From 4204a95fd93a57a74bd2e3fb696e1ef1841acf23 Mon Sep 17 00:00:00 2001 From: Valentin Fedoskin Date: Sat, 9 May 2020 12:32:59 +0200 Subject: [PATCH] add haproxy chart --- README.md | 1 + charts/haproxy/Chart.yaml | 12 ++ charts/haproxy/README.md | 41 ++++++ charts/haproxy/templates/NOTES.txt | 15 +++ charts/haproxy/templates/_helpers.tpl | 70 +++++++++++ charts/haproxy/templates/configmap.yaml | 10 ++ charts/haproxy/templates/deployment.yaml | 79 ++++++++++++ charts/haproxy/templates/service.yaml | 15 +++ charts/haproxy/templates/serviceaccount.yaml | 13 ++ .../templates/tests/test-connection.yaml | 16 +++ charts/haproxy/values.yaml | 118 ++++++++++++++++++ 11 files changed, 390 insertions(+) create mode 100644 charts/haproxy/Chart.yaml create mode 100644 charts/haproxy/README.md create mode 100644 charts/haproxy/templates/NOTES.txt create mode 100644 charts/haproxy/templates/_helpers.tpl create mode 100644 charts/haproxy/templates/configmap.yaml create mode 100644 charts/haproxy/templates/deployment.yaml create mode 100644 charts/haproxy/templates/service.yaml create mode 100644 charts/haproxy/templates/serviceaccount.yaml create mode 100644 charts/haproxy/templates/tests/test-connection.yaml create mode 100644 charts/haproxy/values.yaml diff --git a/README.md b/README.md index 63a996a..4672d95 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ This repository contains [Helm](https://helm.sh) charts for various projects * [External Secrets Operator](https://github.com/slamdev/helm-charts/tree/master/charts/external-secrets-operator) * [Gitlab Omnibus](https://github.com/slamdev/helm-charts/tree/master/charts/gitlab-omnibus) * [Gradle Cache](https://github.com/slamdev/helm-charts/tree/master/charts/gradle-cache) +* [HAProxy](https://github.com/slamdev/helm-charts/tree/master/charts/haproxy) * [Nginx](https://github.com/slamdev/helm-charts/tree/master/charts/nginx) * [Weblate](https://github.com/slamdev/helm-charts/tree/master/charts/weblate) diff --git a/charts/haproxy/Chart.yaml b/charts/haproxy/Chart.yaml new file mode 100644 index 0000000..684e802 --- /dev/null +++ b/charts/haproxy/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: haproxy +description: |- + Helm chart to deploy [haproxy](http://www.haproxy.org/). +type: application +version: 0.0.1 +appVersion: 2.1.4 +home: https://github.com/slamdev/helm-charts/tree/master/charts/haproxy +icon: http://www.haproxy.org/img/HAProxyCommunityEdition_60px.png +maintainers: + - name: slamdev + email: valentin.fedoskin@gmail.com diff --git a/charts/haproxy/README.md b/charts/haproxy/README.md new file mode 100644 index 0000000..c504537 --- /dev/null +++ b/charts/haproxy/README.md @@ -0,0 +1,41 @@ +haproxy +======= +Helm chart to deploy [haproxy](http://www.haproxy.org/). + +Current chart version is `0.0.1` + +Source code can be found [here](https://github.com/slamdev/helm-charts/tree/master/charts/haproxy) + + + +## Chart Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | affinity for scheduler pod assignment | +| containerPorts | list | `[{"containerPort":8000,"name":"http","protocol":"TCP"}]` | ports exposed by container | +| env | list | `[]` | additional environment variables for the deployment | +| fullnameOverride | string | `""` | full name of the chart. | +| haproxyConf | string | `"global\n log stdout format raw local0 info\n\ndefaults\n timeout connect 1s\n timeout client 1s\n timeout server 1s\n log global\n option httplog\n\nfrontend status-monitor\n mode http\n bind :8000\n monitor-uri /"` | haproxy config to provision inside of the container | +| image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| image.repository | string | `"haproxy"` | image repository | +| image.tag | string | `""` | image tag (chart's appVersion value will be used if not set) | +| imagePullSecrets | list | `[]` | image pull secret for private images | +| livenessProbe.httpGet.path | string | `"/"` | path for liveness probe | +| livenessProbe.httpGet.port | string | `"http"` | port for liveness probe | +| nameOverride | string | `""` | override name of the chart | +| nodeSelector | object | `{}` | node for scheduler pod assignment | +| podSecurityContext | object | `{}` | specifies security settings for a pod | +| readinessProbe.httpGet.path | string | `"/"` | path for readiness probe | +| readinessProbe.httpGet.port | string | `"http"` | port for readiness probe | +| replicaCount | int | `1` | number of replicas for haproxy deployment. | +| resources | object | `{}` | custom resource configuration | +| securityContext | object | `{}` | specifies security settings for a container | +| service.ports | list | `[{"name":"http","port":80,"protocol":"TCP","targetPort":"http"}]` | service ports | +| service.type | string | `"ClusterIP"` | service type | +| serviceAccount.annotations | object | `{}` | annotations to add to the service account | +| serviceAccount.create | bool | `false` | specifies whether a service account should be created | +| serviceAccount.name | string | `nil` | the name of the service account to use; if not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | tolerations for scheduler pod assignment | +| volumeMounts | list | `[]` | additional volume mounts | +| volumes | list | `[]` | additional volumes | diff --git a/charts/haproxy/templates/NOTES.txt b/charts/haproxy/templates/NOTES.txt new file mode 100644 index 0000000..864983b --- /dev/null +++ b/charts/haproxy/templates/NOTES.txt @@ -0,0 +1,15 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "haproxy.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "haproxy.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "haproxy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "haproxy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/charts/haproxy/templates/_helpers.tpl b/charts/haproxy/templates/_helpers.tpl new file mode 100644 index 0000000..0f6331d --- /dev/null +++ b/charts/haproxy/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "haproxy.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "haproxy.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "haproxy.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "haproxy.labels" -}} +helm.sh/chart: {{ include "haproxy.chart" . }} +{{ include "haproxy.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "haproxy.selectorLabels" -}} +app.kubernetes.io/name: {{ include "haproxy.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "haproxy.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "haproxy.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the tag for the docker image to use +*/}} +{{- define "haproxy.tag" -}} +{{- .Values.image.tag | default (printf "%s-%s" .Chart.AppVersion "alpine") -}} +{{- end -}} diff --git a/charts/haproxy/templates/configmap.yaml b/charts/haproxy/templates/configmap.yaml new file mode 100644 index 0000000..e74141b --- /dev/null +++ b/charts/haproxy/templates/configmap.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "haproxy.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "haproxy.labels" . | nindent 4 }} +data: + haproxy.cfg: |- + {{ .Values.haproxyConf | nindent 4 }} diff --git a/charts/haproxy/templates/deployment.yaml b/charts/haproxy/templates/deployment.yaml new file mode 100644 index 0000000..67c433e --- /dev/null +++ b/charts/haproxy/templates/deployment.yaml @@ -0,0 +1,79 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "haproxy.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "haproxy.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "haproxy.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "haproxy.selectorLabels" . | nindent 8 }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "haproxy.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + args: + - -f + - /etc/haproxy.cfg + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ include "haproxy.tag" . }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.containerPorts }} + ports: + {{- toYaml . | nindent 12 }} + {{- end }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: {{ include "haproxy.fullname" . }} + mountPath: /etc/haproxy.cfg + subPath: haproxy.cfg + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: {{ include "haproxy.fullname" . }} + configMap: + name: {{ include "haproxy.fullname" . }} + items: + - key: haproxy.cfg + path: haproxy.cfg + mode: 292 # 0444 + {{- with .Values.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/haproxy/templates/service.yaml b/charts/haproxy/templates/service.yaml new file mode 100644 index 0000000..debbc99 --- /dev/null +++ b/charts/haproxy/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "haproxy.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "haproxy.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} +{{- with .Values.service.ports }} + ports: + {{- toYaml . | nindent 4 }} +{{- end }} + selector: + {{- include "haproxy.selectorLabels" . | nindent 4 }} diff --git a/charts/haproxy/templates/serviceaccount.yaml b/charts/haproxy/templates/serviceaccount.yaml new file mode 100644 index 0000000..c0435ff --- /dev/null +++ b/charts/haproxy/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "haproxy.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "haproxy.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/charts/haproxy/templates/tests/test-connection.yaml b/charts/haproxy/templates/tests/test-connection.yaml new file mode 100644 index 0000000..1a6da8b --- /dev/null +++ b/charts/haproxy/templates/tests/test-connection.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "haproxy.fullname" . }}-test-connection" + namespace: {{ .Release.Namespace }} + labels: + {{- include "haproxy.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "haproxy.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml new file mode 100644 index 0000000..15bbc81 --- /dev/null +++ b/charts/haproxy/values.yaml @@ -0,0 +1,118 @@ +# replicaCount -- number of replicas for haproxy deployment. +replicaCount: 1 + +image: + # image.repository -- image repository + repository: haproxy + # image.tag -- image tag (chart's appVersion value will be used if not set) + tag: "" + # image.pullPolicy -- image pull policy + pullPolicy: IfNotPresent + +# imagePullSecrets -- image pull secret for private images +imagePullSecrets: [] +# nameOverride -- override name of the chart +nameOverride: "" +# fullnameOverride -- full name of the chart. +fullnameOverride: "" + +serviceAccount: + # serviceAccount.create -- specifies whether a service account should be created + create: false + # serviceAccount.annotations -- annotations to add to the service account + annotations: {} + # serviceAccount.name -- the name of the service account to use; if not set and create is true, a name is generated using the fullname template + name: + +# podSecurityContext -- specifies security settings for a pod +podSecurityContext: {} + # fsGroup: 2000 + +# securityContext -- specifies security settings for a container +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +# containerPorts -- ports exposed by container +containerPorts: + - name: http + containerPort: 8000 + protocol: TCP + +service: + # service.type -- service type + type: ClusterIP + # service.ports -- service ports + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP + +# resources -- custom resource configuration +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +# nodeSelector -- node for scheduler pod assignment +nodeSelector: {} + +# tolerations -- tolerations for scheduler pod assignment +tolerations: [] + +# affinity -- affinity for scheduler pod assignment +affinity: {} + +# volumeMounts -- additional volume mounts +volumeMounts: [] + # - name: cache + # mountPath: /data/haproxy/cache + +# volumes -- additional volumes +volumes: [] + # - name: cache + # emptyDir: {} + +livenessProbe: + httpGet: + # livenessProbe.httpGet.path -- path for liveness probe + path: / + # livenessProbe.httpGet.port -- port for liveness probe + port: http + +readinessProbe: + httpGet: + # readinessProbe.httpGet.path -- path for readiness probe + path: / + # readinessProbe.httpGet.port -- port for readiness probe + port: http + +# env -- additional environment variables for the deployment +env: [] + # - name: SAMPLE + # value: text + +# haproxyConf -- haproxy config to provision inside of the container +haproxyConf: |- + global + log stdout format raw local0 info + + defaults + timeout connect 1s + timeout client 1s + timeout server 1s + log global + option httplog + + frontend status-monitor + mode http + bind :8000 + monitor-uri /