_IP:{{ .Values.rabbitmq.managerPort }}/
 
 {{- else if contains "ClusterIP"  .Values.serviceType }}
 
-    export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "rabbitmq.fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
-    kubectl port-forward $POD_NAME {{ .Values.rabbitmqNodePort }}:{{ .Values.rabbitmqNodePort }} {{ .Values.rabbitmqManagerPort }}:{{ .Values.rabbitmqManagerPort }}
+   kubectl port-forward {{ template "rabbitmq.fullname" . }}-0  --namespace {{ .Release.Namespace }} {{ .Values.rabbitmq.nodePort }}:{{ .Values.rabbitmq.nodePort }} {{ .Values.rabbitmq.managerPort }}:{{ .Values.rabbitmq.managerPort }}
 
   To Access the RabbitMQ AMQP port:
 
-    echo amqp://127.0.0.1:{{ .Values.rabbitmqNodePort }}/
+    echo amqp://127.0.0.1:{{ .Values.rabbitmq.nodePort }}/
 
   To Access the RabbitMQ Management interface:
 
-    echo URL : http://127.0.0.1:{{ .Values.rabbitmqManagerPort }}
+    echo URL : http://127.0.0.1:{{ .Values.rabbitmq.managerPort }}
 {{- end }}

templates/_helpers.tpl

@@ -23,3 +23,10 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 {{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "rabbitmq.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}

templates/configuration.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "rabbitmq.fullname" . }}-config
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+data:
+  enabled_plugins: |-
+{{ .Values.rabbitmq.plugins | indent 4 }}
+  rabbitmq.conf: |-
+    ##username and password
+    default_user={{.Values.rabbitmq.username}}
+    default_pass=CHANGEME
+{{ .Values.rabbitmq.configuration | indent 4 }}
+
+

templates/ingress.yaml

@@ -0,0 +1,41 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: "{{ template "rabbitmq.fullname" . }}"
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  {{- if .Values.ingress.hostName }}
+  - host: {{ .Values.ingress.hostName }}
+    http:
+  {{- else }}
+  - http:
+  {{- end }}
+      paths:
+        - path: {{ default "/" .path }}
+          backend:
+            serviceName: {{ template "rabbitmq.fullname" . }}
+            servicePort: {{ .Values.rabbitmq.managerPort }}
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    {{- if  .Values.ingress.hostName }}
+    - {{ .Values.ingress.hostName }}
+    secretName: {{  .Values.ingress.tlsSecret }}
+    {{- else}}
+    - secretName: {{  .Values.ingress.tlsSecret }}
+    {{- end }}
+{{- end }}
+{{- end }}

templates/pvc.yaml

@@ -3,6 +3,11 @@ kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
   name: {{ template "rabbitmq.fullname" . }}
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
 spec:
   accessModes:
     - {{ .Values.persistence.accessMode | quote }}

templates/role.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.rbacEnabled }}
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+rules:
+- apiGroups: [""]
+  resources: ["endpoints"]
+  verbs: ["get"]
+{{- end }}

templates/rolebinding.yaml

@@ -0,0 +1,18 @@
+{{- if .Values.rbacEnabled }}
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+subjects:
+- kind: ServiceAccount
+  name: rabbitmq
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "rabbitmq.fullname" . }}-endpoint-reader
+{{- end }}

templates/secrets.yaml

@@ -3,19 +3,19 @@ kind: Secret
 metadata:
   name: {{ template "rabbitmq.fullname" . }}
   labels:
-    app: {{ template "rabbitmq.fullname" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
     release: "{{ .Release.Name }}"
     heritage: "{{ .Release.Service }}"
 type: Opaque
 data:
-  {{ if .Values.rabbitmqPassword }}
-  rabbitmq-password: {{ .Values.rabbitmqPassword | b64enc | quote }}
+  {{ if .Values.rabbitmq.password }}
+  rabbitmq-password: {{ .Values.rabbitmq.password | b64enc | quote }}
   {{ else }}
   rabbitmq-password: {{ randAlphaNum 10 | b64enc | quote }}
   {{ end }}
-  {{ if .Values.rabbitmqErlangCookie }}
-  rabbitmq-erlang-cookie: {{ .Values.rabbitmqErlangCookie | b64enc | quote }}
+  {{ if .Values.rabbitmq.erlangCookie }}
+  rabbitmq-erlang-cookie: {{ .Values.rabbitmq.erlangCookie | b64enc | quote }}
   {{ else }}
   rabbitmq-erlang-cookie: {{ randAlphaNum 32 | b64enc | quote }}
   {{ end }}

templates/serviceaccount.yaml

@@ -0,0 +1,11 @@
+{{- if .Values.rbacEnabled }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "rabbitmq.fullname" . }} 
+  labels:
+    app: {{ template "rabbitmq.name" . }}
+    chart: {{ template "rabbitmq.chart" .  }}
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- end }}