From 2cd742ea9e8e974be44b07127575093dc3fa9312 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 15 Mar 2022 12:35:06 +0000 Subject: [PATCH 1/4] Update helm/chart-releaser-action action to v1.3.0 Signed-off-by: Renovate Bot --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 62a2c0a0..b5968ca0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: - name: Prepare charts run: make prepare - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.2.1 + uses: helm/chart-releaser-action@v1.3.0 with: charts_dir: appuio charts_repo_url: https://charts.appuio.ch From 2fa4e4f67de54c980a423ca89d22ab878fea3716 Mon Sep 17 00:00:00 2001 From: Chris Date: Tue, 15 Mar 2022 13:43:01 +0100 Subject: [PATCH 2/4] Update helm-docs to v1.7.0 Signed-off-by: Chris --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 897afd9a..d15b1986 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ SOURCE_README=README.gotmpl TARGET_README=README.md CHARTS_DIR=appuio -HELM_DOCS_VERSION=v1.5.0 +HELM_DOCS_VERSION=v1.7.0 .PHONY: help help: ## Show this help From ce7b5185285dc1ff5b3cca6795d77bacdbf5c2dc Mon Sep 17 00:00:00 2001 From: Chris Date: Tue, 15 Mar 2022 13:43:13 +0100 Subject: [PATCH 3/4] Update redis chart docs Signed-off-by: Chris --- appuio/redis/Chart.yaml | 2 +- appuio/redis/README.md | 21 ++++++++++----------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/appuio/redis/Chart.yaml b/appuio/redis/Chart.yaml index 3fd35f5d..a99891ef 100644 --- a/appuio/redis/Chart.yaml +++ b/appuio/redis/Chart.yaml @@ -24,4 +24,4 @@ name: redis sources: - https://github.com/bitnami/bitnami-docker-redis - http://redis.io/ -version: 1.3.3 +version: 1.3.4 diff --git a/appuio/redis/README.md b/appuio/redis/README.md index 8717ab42..1b1148da 100644 --- a/appuio/redis/README.md +++ b/appuio/redis/README.md @@ -1,6 +1,6 @@ # redis -![Version: 1.3.3](https://img.shields.io/badge/Version-1.3.3-informational?style=flat-square) ![AppVersion: 6.2.1](https://img.shields.io/badge/AppVersion-6.2.1-informational?style=flat-square) +![Version: 1.3.4](https://img.shields.io/badge/Version-1.3.4-informational?style=flat-square) ![AppVersion: 6.2.1](https://img.shields.io/badge/AppVersion-6.2.1-informational?style=flat-square) Open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. @@ -32,7 +32,7 @@ Edit the README.gotmpl.md template instead. | image.registry | string | `"docker.io"` | Redis image registry | | image.repository | string | `"bitnami/redis"` | Redis image repository | | image.tag | string | `"6.2.1-debian-10-r36"` | Redis image tag (immutable tags are recommended) | -| master.affinity | object | `{}` | | +| master.affinity | object | `{}` | Redis(TM) Master pod/node affinity/anti-affinity | | master.command | string | `"/run.sh"` | Redis(TM) command arguments | | master.configmap | string | `nil` | Additional Redis(TM) configuration for the master nodes | | master.customLivenessProbe | object | `{}` | | @@ -67,13 +67,13 @@ Edit the README.gotmpl.md template instead. | master.readinessProbe.periodSeconds | int | `5` | | | master.readinessProbe.successThreshold | int | `1` | | | master.readinessProbe.timeoutSeconds | int | `5` | | -| master.service.annotations | object | `{}` | | +| master.service.annotations | object | `{}` | Provide any additional annotations | | master.service.externalTrafficPolicy | string | `"Cluster"` | External traffic policy (when service type is LoadBalancer) | | master.service.labels | object | `{}` | Provide any additional labels | | master.service.loadBalancerIP | string | `nil` | | | master.service.port | int | `6379` | Redis(TM) Master Service port | | master.service.type | string | `"ClusterIP"` | Redis(TM) Master Service type | -| master.shareProcessNamespace | bool | `false` | | +| master.shareProcessNamespace | bool | `false` | Enable shared process namespace in a pod. If set to false (default), each container will run in separate namespace, redis will have PID=1. If set to true, the /pause will run as init process and will reap any zombie PIDs. | | master.statefulset.annotations | object | `{}` | | | master.statefulset.labels | object | `{}` | | | master.statefulset.updateStrategy | string | `"RollingUpdate"` | | @@ -84,8 +84,7 @@ Edit the README.gotmpl.md template instead. | metrics.image.registry | string | `"docker.io"` | Exporter image registry | | metrics.image.repository | string | `"bitnami/redis-exporter"` | Exporter image repository | | metrics.image.tag | string | `"1.32.0-debian-10-r16"` | Exporter image tag | -| metrics.podAnnotations."prometheus.io/port" | string | `"9121"` | | -| metrics.podAnnotations."prometheus.io/scrape" | string | `"true"` | | +| metrics.podAnnotations | object | `{"prometheus.io/port":"9121","prometheus.io/scrape":"true"}` | Metrics exporter pod Annotation | | metrics.priorityClassName | string | `nil` | Metrics exporter pod priorityClassName | | metrics.prometheusRule.additionalLabels | object | `{}` | | | metrics.prometheusRule.enabled | bool | `false` | | @@ -101,7 +100,7 @@ Edit the README.gotmpl.md template instead. | metrics.serviceMonitor.relabelings | list | `[]` | | | metrics.serviceMonitor.selector.prometheus | string | `"kube-prometheus"` | | | networkPolicy.enabled | bool | `false` | Specifies whether a NetworkPolicy should be created | -| networkPolicy.ingressNSMatchLabels | object | `{}` | | +| networkPolicy.ingressNSMatchLabels | object | `{}` | Allow connections from other namespaces. Just set label for namespace and set label for pods (optional). | | networkPolicy.ingressNSPodMatchLabels | object | `{}` | | | password | string | `""` | Redis(TM) password (both master and slave). Defaults to a random 10-character alphanumeric string if not set and usePassword is true. | | persistence.existingClaim | string | `nil` | | @@ -159,14 +158,14 @@ Edit the README.gotmpl.md template instead. | sentinel.readinessProbe.periodSeconds | int | `5` | | | sentinel.readinessProbe.successThreshold | int | `1` | | | sentinel.readinessProbe.timeoutSeconds | int | `5` | | -| sentinel.service.annotations | object | `{}` | | +| sentinel.service.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. | | sentinel.service.externalTrafficPolicy | string | `"Cluster"` | External traffic policy (when service type is LoadBalancer) | | sentinel.service.labels | object | `{}` | | | sentinel.service.loadBalancerIP | string | `nil` | | | sentinel.service.redisPort | int | `6379` | | | sentinel.service.sentinelPort | int | `26379` | | | sentinel.service.type | string | `"ClusterIP"` | Redis(TM) Sentinel Service type | -| sentinel.staticID | bool | `false` | | +| sentinel.staticID | bool | `false` | Enable or disable static sentinel IDs for each replicas. If disabled each sentinel will generate a random id at startup. If enabled, each replicas will have a constant ID on each start-up. | | sentinel.usePassword | bool | `true` | Require password authentication on the sentinel itself | | serviceAccount.create | bool | `false` | Specifies whether a ServiceAccount should be created | | serviceAccount.name | string | `nil` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | @@ -195,7 +194,7 @@ Edit the README.gotmpl.md template instead. | slave.persistence.size | string | `"8Gi"` | | | slave.persistence.subPath | string | `""` | The subdirectory of the volume to mount to | | slave.podAnnotations | object | `{}` | Redis(TM) slave pod Annotations | -| slave.podLabels | object | `{}` | | +| slave.podLabels | object | `{}` | Redis(TM) slave pod Labels | | slave.port | int | `6379` | Redis(TM) slave port | | slave.preExecCmds | string | `""` | Additional commands to run prior to starting Redis(TM) | | slave.priorityClassName | string | `nil` | Redis(TM) slave pod priorityClassName | @@ -205,7 +204,7 @@ Edit the README.gotmpl.md template instead. | slave.readinessProbe.periodSeconds | int | `10` | | | slave.readinessProbe.successThreshold | int | `1` | | | slave.readinessProbe.timeoutSeconds | int | `10` | | -| slave.service.annotations | object | `{}` | | +| slave.service.annotations | object | `{}` | Provide any additional annotations which may be required. | | slave.service.externalTrafficPolicy | string | `"Cluster"` | External traffic policy (when service type is LoadBalancer) | | slave.service.labels | object | `{}` | | | slave.service.loadBalancerIP | string | `nil` | | From ce515b76022e8cf9ba77557c5ec13f61dfc441bc Mon Sep 17 00:00:00 2001 From: Chris Date: Tue, 15 Mar 2022 13:43:24 +0100 Subject: [PATCH 4/4] Update mariadb-galera chart docs Signed-off-by: Chris --- appuio/mariadb-galera/Chart.yaml | 2 +- appuio/mariadb-galera/README.md | 26 +++++++++++++------------- appuio/mariadb-galera/values.yaml | 3 ++- 3 files changed, 16 insertions(+), 15 deletions(-) diff --git a/appuio/mariadb-galera/Chart.yaml b/appuio/mariadb-galera/Chart.yaml index 5bce768f..cd634677 100644 --- a/appuio/mariadb-galera/Chart.yaml +++ b/appuio/mariadb-galera/Chart.yaml @@ -27,4 +27,4 @@ sources: - https://github.com/bitnami/bitnami-docker-mariadb-galera - https://github.com/prometheus/mysqld_exporter - https://mariadb.org -version: 1.2.2 +version: 1.2.3 diff --git a/appuio/mariadb-galera/README.md b/appuio/mariadb-galera/README.md index 9e52eb55..d76382e7 100644 --- a/appuio/mariadb-galera/README.md +++ b/appuio/mariadb-galera/README.md @@ -1,6 +1,6 @@ # mariadb-galera -![Version: 1.2.2](https://img.shields.io/badge/Version-1.2.2-informational?style=flat-square) ![AppVersion: 10.5.12](https://img.shields.io/badge/AppVersion-10.5.12-informational?style=flat-square) +![Version: 1.2.3](https://img.shields.io/badge/Version-1.2.3-informational?style=flat-square) ![AppVersion: 10.5.12](https://img.shields.io/badge/AppVersion-10.5.12-informational?style=flat-square) MariaDB Galera is a multi-master database cluster solution for synchronous replication and high availability. @@ -41,8 +41,8 @@ Edit the README.gotmpl.md template instead. | extraEnvVarsSecret | string | `""` | Secret containing extra env vars to configure MariaDB Galera replicas | | extraFlags | string | `""` | MariaDB additional command line flags | | extraInitContainers | list | `[]` | Additional init containers (this value is evaluated as a template) | -| extraVolumeMounts | list | `[]` | | -| extraVolumes | list | `[]` | | +| extraVolumeMounts | list | `[]` | Mount extra volume(s) | +| extraVolumes | list | `[]` | Extra volumes | | forceUpdate | bool | `false` | Force update the StatefulSet. If enabled the chart will recreate the StatefulSet without touching the Pods (cascade orphan), allowing you to update locked field, such as PVC size. Currently only changes to PVC size are supported. | | forceUpdateKubectlImage | string | `"quay.io/bitnami/kubectl"` | Image used to recreate the StatefulSet. Needs to have `kubectl` and `jq` in its `$PATH` | | fullnameOverride | string | `""` | String to fully override common.names.fullname template with a string | @@ -58,14 +58,14 @@ Edit the README.gotmpl.md template instead. | hostAliases | list | `[]` | Add deployment host aliases | | image.debug | bool | `false` | Specify if debug logs should be enabled | | image.pullPolicy | string | `"IfNotPresent"` | MariaDB Galera image pull policy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' | -| image.pullSecrets | list | `[]` | | +| image.pullSecrets | list | `[]` | Specify docker-registry secret names as an array | | image.registry | string | `"docker.io"` | MariaDB Galera image registry | | image.repository | string | `"bitnami/mariadb-galera"` | MariaDB Galera image repository | | image.tag | string | `"10.5.12-debian-10-r1"` | MariaDB Galera image tag (immutable tags are recommended) | | initdbScripts | object | `{}` | Specify dictionary of scripts to be run at first boot | | initdbScriptsConfigMap | string | `""` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | | ldap.base | string | `""` | LDAP base DN | -| ldap.binddn | string | `""` | | +| ldap.binddn | string | `""` | DAP bind DN | | ldap.bindpw | string | `""` | LDAP bind password | | ldap.bslookup | string | `""` | LDAP base lookup | | ldap.enabled | bool | `false` | Enable LDAP support | @@ -77,11 +77,11 @@ Edit the README.gotmpl.md template instead. | ldap.uri | string | `""` | LDAP URL beginning in the form `ldap | | livenessProbe.enabled | bool | `true` | Turn on and off liveness probe | | livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the probe | -| livenessProbe.initialDelaySeconds | int | `120` | | +| livenessProbe.initialDelaySeconds | int | `120` | Delay before liveness probe is initiated | | livenessProbe.periodSeconds | int | `10` | How often to perform the probe | | livenessProbe.successThreshold | int | `1` | consecutive successes for the probe | | livenessProbe.timeoutSeconds | int | `5` | When the probe times out | -| mariadbConfiguration | string | `"[client]\nport=3306\nsocket=/opt/bitnami/mariadb/tmp/mysql.sock\nplugin_dir=/opt/bitnami/mariadb/plugin\n\n[mysqld]\ndefault_storage_engine=InnoDB\nbasedir=/opt/bitnami/mariadb\ndatadir=/bitnami/mariadb/data\nplugin_dir=/opt/bitnami/mariadb/plugin\ntmpdir=/opt/bitnami/mariadb/tmp\nsocket=/opt/bitnami/mariadb/tmp/mysql.sock\npid_file=/opt/bitnami/mariadb/tmp/mysqld.pid\nbind_address=0.0.0.0\n\n## Character set\n##\ncollation_server=utf8_unicode_ci\ninit_connect='SET NAMES utf8'\ncharacter_set_server=utf8\n\n## MyISAM\n##\nkey_buffer_size=32M\nmyisam_recover_options=FORCE,BACKUP\n\n## Safety\n##\nskip_host_cache\nskip_name_resolve\nmax_allowed_packet=16M\nmax_connect_errors=1000000\nsql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY\nsysdate_is_now=1\n\n## Binary Logging\n##\nlog_bin=mysql-bin\nexpire_logs_days=14\n# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql\nsync_binlog=0\n# Required for Galera\nbinlog_format=row\n\n## Caches and Limits\n##\ntmp_table_size=32M\nmax_heap_table_size=32M\n# Re-enabling as now works with Maria 10.1.2\nquery_cache_type=1\nquery_cache_limit=4M\nquery_cache_size=256M\nmax_connections=500\nthread_cache_size=50\nopen_files_limit=65535\ntable_definition_cache=4096\ntable_open_cache=4096\n\n## InnoDB\n##\ninnodb=FORCE\ninnodb_strict_mode=1\n# Mandatory per https://github.com/codership/documentation/issues/25\ninnodb_autoinc_lock_mode=2\n# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/\ninnodb_doublewrite=1\ninnodb_flush_method=O_DIRECT\ninnodb_log_files_in_group=2\ninnodb_log_file_size=128M\ninnodb_flush_log_at_trx_commit=1\ninnodb_file_per_table=1\n# 80% Memory is default reco.\n# Need to re-evaluate when DB size grows\ninnodb_buffer_pool_size=2G\ninnodb_file_format=Barracuda\n\n## Logging\n##\nlog_error=/opt/bitnami/mariadb/logs/mysqld.log\nslow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log\nlog_queries_not_using_indexes=1\nslow_query_log=1\n\n## SSL\n## Use extraVolumes and extraVolumeMounts to mount /certs filesystem\n# ssl_ca=/certs/ca.pem\n# ssl_cert=/certs/server-cert.pem\n# ssl_key=/certs/server-key.pem\n\n[galera]\nwsrep_on=ON\nwsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so\nwsrep_sst_method=mariabackup\nwsrep_slave_threads=4\nwsrep_cluster_address=gcomm://\nwsrep_cluster_name=galera\nwsrep_sst_auth=\"root:\"\n# Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit\ninnodb_flush_log_at_trx_commit=2\n# MYISAM REPLICATION SUPPORT #\nwsrep_replicate_myisam=ON\n\n[mariadb]\nplugin_load_add=auth_pam\n\n## Data-at-Rest Encryption\n## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem\n# plugin_load_add=file_key_management\n# file_key_management_filename=/encryption/keyfile.enc\n# file_key_management_filekey=FILE:/encryption/keyfile.key\n# file_key_management_encryption_algorithm=AES_CTR\n# encrypt_binlog=ON\n# encrypt_tmp_files=ON\n\n## InnoDB/XtraDB Encryption\n# innodb_encrypt_tables=ON\n# innodb_encrypt_temporary_tables=ON\n# innodb_encrypt_log=ON\n# innodb_encryption_threads=4\n# innodb_encryption_rotate_key_age=1\n\n## Aria Encryption\n# aria_encrypt_tables=ON\n# encrypt_tmp_disk_tables=ON"` | Configuration for the MariaDB server | +| mariadbConfiguration | string | See values.yaml | Configuration for the MariaDB server | | metrics.enabled | bool | `false` | Start a side-car prometheus exporter | | metrics.extraFlags | list | `[]` | MariaDB Prometheus exporter additional command line flags | | metrics.image.pullPolicy | string | `"IfNotPresent"` | MariaDB Prometheus exporter image pull policy | @@ -104,7 +104,7 @@ Edit the README.gotmpl.md template instead. | metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | metrics.serviceMonitor.scrapeTimeout | string | `""` | Timeout after which the scrape is ended | | metrics.serviceMonitor.selector | object | `{"prometheus":"kube-prometheus"}` | ServiceMonitor selector labels. Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install. | -| nameOverride | string | `""` | | +| nameOverride | string | `""` | String to partially override common.names.fullname template with a string (will prepend the release name) | | nodeAffinityPreset.key | string | `""` | Node label key to match. Ignored if `affinity` is set. | | nodeAffinityPreset.type | string | `""` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | | nodeAffinityPreset.values | list | `[]` | Node label values to match. Ignored if `affinity` is set. | @@ -125,7 +125,7 @@ Edit the README.gotmpl.md template instead. | podDisruptionBudget.maxUnavailable | string | `""` | Maximum number / percentage of pods that may be made unavailable | | podDisruptionBudget.minAvailable | int | `1` | Minimum number / percentage of pods that should remain scheduled | | podLabels | object | `{}` | Extra labels for MariaDB Galera pods | -| podManagementPolicy | string | `"OrderedReady"` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | +| podManagementPolicy | string | `"OrderedReady"` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | | priorityClassName | string | `""` | Priority Class Name for Statefulset | | rbac.create | bool | `false` | Specify whether RBAC resources should be created and used | | readinessProbe.enabled | bool | `true` | Turn on and off readiness probe | @@ -135,8 +135,8 @@ Edit the README.gotmpl.md template instead. | readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe | | readinessProbe.timeoutSeconds | int | `5` | When the probe times out | | replicaCount | int | `3` | Desired number of cluster nodes | -| resources.limits | object | `{}` | | -| resources.requests | object | `{}` | | +| resources.limits | object | `{}` | The resources limits for the container | +| resources.requests | object | `{}` | The requested resources for the container | | rootUser.forcePassword | bool | `false` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. If it is not force, a random password will be generated. | | rootUser.password | string | `""` | Password for the admin user. Ignored if existing secret is provided. Password is ignored if existingSecret is specified. | | rootUser.user | string | `"root"` | Username for the admin user. | @@ -156,8 +156,8 @@ Edit the README.gotmpl.md template instead. | serviceAccount.create | bool | `false` | Specify whether a ServiceAccount should be created | | serviceAccount.name | string | `""` | The name of the ServiceAccount to create If not set and create is true, a name is generated using the common.names.fullname template | | startupProbe.enabled | bool | `false` | Turn on and off startup probe | -| startupProbe.failureThreshold | int | `48` | | -| startupProbe.initialDelaySeconds | int | `120` | | +| startupProbe.failureThreshold | int | `48` | Minimum consecutive failures for the probe | +| startupProbe.initialDelaySeconds | int | `120` | Delay before startup probe is initiated | | startupProbe.periodSeconds | int | `10` | How often to perform the probe | | startupProbe.successThreshold | int | `1` | Minimum consecutive successes for the probe | | startupProbe.timeoutSeconds | int | `5` | When the probe times out | diff --git a/appuio/mariadb-galera/values.yaml b/appuio/mariadb-galera/values.yaml index daf72b1f..2d946203 100644 --- a/appuio/mariadb-galera/values.yaml +++ b/appuio/mariadb-galera/values.yaml @@ -67,7 +67,7 @@ image: # -- Specify if debug logs should be enabled ## Set to true if you would like to see extra information on logs debug: false -# -- StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. +# -- StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. # There are two valid pod management policies: OrderedReady and Parallel ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy ## @@ -269,6 +269,7 @@ tls: # -- Configuration for the MariaDB server ## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file ## Alternatively, you can put your my.cnf under the files/ directory +# @default -- See values.yaml mariadbConfiguration: |- [client] port=3306