Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(pvc): split PVC configuration between Deployments #224

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

fix(pvc): split PVC configuration between Deployments #224

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1c3eb11
fix(pvc): split PVC configuration between Deployments
andrewazores Nov 29, 2024
9a81375
typo, add test
andrewazores Dec 2, 2024
1b21348
cleanup
andrewazores Dec 2, 2024
dda0cf2
fixup! typo, add test
andrewazores Dec 2, 2024
123367e
storage class fixup
andrewazores Dec 2, 2024
98aef90
readme
andrewazores Dec 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 26 additions & 20 deletions charts/cryostat/README.md
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions charts/cryostat/templates/db_deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,12 +85,12 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- if ((.Values.pvc).enabled) }}
{{- if ((.Values.db.resources.pvc).enabled) }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
{{- if ((.Values.db.resources.pvc).enabled) }}
{{- if (.Values.db.pvc).enabled }}

I think .db.resources refers to container resource requirements :D

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah right, thanks. I initially nested it under resources, but then it would be annoying to set PVC settings and CPU/memory separately so I moved it back up a level. I'll change this when I'm back at my computer (probably Monday).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll change this when I'm back at my computer (probably Monday).

Sounds good! Happy Black Friday weekends^^

- name: {{ .Chart.Name }}-db
persistentVolumeClaim:
claimName: {{ .Release.Name }}-db
{{- end }}
{{- if not ((.Values.pvc).enabled) }}
{{- if not ((.Values.db.resources.pvc).enabled) }}
Copy link
Member

@tthvo tthvo Nov 29, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess we can use else here?

- name: {{ .Chart.Name }}-db
emptyDir: {}
{{- end }}
14 changes: 7 additions & 7 deletions charts/cryostat/templates/db_pvc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,26 @@
{{- if ((.Values.pvc).enabled) }}
{{- if ((.Values.db.pvc).enabled) }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "cryostat.fullname" . }}-db
{{- $labels := include "cryostat.labels" $ | nindent 4 }}
labels: {{ $labels }}
{{- with .Values.pvc.annotations }}
{{- with .Values.db.pvc.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- with .Values.pvc.accessModes }}
{{- with .Values.db.pvc.accessModes }}
accessModes:
{{- toYaml . | nindent 4 }}
{{- end }}
resources:
requests:
storage: {{ .Values.pvc.storage }}
{{- if kindIs "string" .Values.pvc.storageClassName }}
storageClassName: {{ .Values.pvc.storageClassName | quote }}
storage: {{ .Values.db.pvc.storage }}
{{- if kindIs "string" .Values.db.pvc.storageClassName }}
storageClassName: {{ .Values.db.pvc.storageClassName | quote }}
{{- end }}
{{- with .Values.pvc.selector }}
{{- with .Values.db.pvc.selector }}
selector:
{{- toYaml . | nindent 4 }}
{{- end }}
Expand Down
4 changes: 2 additions & 2 deletions charts/cryostat/templates/storage_deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,12 +99,12 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- if ((.Values.pvc).enabled) }}
{{- if ((.Values.storage.resources.pvc).enabled) }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
{{- if ((.Values.storage.resources.pvc).enabled) }}
{{- if (.Values.storage.pvc).enabled }}

- name: {{ .Chart.Name }}-storage
persistentVolumeClaim:
claimName: {{ .Release.Name }}-storage
{{- end }}
{{- if not ((.Values.pvc).enabled) }}
{{- if not ((.Values.storage.resources.pvc).enabled) }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can also use else here :D

- name: {{ .Chart.Name }}-storage
emptyDir: {}
{{- end }}
14 changes: 7 additions & 7 deletions charts/cryostat/templates/storage_pvc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,26 @@
{{- if ((.Values.pvc).enabled) }}
{{- if ((.Values.storage.pvc).enabled) }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "cryostat.fullname" . }}-storage
{{- $labels := include "cryostat.labels" $ | nindent 4 }}
labels: {{ $labels }}
{{- with .Values.pvc.annotations }}
{{- with .Values.storage.pvc.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- with .Values.pvc.accessModes }}
{{- with .Values.storage.pvc.accessModes }}
accessModes:
{{- toYaml . | nindent 4 }}
{{- end }}
resources:
requests:
storage: {{ .Values.pvc.storage }}
{{- if kindIs "string" .Values.pvc.storageClassName }}
storageClassName: {{ .Values.pvc.storageClassName | quote }}
storage: {{ .Values.storage.pvc.storage }}
{{- if kindIs "string" .Values.storage.pvc.storageClassName }}
storageClassName: {{ .Values.storage.pvc.storageClassName | quote }}
{{- end }}
{{- with .Values.pvc.selector }}
{{- with .Values.storage.pvc.selector }}
selector:
{{- toYaml . | nindent 4 }}
{{- end }}
Expand Down
4 changes: 2 additions & 2 deletions charts/cryostat/tests/db_pvc_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ templates:
tests:
- it: should create a PersistentVolumeClaim with correct settings
set:
pvc:
db.pvc:
enabled: true
storage: "10Gi"
accessModes:
Expand Down Expand Up @@ -50,7 +50,7 @@ tests:

- it: should not create a PersistentVolumeClaim when PVC is disabled
set:
pvc:
db.pvc:
enabled: false
asserts:
- hasDocuments:
Expand Down
4 changes: 2 additions & 2 deletions charts/cryostat/tests/storage_pvc_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ templates:
tests:
- it: should create a PersistentVolumeClaim with correct settings
set:
pvc:
storage.pvc:
enabled: true
storage: "10Gi"
accessModes:
Expand Down Expand Up @@ -50,7 +50,7 @@ tests:

- it: should not create a PersistentVolumeClaim when PVC is disabled
set:
pvc:
storage.pvc:
enabled: false
asserts:
- hasDocuments:
Expand Down
149 changes: 93 additions & 56 deletions charts/cryostat/values.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -374,31 +374,6 @@
"db": {
"type": "object",
"properties": {
"securityContext": {
"type": "object",
"properties": {
"capabilities": {
"type": "object",
"properties": {
"drop": {
"type": "array",
"description": "",
"default": [
"ALL"
],
"items": {
"type": "string"
}
}
}
},
"allowPrivilegeEscalation": {
"type": "boolean",
"description": "",
"default": false
}
}
},
"image": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -453,12 +428,7 @@
}
}
}
}
}
},
"storage": {
"type": "object",
"properties": {
},
"securityContext": {
"type": "object",
"properties": {
Expand All @@ -484,6 +454,42 @@
}
}
},
"pvc": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first.",
"default": false
},
"storage": {
"type": "string",
"description": "Storage size to request for the persistentVolumeClaim",
"default": "500Mi"
},
"accessModes": {
"type": "array",
"description": "Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)",
"default": [
"ReadWriteOnce"
],
"items": {
"type": "string"
}
},
"storageClassName": {
"type": "string",
"description": "The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)",
"default": "",
"nullable": true
}
}
}
}
},
"storage": {
"type": "object",
"properties": {
"storageSecretName": {
"type": "string",
"description": "Name of the secret containing the object storage secret access key. This secret must contain a STORAGE_ACCESS_KEY secret which is the object storage secret access key. It must not be updated across chart upgrades, or else the connection between Cryostat components and object storage will not be able to initialize. It is recommended that the secret should be marked as immutable to avoid accidental changes to secret's data. More details: https://kubernetes.io/docs/concepts/configuration/secret/#secret-immutable",
Expand Down Expand Up @@ -519,6 +525,31 @@
}
}
},
"securityContext": {
"type": "object",
"properties": {
"capabilities": {
"type": "object",
"properties": {
"drop": {
"type": "array",
"description": "",
"default": [
"ALL"
],
"items": {
"type": "string"
}
}
}
},
"allowPrivilegeEscalation": {
"type": "boolean",
"description": "",
"default": false
}
}
},
"service": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -553,6 +584,37 @@
}
}
}
},
"pvc": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first.",
"default": false
},
"storage": {
"type": "string",
"description": "Storage size to request for the persistentVolumeClaim",
"default": "500Mi"
},
"accessModes": {
"type": "array",
"description": "Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)",
"default": [
"ReadWriteOnce"
],
"items": {
"type": "string"
}
},
"storageClassName": {
"type": "string",
"description": "The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)",
"default": "",
"nullable": true
}
}
}
}
},
Expand Down Expand Up @@ -1012,31 +1074,6 @@
"description": "Tolerations for the Cryostat Pod. See: [Tolerations](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling)",
"default": [],
"items": {}
},
"pvc": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Specify whether to use persistentVolumeClaim or EmptyDir storage",
"default": false
},
"storage": {
"type": "string",
"description": "Storage size to request for the persistentVolumeClaim",
"default": "500Mi"
},
"accessModes": {
"type": "array",
"description": "Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)",
"default": [
"ReadWriteOnce"
],
"items": {
"type": "string"
}
}
}
}
}
}
43 changes: 28 additions & 15 deletions charts/cryostat/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,20 @@ db:
cpu: 25m
## @param db.resources.requests.memory Memory resource request for the database container.
memory: 64Mi
pvc:
## @param db.pvc.enabled Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first.
enabled: false
## @param db.pvc.annotations [object] Annotations to add to the persistentVolumeClaim
annotations: {}
## @param db.pvc.storage Storage size to request for the persistentVolumeClaim
storage: 500Mi
## @param db.pvc.accessModes Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
accessModes:
- ReadWriteOnce
## @param db.pvc.selector [object] Selector for the persistentVolumeClaim. See: [Selector](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
selector: {}
## @param db.pvc.storageClassName [string, nullable] The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
storageClassName: ""
## @param db.securityContext [object] Security Context for the database container. Defaults to meet "restricted" [Pod Security Standard](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted). See: [SecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1)
securityContext:
## @skip db.securityContext.allowPrivilegeEscalation
Expand Down Expand Up @@ -180,6 +194,20 @@ storage:
cpu: 50m
## @param storage.resources.requests.memory Memory resource request for the object storage container.
memory: 256Mi
pvc:
## @param storage.pvc.enabled Specify whether to use persistentVolumeClaim (true) or EmptyDir storage (false). This is recommended to be enabled, but the storage size and selector should be chosen carefully first.
enabled: false
## @param storage.pvc.annotations [object] Annotations to add to the persistentVolumeClaim
annotations: {}
## @param storage.pvc.storage Storage size to request for the persistentVolumeClaim
storage: 500Mi
## @param storage.pvc.accessModes Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
accessModes:
- ReadWriteOnce
## @param storage.pvc.selector [object] Selector for the persistentVolumeClaim. See: [Selector](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
selector: {}
## @param storage.pvc.storageClassName [string, nullable] The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I think we should the URL should include section point. For example:

https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class

storageClassName: ""
Copy link
Member

@tthvo tthvo Nov 30, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these storageClassName are meant default to null or unset (i.e. to be commented out). This allows the default storageClass to to be set on the PVC.

https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1

## @param storage.securityContext [object] Security Context for the storage container. Defaults to meet "restricted" [Pod Security Standard](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted). See: [SecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1)
securityContext:
## @skip storage.securityContext.allowPrivilegeEscalation
Expand Down Expand Up @@ -370,18 +398,3 @@ tolerations: []

## @param affinity [object] Affinity for the Cryostat Pod. See: [Affinity](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#scheduling)
affinity: {}

pvc:
## @param pvc.enabled Specify whether to use persistentVolumeClaim or EmptyDir storage
enabled: false
## @param pvc.annotations [object] Annotations to add to the persistentVolumeClaim
annotations: {}
## @param pvc.storage Storage size to request for the persistentVolumeClaim
storage: 500Mi
## @param pvc.accessModes Access mode for the persistentVolumeClaim. See: [Access Modes](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
accessModes:
- ReadWriteOnce
## @param pvc.selector [object] Selector for the persistentVolumeClaim. See: [Selector](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
selector: {}
## @param pvc.storageClassName [string, nullable] The name of the StorageClass for the persistentVolumeClaim. See: [Class](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims)
# storageClassName:
Loading