##############################################################################
#
# Copyright (c) 2019 AT&T Intellectual Property.
+# Copyright (c) 2022 Samsung Electronics Co., Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
if [[ "${1:-nope}" != "nope" ]]; then
HELMVERSION=$1
else
- HELMVERSION=2.17.0
+ HELMVERSION=3.9.0
fi
if [[ "${2:-nope}" != "nope" ]]; then
OVERRIDEYAML=$2
ROOT_DIR="$(pwd)"
HELM_COMMAND=helm
+CHARTMUSEUM_COMMAND=chartmuseum
+CHARTMUSEUM_VERSION=0.14.0
if ! $($HELM_COMMAND > /dev/null);then
echo "Download and install Helm"
tar -xvf ./helm-v${HELMVERSION}-linux-amd64.tar.gz
mv linux-amd64/helm ./
HELM_COMMAND=./helm
- $HELM_COMMAND init -c
fi
+
# Set up ric common template
# Download it/dep common template charts
git clone --single-branch --branch master "https://gerrit.o-ran-sc.org/r/it/dep" ./dep
# Start Helm local repo if there isn't one
-if [ ! -z $(pgrep "$HELM_COMMAND") ]; then
- echo "Stopping existing local Helm server."
- kill -9 "$(pgrep "$HELM_COMMAND")"
+# In Helm3, running local repo requires chartmuseum and helm-servecm plugin
+if ! $($CHARTMUSEUM_COMMAND > /dev/null);then
+ echo "Download and install chartmuseum"
+ wget -nv https://get.helm.sh/chartmuseum-v${CHARTMUSEUM_VERSION}-linux-amd64.tar.gz
+ tar -xvf ./chartmuseum-v${CHARTMUSEUM_VERSION}-linux-amd64.tar.gz
+ mv linux-amd64/chartmuseum ./
+ CHARTMUSEUM_COMMAND=./chartmuseum
+
+ curl https://raw.githubusercontent.com/helm/chartmuseum/main/scripts/get-chartmuseum | bash
+ $HELM_COMMAND plugin install https://github.com/jdolitsky/helm-servecm
fi
-if [ ! -d ./charts ]; then
- mkdir ./charts
+
+if [ ! -z $(pgrep servecm) ]; then
+ echo "Stopping existing local Helm server."
+ kill -9 "$(pgrep servecm)"
fi
+
+echo "Wait for installing servecm plugin"
+timeout=10
+while [ "$timeout" -gt 0 ]; do
+ if $HELM_COMMAND servecm --help | grep "ChartMuseum"; then
+ break
+ fi
+ sleep 1s
+ ((timeout--))
+done
+
+rm -rf ./local-repo
+mkdir ./local-repo
+
echo "Starting local Helm server"
-nohup $HELM_COMMAND serve --repo-path charts >& /dev/null &
+$HELM_COMMAND servecm --port=8879 --storage local --storage-local-rootdir ./local-repo --context-path=/charts &
+
# Package ric-common and serve it using Helm local repo
-$HELM_COMMAND package --save=false -d ./charts "$ROOT_DIR/dep/ric-common/Common-Template/helm/ric-common"
-$HELM_COMMAND package --save=false -d ./charts "$ROOT_DIR/dep/ric-common/Common-Template/helm/aux-common"
-$HELM_COMMAND repo index ./charts
+$HELM_COMMAND package --destination ./local-repo "$ROOT_DIR/dep/ric-common/Common-Template/helm/ric-common"
+$HELM_COMMAND package --destination ./local-repo "$ROOT_DIR/dep/ric-common/Common-Template/helm/aux-common"
+
# Make sure that helm local repo is added
-$HELM_COMMAND repo remove local
-$HELM_COMMAND repo remove stable
+$HELM_COMMAND repo index ./local-repo
$HELM_COMMAND repo add local http://127.0.0.1:8879/charts
+
# Remove it/dep charts
rm -rf ./dep
-apiVersion: v1
-name: influxdb
-version: 4.9.14
-appVersion: 1.8.4
-description: Scalable datastore for metrics, events, and real-time analytics.
-keywords:
- - influxdb
- - database
- - timeseries
- - influxdata
-home: https://www.influxdata.com/time-series-platform/influxdb/
-sources:
- - https://github.com/influxdata/influxdb
+apiVersion: v2
+appVersion: 2.2.0
+description: A Helm chart for InfluxDB v2
+home: https://www.influxdata.com/products/influxdb/
+icon: https://avatars0.githubusercontent.com/u/5713248?s=200&v=4
maintainers:
- - name: rawkode
- email: rawkode@influxdata.com
- - name: gitirabassi
- email: giacomo@influxdata.com
- - name: aisuko
- email: urakiny@gmail.com
- - name: naseemkullah
- email: naseem@transit.app
-engine: gotpl
+- email: rawkode@influxdata.com
+ name: rawkode
+- email: giacomo@influxdata.com
+ name: gitirabassi
+name: influxdb2
+type: application
+version: 2.1.0
+++ /dev/null
-MIT License
-
-Copyright (c) 2020 InfluxData
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+++ /dev/null
-approvers:
-- rawkode
-- gitirabassi
-- aisuko
-- naseemkullah
-reviewers:
-- rawkode
-- gitirabassi
-- aisuko
-- naseemkullah
-# InfluxDB Helm chart
+# InfluxDB v2 Helm chart
-[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series database with no external dependencies. It's useful for recording metrics, events, and performing analytics.
+[InfluxDB](https://github.com/influxdata/influxdb) is an open source time series
+database with no external dependencies. It's useful for recording metrics,
+events, and performing analytics.
-The InfluxDB Helm chart uses the [Helm](https://helm.sh) package manager to bootstrap an InfluxDB StatefulSet and service on a [Kubernetes](http://kubernetes.io) cluster.
-
-> **Note:** ### If you're using the InfluxDB Enterprise Helm chart, check out [InfluxDB Enterprise Helm chart](#influxdb-enterprise-helm-chart).
+The InfluxDB v2 Helm chart uses the [Helm](https://helm.sh) package manager to
+bootstrap an InfluxDB v2 StatefulSet and service on a
+[Kubernetes](http://kubernetes.io) cluster.
## Prerequisites
-- Helm v2 or later
+- Helm v3 or later
- Kubernetes 1.4+
- (Optional) PersistentVolume (PV) provisioner support in the underlying infrastructure
helm repo add influxdata https://helm.influxdata.com/
```
-2. Run the following command, providing a name for your release:
+2. Run the following command, providing a name for your InfluxDB release:
```bash
- helm upgrade --install my-release influxdata/influxdb
+ helm upgrade --install my-release influxdata/influxdb2
```
> **Tip**: `--install` can be shortened to `-i`.
- This command deploys InfluxDB on the Kubernetes cluster using the default configuration. To find parameters you can configure during installation, see [Configure the chart](#configure-the-chart).
+ This command deploys InfluxDB v2 on the Kubernetes cluster using the default configuration.
- > **Tip**: To view all Helm chart releases, run `helm list`.
+ > **Tip**: To view all Helm chart releases, run `helm list`.
## Uninstall the chart
helm uninstall my-release
```
-This command removes all the Kubernetes components associated with the chart and deletes the release.
-
-## Configure the chart
-
-The following table lists configurable parameters, their descriptions, and their default values stored in `values.yaml`.
-
-| Parameter | Description | Default |
-|---|---|---|
-| image.repository | Image repository url | influxdb |
-| image.tag | Image tag | 1.8.0-alpine |
-| image.pullPolicy | Image pull policy | IfNotPresent |
-| image.pullSecrets | It will store the repository's credentials to pull image | nil |
-| serviceAccount.create | It will create service account | true |
-| serviceAccount.name | Service account name | "" |
-| serviceAccount.annotations | Service account annotations | {} |
-| livenessProbe | Health check for pod | {} |
-| readinessProbe | Health check for pod | {} |
-| startupProbe | Health check for pod | {} |
-| service.type | Kubernetes service type | ClusterIP |
-| service.loadBalancerIP | A user-specified IP address for service type LoadBalancer to use as External IP (if supported) | nil |
-| service.externalIPs | A user-specified list of externalIPs to add to the service | nil |
-| service.externalTrafficPolicy | A user specified external traffic policy | nil |
-| persistence.enabled | Boolean to enable and disable persistance | true |
-| persistence.existingClaim | An existing PersistentVolumeClaim, ignored if enterprise.enabled=true | nil |
-| persistence.storageClass | If set to "-", storageClassName: "", which disables dynamic provisioning. If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack | |
-| persistence.annotations | Annotations for volumeClaimTemplates | nil |
-| persistence.accessMode | Access mode for the volume | ReadWriteOnce |
-| persistence.size | Storage size | 8Gi |
-| podAnnotations | Annotations for pod | {} |
-| podLabels | Labels for pod | {} |
-| ingress.enabled | Boolean flag to enable or disable ingress | false |
-| ingress.tls | Boolean to enable or disable tls for ingress. If enabled provide a secret in `ingress.secretName` containing TLS private key and certificate. | false |
-| ingress.secretName | Kubernetes secret containing TLS private key and certificate. It is `only` required if `ingress.tls` is enabled. | nil |
-| ingress.hostname | Hostname for the ingress | influxdb.foobar.com |
-| ingress.annotations | ingress annotations | nil |
-| schedulerName | Use an [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/), e.g. "stork". | nil |
-| nodeSelector | Node labels for pod assignment | {} |
-| affinity | [Affinity](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity) for pod assignment | {|
-| tolerations | [Tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) for pod assignment | [] |
-| securityContext | [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) for pod | {} |
-| env | environment variables for influxdb container | {} |
-| volumes | `volumes` stanza(s) to be used in the main container | nil |
-| mountPoints | `volumeMount` stanza(s) to be used in the main container | nil |
-| extraContainers | Additional containers to be added to the pod | {} |
-| config.reporting_disabled | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#reporting-disabled-false) | false |
-| config.rpc | RPC address for backup and storage | {} |
-| config.meta | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#meta) | {} |
-| config.data | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#data) | {} |
-| config.coordinator | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#coordinator) | {} |
-| config.retention | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#retention) | {} |
-| config.shard_precreation | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#shard-precreation) | {} |
-| config.monitor | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#monitor) | {} |
-| config.http | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#http) | {} |
-| config.logging | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#logging) | {} |
-| config.subscriber | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#subscriber) | {} |
-| config.graphite | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#graphite) | {} |
-| config.collectd | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#collectd) | {} |
-| config.opentsdb | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#opentsdb) | {} |
-| config.udp | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#udp) | {} |
-| config.continous_queries | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#continuous-queries) | {} |
-| config.tls | [Details](https://docs.influxdata.com/influxdb/v1.7/administration/config/#tls) | {} |
-| initScripts.enabled | Boolean flag to enable and disable initscripts. If the container finds any files with the extensions .sh or .iql inside of the /docker-entrypoint-initdb.d folder, it will execute them. The order they are executed in is determined by the shell. This is usually alphabetical order. | false |
-| initScripts.scripts | Init scripts | {} |
-| backup.enabled | Enable backups, if `true` must configure one of the storage providers | `false` |
-| backup.gcs | Google Cloud Storage config | `nil`
-| backup.azure | Azure Blob Storage config | `nil`
-| backup.s3 | Amazon S3 (or compatible) config | `nil`
-| backup.schedule | Schedule to run jobs in cron format | `0 0 * * *` |
-| backup.startingDeadlineSeconds | Deadline in seconds for starting the job if it misses its scheduled time for any reason | `nil` |
-| backup.annotations | Annotations for backup cronjob | {} |
-| backup.podAnnotations | Annotations for backup cronjob pods | {} |
-| backup.persistence.enabled | Boolean to enable and disable persistance | false |
-| backup.persistence.storageClass | If set to "-", storageClassName: "", which disables dynamic provisioning. If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack | |
-| backup.persistence.annotations | Annotations for volumeClaimTemplates | nil |
-| backup.persistence.accessMode | Access mode for the volume | ReadWriteOnce |
-| backup.persistence.size | Storage size | 8Gi |
-| backup.resources | Resources requests and limits for `backup` pods | `ephemeral-storage: 8Gi` |
-
-To configure the chart, do either of the following:
-
-- Specify each parameter using the `--set key=value[,key=value]` argument to `helm upgrade --install`. For example:
-
- ```bash
- helm upgrade --install my-release \
- --set persistence.enabled=true,persistence.size=200Gi \
- influxdata/influxdb
- ```
-
- This command enables persistence and changes the size of the requested data volume to 200GB.
-
-- Provide a YAML file that specifies the parameter values while installing the chart. For example, use the following command:
-
- ```bash
- helm upgrade --install my-release -f values.yaml influxdata/influxdb
- ```
-
- > **Tip**: Use the default [values.yaml](values.yaml).
-
-For information about running InfluxDB in Docker, see the [full image documentation](https://hub.docker.com/_/influxdb/).
-
-### InfluxDB Enterprise Helm chart
-
-[InfluxDB Enterprise](https://www.influxdata.com/products/influxdb-enterprise/) includes features designed for production workloads, including high availability and horizontal scaling. InfluxDB Enterprise requires an InfluxDB Enterprise license.
-
-#### Configure the InfluxDB Enterprise chart
-
-To enable InfluxDB Enterprise, set the following keys and values in a values file provided to Helm.
-
-| Key | Description | Recommended value |
-| --- | --- | --- |
-| `livenessProbe.initalDelaySeconds` | Used to allow enough time to join meta nodes to a cluster | `3600` |
-| `image.tag` | Set to a `data` image. See https://hub.docker.com/_/influxdb for details | `data` |
-| `service.ClusterIP` | Use a headless service for StatefulSets | `"None"` |
-| `env.name[_HOSTNAME]` | Used to provide a unique `name.service` for InfluxDB. See [values.yaml]() for an example | `valueFrom.fieldRef.fieldPath: metadata.name` |
-| `enterprise.enabled` | Create StatefulSets for use with `influx-data` and `influx-meta` images | `true` |
-| `enterprise.licensekey` | License for InfluxDB Enterprise | |
-| `enterprise.clusterSize` | Replicas for `influx` StatefulSet | Dependent on license |
-| `enterprise.meta.image.tag` | Set to an `meta` image. See https://hub.docker.com/_/influxdb for details | `meta` |
-| `enterprise.meta.clusterSize` | Replicas for `influxdb-meta` StatefulSet. | `3` |
-| `enterprise.meta.resources` | Resources requests and limits for meta `influxdb-meta` pods | See `values.yaml` |
-
-#### Join pods to InfluxDB Enterprise cluster
-
-Meta and data pods must be joined using the command `influxd-ctl` found on meta pods.
-We recommend running `influxd-ctl` on one and only one meta pod and joining meta pods together before data pods. For each meta pod, run `influxd-ctl`.
-
-In the following examples, we use the pod names `influxdb-meta-0` and `influxdb-0` and the service name `influxdb`.
-
-For example, using the default settings, your script should look something like this:
-
-```shell script
-kubectl exec influxdb-meta-0 influxd-ctl add-meta influxdb-meta-0.influxdb-meta:8091
-```
-
-From the same meta pod, for each data pod, run `influxd-ctl`. With default settings, your script should look something like this:
-
-```shell script
-kubectl exec influxdb-meta-0 influxd-ctl add-data influxdb-0.influxdb:8088
-```
-
-When using `influxd-ctl`, use the appropriate DNS name for your pods, following the naming scheme of `pod.service`.
+This command removes all Kubernetes components associated with the chart and deletes the release.
## Persistence
-The [InfluxDB](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb` directory in the container.
-
-If persistence is enabled, a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) associated with StatefulSet is provisioned. The volume is created using dynamic volume provisioning. In case of a disruption (for example, a node drain), Kubernetes ensures that the same volume is reattached to the Pod, preventing any data loss. However, when persistence is **not enabled**, InfluxDB data is stored in an empty directory, so if a Pod restarts, data is lost.
-
-## Start with authentication
-
-In `values.yaml`, change `.Values.config.http.auth-enabled` to `true`.
+The [InfluxDB v2](https://hub.docker.com/_/influxdb/) image stores data in the `/var/lib/influxdb2` directory in the container.
-> **Note:** To enforce authentication, InfluxDB requires an admin user to be set up. For details, see [Set up authentication](https://docs.influxdata.com/influxdb/v1.2/query_language/authentication_and_authorization/#set-up-authentication).
+If persistence is enabled, a [Persistent Volume](http://kubernetes.io/docs/user-guide/persistent-volumes/)
+associated with StatefulSet is provisioned. The volume is created using dynamic
+volume provisioning. In case of a disruption (for example, a node drain),
+Kubernetes ensures that the same volume is reattached to the Pod, preventing any
+data loss. However, when persistence is **not enabled**, InfluxDB data is stored
+in an empty directory, so if a Pod restarts, data is lost.
-To handle this set up during startup, enable a job in `values.yaml` by setting `.Values.setDefaultUser.enabled` to `true`.
-
-Make sure to uncomment or configure the job settings after enabling it. If a password is not set, a random password will be generated.
-
-Alternatively, if `.Values.setDefaultUser.user.existingSecret` is set the user and password are obtained from an existing Secret, the expected keys are `influxdb-user` and `influxdb-password`. Use this variable if you need to check in the `values.yaml` in a repository to avoid exposing your secrets.
-
-## Back up and restore
-
-Before proceeding, please read [Backing up and restoring in InfluxDB OSS](https://docs.influxdata.com/influxdb/v1.7/administration/backup_and_restore/). While the chart offers backups by means of the [`backup-cronjob`](./templates/backup-cronjob.yaml), restores do not fall under the chart's scope today but can be achieved by one-off kubernetes jobs.
-
-### Backups
-
-When enabled, the[`backup-cronjob`](./templates/backup-cronjob.yaml) runs on the configured schedule. One can create a job from the backup cronjob on demand as follows:
-
-```sh
-kubectl create job --from=cronjobs/influxdb-backup influx-backup-$(date +%Y%m%d%H%M%S)
-```
-
-#### Backup Storage
-
-The backup process consists of an init-container that writes the backup to a
-local volume, which is by default an `emptyDir`, shared to the runtime container
-which uploads the backup to the configured object store.
-
-In order to avoid filling the node's disk space, it is recommended to set a sufficient
-`ephemeral-storage` request or enable persistence, which allocates a PVC.
+Check out our [Slack channel](https://www.influxdata.com/slack) for support and information.
-Furthermore, if no object store provider is available, one can simply use the
-PVC as the final storage destination when `persistence` is enabled.
+## Fixed Auth Credentials
-### Restores
+If you need to use fixed token and/or password you can set the values
+`adminUser.password` and `adminUser.token` or you can use an existing secret,
+which would be a better approach.
-It is up to the end user to configure their own one-off restore jobs. Below is just an example, which assumes that the backups are stored in GCS and that all dbs in the backup already exist and should be restored. It is to be used as a reference only; configure the init-container and the command and of the `influxdb-restore` container as well as both containers' resources to suit your needs.
+Example Secret:
```yaml
-apiVersion: batch/v1
-kind: Job
+apiVersion: v1
+kind: Secret
metadata:
- generateName: influxdb-restore-
- namespace: monitoring
-spec:
- template:
- spec:
- volumes:
- - name: backup
- emptyDir: {}
- serviceAccountName: influxdb
- initContainers:
- - name: init-gsutil-cp
- image: google/cloud-sdk:alpine
- command:
- - /bin/sh
- args:
- - "-c"
- - |
- gsutil -m cp -r gs://<PATH TO BACKUP FOLDER>/* /backup
- volumeMounts:
- - name: backup
- mountPath: /backup
- resources:
- requests:
- cpu: 1
- memory: 4Gi
- limits:
- cpu: 2
- memory: 8Gi
- containers:
- - name: influxdb-restore
- image: influxdb:1.7-alpine
- volumeMounts:
- - name: backup
- mountPath: /backup
- command:
- - /bin/sh
- args:
- - "-c"
- - |
- #!/bin/sh
- INFLUXDB_HOST=influxdb.monitoring.svc
- for db in $(influx -host $INFLUXDB_HOST -execute 'SHOW DATABASES' | tail -n +5); do
- influxd restore -host $INFLUXDB_HOST:8088 -portable -db "$db" -newdb "$db"_bak /backup
- done
- resources:
- requests:
- cpu: 100m
- memory: 128Mi
- limits:
- cpu: 500m
- memory: 512Mi
- restartPolicy: OnFailure
-```
-
-At which point the data from the new `<db name>_bak` dbs would have to be side loaded into the original dbs.
-Please see [InfluxDB documentation for more restore examples](https://docs.influxdata.com/influxdb/v1.7/administration/backup_and_restore/#restore-examples).
-
-## Mounting Extra Volumes
-
-Extra volumes can be mounted by providing the `volumes` and `mountPoints` keys, consistent
-with the behavior of other charts provided by Influxdata.
-
-```yaml
-volumes:
-- name: ssl-cert-volume
- secret:
- secretName: secret-name
-mountPoints:
-- name: ssl-cert-volume
- mountPath: /etc/ssl/certs/selfsigned/
- readOnly: true
+ name: influxdb-auth
+type: Opaque
+data:
+ admin-password: ...
+ admin-token: ...
```
-## Upgrading
-
-### From < 1.0.0 To >= 1.0.0
-
-Values `.Values.config.bind_address` and `.Values.exposeRpc` no longer exist. They have been replaced with `.Values.config.rpc.bind_address` and `.Values.config.rpc.enabled` respectively. Please adjust your values file accordingly.
+If you do not specify an existing secret, the admin-password and admin-token
+will be automatically generated. They will remain consistent even after
+`helm upgrade`.
-### From < 1.5.0 to >= 2.0.0
+## Influx setup
-The Kubernetes API change to support 1.160 may not be backwards compatible and may require the chart to be uninstalled in order to upgrade. See [this issue](https://github.com/helm/helm/issues/6583) for some background.
+By default this chart uses the docker hub influxdb image which includes an
+entrypoint for automatically setting up InfluxDB. This operation is idempotent
+and will be skipped if a boltdb is found on startup.
-### From < 3.0.0 to >= 3.0.0
+For more information see "Automated Setup" in the [docker image README](https://hub.docker.com/_/influxdb).
-Since version 3.0.0 this chart uses a StatefulSet instead of a Deployment. As part of this update the existing persistent volume (and all data) is deleted and a new one is created. Make sure to backup and restore the data manually.
+For configuration options see `adminUser` in `values.yaml`.
-### From < 4.0.0 to >= 4.0.0
+## Configuration
-Labels are changed in accordance with [Kubernetes recommended labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/\#labels). This change also removes the ability to configure clusterIP value to avoid `Error: UPGRADE FAILED: failed to replace object: Service "my-influxdb" is invalid: spec.clusterIP: Invalid value: "": field is immutable` type errors. For more information on this error and why it's important to avoid this error, please see [this Github issue](https://github.com/helm/helm/issues/6378#issuecomment-582764215).
+Extra environment variables can be passed influxdb using `.Values.env`. For
+example:
-Due to the significance of the changes, we recommend uninstalling and reinstalling the chart (although the PVC shouldn't be deleted during this process, we highly recommended backing up your data beforehand).
-
-Check out our [Slack channel](https://www.influxdata.com/slack) for support and information.
+```yaml
+env:
+ - name: FOO
+ value: BAR
+ - name: BAZ
+ valueFrom:
+ secretKeyRef:
+ name: my-secret
+ key: my-key
+```
--- /dev/null
+# Default values only, no overrides
--- /dev/null
+initScripts:
+ enabled: true
+
+persistence:
+ enabled: false
+++ /dev/null
-#! /usr/bin/env bash
-
-set -e
-
-# This script wants these variable to be set.
-
-## S3_BUCKET <- The name of the bucket where the backups are stored
-## S3_ENDPOINT <- The endpoint of the S3 service
-## AWS_ACCESS_KEY_ID <- Access credentials
-## AWS_SECRET_ACCESS_KEY <- Access credentials
-## DAYS_TO_RETAIN <- The TTL for the backups === number of backups to keep.
-
-# Sanity check to avoid removing all backups.
-[[ "$DAYS_TO_RETAIN" -lt 1 ]] && DAYS_TO_RETAIN=1
-
-function get_records {
- before_date="$1"
-
- aws s3api list-objects \
- --bucket ${S3_BUCKET} \
- --endpoint-url ${S3_ENDPOINT} \
- --query "Contents[?LastModified<='${before_date}'][].{Key: Key}"
-}
-
-function remove_old_backups {
- before_date=$(date --iso-8601=seconds -d "-${DAYS_TO_RETAIN} days")
- now=$(date --iso-8601=seconds)
-
- del_records=$(get_records "${before_date}")
- all_records=$(get_records "${now}")
-
- del_paths=()
- all_paths=()
-
- function _jq {
- echo ${row} | base64 --decode | jq -r ${1}
- }
-
- for row in $(echo "${del_records}" | jq -r '.[] | @base64'); do
- del_paths+=($(_jq '.Key'))
- done
-
- for row in $(echo "${all_records}" | jq -r '.[] | @base64'); do
- all_paths+=($(_jq '.Key'))
- done
-
- # Number of backups left if all old backups are removed.
- left=$((${#all_paths[@]} - ${#del_paths[@]}))
-
- # We ALWAYS keep N backups even if their TTL has expired!
- if (( ${left} < ${DAYS_TO_RETAIN} )); then
- num_to_delete=$((${#all_paths[@]} - ${DAYS_TO_RETAIN}))
- else
- num_to_delete=${#del_paths[@]}
- fi
-
- for path in "${del_paths[@]::${num_to_delete}}"; do
- aws s3 rm "s3://${S3_BUCKET}/${path}" \
- --endpoint-url "${S3_ENDPOINT}"
- done
-}
-
-# Installs jq.
-yum install -y jq
-
-remove_old_backups
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technologies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-
-dependencies:
- - name: ric-common
- version: ^3.1.0
- repository: "@local"
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-InfluxDB can be accessed via port {{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }} on the following DNS name from within your cluster:
+InfluxDB 2 is deployed as a StatefulSet on your cluster.
- http://{{ include "common.fullname.influxdb" . }}.{{ .Release.Namespace }}:{{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }}
+You can access it by using the service name: {{ template "influxdb.fullname" . }}
-You can connect to the remote instance with the influx CLI. To forward the API port to localhost:8086, run the following:
+To retrieve the password for the '{{ .Values.adminUser.user}}' user:
- kubectl port-forward --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ include "common.fullname.influxdb" . }} -o jsonpath='{ .items[0].metadata.name }') 8086:{{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }}
+{{- if .Values.adminUser.existingSecret }}
-You can also connect to the influx CLI from inside the container. To open a shell session in the InfluxDB pod, run the following:
-
- kubectl exec -i -t --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ include "common.fullname.influxdb" . }} -o jsonpath='{.items[0].metadata.name}') /bin/sh
-
-To view the logs for the InfluxDB pod, run the following:
-
- kubectl logs -f --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ include "common.fullname.influxdb" . }} -o jsonpath='{ .items[0].metadata.name }')
-
-{{- if .Values.setDefaultUser.enabled }}
-
-To retrieve the default user name:
-
-{{- if .Values.setDefaultUser.user.existingSecret }}
-
- echo $(kubectl get secret {{ .Values.setDefaultUser.user.existingSecret }} -o "jsonpath={.data['influxdb-user']}" --namespace {{ .Release.Namespace }} | base64 --decode)
+ echo $(kubectl get secret {{ .Values.adminUser.existingSecret }} -o "jsonpath={.data['admin-password']}" --namespace {{ .Release.Namespace }} | base64 --decode)
{{- else }}
- echo $(kubectl get secret {{ include "common.fullname.influxdb" . }}-auth -o "jsonpath={.data['influxdb-user']}" --namespace {{ .Release.Namespace }} | base64 --decode)
+ echo $(kubectl get secret {{ include "influxdb.fullname" . }}-auth -o "jsonpath={.data['admin-password']}" --namespace {{ .Release.Namespace }} | base64 --decode)
{{- end }}
-To retrieve the default user password:
-
-{{- if .Values.setDefaultUser.user.existingSecret }}
-
- echo $(kubectl get secret {{ .Values.setDefaultUser.user.existingSecret }} -o "jsonpath={.data['influxdb-password']}" --namespace {{ .Release.Namespace }} | base64 --decode)
-
-{{- else }}
-
- echo $(kubectl get secret {{ include "common.fullname.influxdb" . }}-auth -o "jsonpath={.data['influxdb-password']}" --namespace {{ .Release.Namespace }} | base64 --decode)
-
-{{- end }}
-{{- end }}
+Note: with enabled persistence, admin password is only set once during the initial deployment. The password is not changed when InfluxDB 2 is re-deployed with different password.
--- /dev/null
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "influxdb.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "influxdb.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "influxdb.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "influxdb.labels" -}}
+app.kubernetes.io/name: {{ include "influxdb.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+helm.sh/chart: {{ include "influxdb.chart" . }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "influxdb.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "influxdb.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "influxdb.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+ {{ default (include "influxdb.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+ {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{- if .Values.backup.enabled }}
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-backup
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- app.kubernetes.io/component: backup
- annotations:
- {{- toYaml .Values.backup.annotations | nindent 4 }}
-spec:
- schedule: {{ .Values.backup.schedule | quote }}
- startingDeadlineSeconds: {{ .Values.backup.startingDeadlineSeconds }}
- concurrencyPolicy: Forbid
- jobTemplate:
- spec:
- template:
- metadata:
- {{- if .Values.backup.podAnnotations }}
- annotations:
- {{ toYaml .Values.backup.podAnnotations | nindent 12 }}
- {{- end }}
- labels:
- {{- include "common.influxdb.selectorLabels" . | nindent 12 }}
- spec:
- restartPolicy: OnFailure
- volumes:
- - name: backup
- {{- if .Values.backup.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ include "common.fullname.influxdb" . }}-backup
- {{- else }}
- emptyDir: {}
- {{- end }}
- {{- if .Values.backup.gcs }}
- {{- if .Values.backup.gcs.serviceAccountSecret }}
- - name: google-cloud-key
- secret:
- secretName: {{ .Values.backup.gcs.serviceAccountSecret | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.backup.s3 }}
- {{- if .Values.backup.s3.credentialsSecret }}
- - name: aws-credentials-secret
- secret:
- secretName: {{ .Values.backup.s3.credentialsSecret | quote }}
- {{- end }}
- {{- end }}
- serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }}
- initContainers:
- - name: influxdb-backup
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- volumeMounts:
- - name: backup
- mountPath: /backup
- command:
- - /bin/sh
- args:
- - '-c'
- - |
- influxd backup \
- -host {{ include "common.fullname.influxdb" . }}.{{ .Release.Namespace }}.svc:{{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }} \
- -portable /backup/"$(date +%Y%m%d%H%M%S)"
- resources:
- {{- toYaml .Values.backup.resources | nindent 14 }}
- containers:
- {{- if .Values.backup.gcs }}
- - name: gsutil-cp
- image: google/cloud-sdk:alpine
- command:
- - /bin/sh
- args:
- - '-c'
- - '-e'
- - |
- if [ -n "$KEY_FILE" ]; then
- gcloud auth activate-service-account --key-file $KEY_FILE
- fi
- gsutil -m cp -r /backup/* "$DST_URL"
- rm -rf /backup/*
- volumeMounts:
- - name: backup
- mountPath: /backup
- {{- if .Values.backup.gcs.serviceAccountSecretKey}}
- - name: google-cloud-key
- mountPath: /var/secrets/google/
- {{- end }}
- env:
- - name: DST_URL
- value: {{ .Values.backup.gcs.destination}}
- {{- if .Values.backup.gcs.serviceAccountSecretKey}}
- - name: KEY_FILE
- value: /var/secrets/google/{{ .Values.backup.gcs.serviceAccountSecretKey }}
- {{- end }}
- resources:
- {{- toYaml .Values.backup.resources | nindent 14 }}
- {{- end }}
- {{- if .Values.backup.azure }}
- - name: azure-cli
- image: microsoft/azure-cli
- command:
- - /bin/sh
- args:
- - '-c'
- - '-e'
- - |
- az storage container create --name "$DST_CONTAINER"
- az storage blob upload-batch --destination "$DST_CONTAINER" --destination-path "$DST_PATH" --source "$SRC_URL"
- rm -rf /backup/*
- volumeMounts:
- - name: backup
- mountPath: /backup
- env:
- - name: SRC_URL
- value: /backup
- - name: DST_CONTAINER
- value: {{ .Values.backup.azure.destination_container }}
- - name: DST_PATH
- value: {{ .Values.backup.azure.destination_path }}
- - name: AZURE_STORAGE_CONNECTION_STRING
- valueFrom:
- secretKeyRef:
- name: {{ .Values.backup.azure.storageAccountSecret }}
- key: connection-string
- resources:
- {{- toYaml .Values.backup.resources | nindent 14 }}
- {{- end }}
- {{- if .Values.backup.s3 }}
- - name: aws-cli
- image: amazon/aws-cli
- command:
- - /bin/sh
- args:
- - '-c'
- - '-e'
- - |
- aws {{- if .Values.backup.s3.endpointUrl }} --endpoint-url={{ .Values.backup.s3.endpointUrl }} {{- end }} s3 cp --recursive "$SRC_URL" "$DST_URL"
- rm -rf /backup/*
- volumeMounts:
- - name: backup
- mountPath: /backup
- {{- if .Values.backup.s3.credentialsSecret}}
- - name: aws-credentials-secret
- mountPath: /var/secrets/aws/
- {{- end }}
- env:
- - name: AWS_CONFIG_FILE
- value: /var/secrets/aws/credentials
- - name: SRC_URL
- value: /backup
- - name: DST_URL
- value: {{ .Values.backup.s3.destination }}
- resources:
- {{- toYaml .Values.backup.resources | nindent 14 }}
- {{- end }}
-{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{- if and .Values.backup.enabled .Values.backup.persistence.enabled }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-backup
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
-spec:
- accessModes:
- - {{ .Values.backup.persistence.accessMode | quote }}
- resources:
- requests:
- storage: {{ .Values.backup.persistence.size | quote }}
-{{- if .Values.backup.persistence.storageClass }}
-{{- if (eq "-" .Values.backup.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.backup.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{- if .Values.backupRetention.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-backup-retention
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
-data:
- backup-retention.sh: |-
- {{- .Files.Get "files/backup-retention-script.sh" | nindent 4 }}
-{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{- if .Values.backupRetention.enabled }}
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-backup-retention
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- app.kubernetes.io/component: backup-retention
- annotations:
- {{- toYaml .Values.backupRetention.annotations | nindent 4 }}
-spec:
- schedule: {{ .Values.backupRetention.schedule | quote }}
- startingDeadlineSeconds: {{ .Values.backupRetention.startingDeadlineSeconds }}
- concurrencyPolicy: Forbid
- jobTemplate:
- spec:
- template:
- metadata:
- {{- if .Values.backupRetention.podAnnotations }}
- annotations:
- {{ toYaml .Values.backupRetention.podAnnotations | nindent 12 }}
- {{- end }}
- labels:
- {{- include "common.influxdb.selectorLabels" . | nindent 12 }}
- spec:
- restartPolicy: OnFailure
- volumes:
- - name: scripts
- configMap:
- name: {{ include "common.fullname.influxdb" . }}-backup-retention
- {{- if .Values.backupRetention.gcs }}
- {{- if .Values.backupRetention.gcs.serviceAccountSecret }}
- - name: google-cloud-key
- secret:
- secretName: {{ .Values.backupRetention.gcs.serviceAccountSecret | quote }}
- {{- end }}
- {{- end }}
- {{- if .Values.backupRetention.s3 }}
- {{- if .Values.backupRetention.s3.credentialsSecret }}
- - name: aws-credentials-secret
- secret:
- secretName: {{ .Values.backupRetention.s3.credentialsSecret | quote }}
- {{- end }}
- {{- end }}
- serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }}
- containers:
- {{- if .Values.backupRetention.gcs }}
- {{- end }}
- {{- if .Values.backupRetention.azure }}
- {{- end }}
- {{- if .Values.backupRetention.s3 }}
- - name: aws-cli
- image: amazon/aws-cli
- command: ['/bin/bash']
- args: ['/scripts/backup-retention.sh']
- volumeMounts:
- - name: scripts
- mountPath: /scripts
- {{- if .Values.backupRetention.s3.credentialsSecret}}
- - name: aws-credentials-secret
- mountPath: /var/secrets/aws/
- {{- end }}
- env:
- - name: AWS_CONFIG_FILE
- value: /var/secrets/aws/credentials
- - name: DAYS_TO_RETAIN
- value: {{ .Values.backupRetention.daysToRetain | quote }}
- - name: S3_BUCKET
- value: {{ .Values.backupRetention.s3.bucketName }}
- - name: S3_ENDPOINT
- value: {{ .Values.backupRetention.s3.endpointUrl }}
- resources:
- {{- toYaml .Values.backupRetention.resources | nindent 14 }}
- {{- end }}
-{{- end }}
+++ /dev/null
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname.influxdb" . }}
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
-data:
- influxdb.conf: |+
- reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
- bind-address = ":{{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }}"
-
- [meta]
- dir = "/var/lib/influxdb/meta"
- {{- range $key, $value := index .Values.config.meta }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- {{- if .Values.enterprise.enabled }}
- internal-shared-secret = "{{ sha256sum .Values.enterprise.meta.seed }}"
- meta-auth-enabled = {{ .Values.config.meta.authEnabled }}
- {{- end }}
-
- [data]
- dir = "/var/lib/influxdb/data"
- wal-dir = "/var/lib/influxdb/wal"
- {{- range $key, $value := index .Values.config.data }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [coordinator]
- {{- range $key, $value := index .Values.config.coordinator }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [retention]
- {{- range $key, $value := index .Values.config.retention }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [shard-precreation]
- {{- range $key, $value := index .Values.config.shard_precreation }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [monitor]
- {{- range $key, $value := index .Values.config.monitor }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [subscriber]
- {{- range $key, $value := index .Values.config.subscriber }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [http]
- {{- range $key, $value := index .Values.config.http }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- # TODO: allow multiple graphite listeners
-
- [[graphite]]
- {{- range $key, $value := index .Values.config.graphite }}
- {{- if ne $key "templates"}}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
- {{- end }}
- {{- if .Values.config.graphite.templates }}
- templates = [
- {{- range .Values.config.graphite.templates }}
- {{ quote . }},
- {{- end }}
- ]
- {{- end }}
-
- # TODO: allow multiple collectd listeners with templates
-
- [[collectd]]
- {{- range $key, $value := index .Values.config.collectd }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- # TODO: allow multiple opentsdb listeners with templates
-
- [[opentsdb]]
- {{- range $key, $value := index .Values.config.opentsdb }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- # TODO: allow multiple udp listeners with templates
-
- [[udp]]
- {{- range $key, $value := index .Values.config.udp }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [continuous_queries]
- {{- range $key, $value := index .Values.config.continuous_queries }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- [logging]
- {{- range $key, $value := index .Values.config.logging }}
- {{- $tp := typeOf $value }}
- {{- if eq $tp "string" }}
- {{ $key }} = {{ $value | quote }}
- {{- else }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- end }}
-
- {{ if .Values.enterprise.enabled -}}
- [enterprise]
- license-key = {{ .Values.enterprise.licensekey | quote }}
-
- [hinted-handoff]
- enabled = true
- dir = "/var/lib/influxdb/hh"
- {{- end }}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
{{- if .Values.ingress.enabled -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+apiVersion: networking.k8s.io/v1
+{{- else }}
apiVersion: networking.k8s.io/v1beta1
+{{- end }}
kind: Ingress
metadata:
- name: {{ include "common.fullname.influxdb" . }}
+ name: {{ include "influxdb.fullname" . }}
labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
+ {{- include "influxdb.labels" . | nindent 4 }}
annotations:
{{ toYaml .Values.ingress.annotations | indent 4 }}
spec:
tls:
- hosts:
- {{ .Values.ingress.hostname | quote }}
+ {{- if .Values.ingress.secretName }}
secretName: {{ .Values.ingress.secretName }}
+ {{- end -}}
{{- end }}
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
http:
paths:
- path: {{ .Values.ingress.path }}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+ pathType: Prefix
+{{- end }}
backend:
- serviceName: {{ include "common.fullname.influxdb" . }}
- servicePort: {{ include "common.serviceport.influxdb.http" .}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
+ service:
+ name: {{ include "influxdb.fullname" . }}
+ port:
+ name: {{ .Values.service.portName }}
+{{- else }}
+ serviceName: {{ include "influxdb.fullname" . }}
+ servicePort: {{ .Values.service.portName }}
+{{- end }}
{{- end -}}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
{{- if .Values.initScripts.enabled -}}
apiVersion: v1
kind: ConfigMap
metadata:
- name: {{ include "common.fullname.influxdb" . }}-init
+ name: {{ include "influxdb.fullname" . }}-init
labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
+ {{- include "influxdb.labels" . | nindent 4 }}
data:
{{ toYaml .Values.initScripts.scripts | indent 2 }}
{{- end -}}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{ if .Values.enterprise.enabled -}}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-meta
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- app.kubernetes.io/component: meta
-data:
- influxdb-meta.conf: |+
- reporting-disabled = {{ .Values.config.reporting_disabled | default false }}
- bind-address = ":{{ include "common.serviceport.influxdb.meta.bind_address" . | default 8091 }}"
-
- [enterprise]
- license-key = {{ .Values.enterprise.licensekey | quote }}
-
- [meta]
- dir = "/var/lib/influxdb/meta"
- {{- range $key, $value := index .Values.config.meta }}
- {{ $key }} = {{ $value }}
- {{- end }}
- {{- if .Values.enterprise.enabled }}
- meta-auth-enabled = {{ .Values.config.meta.authEnabled }}
- {{- end }}
-
- [logging]
- {{- range $key, $value := index .Values.config.logging }}
- {{ $key }} = {{ $value }}
- {{- end }}
-
- [tls]
- {{- range $key, $value := index .Values.config.tls }}
- {{ $key }} = {{ $value }}
- {{- end }}
-{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{ if .Values.enterprise.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
-{{- if .Values.service.annotations }}
- annotations:
-{{ toYaml .Values.service.annotations | indent 4 }}
-{{- end }}
- name: {{ include "common.fullname.influxdb" . }}-meta
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- app.kubernets.io/component: meta
-spec:
- type: ClusterIP
- clusterIP: None
- # publishNotReadyAddresses is used for service discovery of meta and data nodes by querying the service's SRV record.
- publishNotReadyAddresses: true
- ports:
- - name: meta
- port: {{ include "common.serviceport.influxdb.meta.bind_address" . | default 8091 }}
- targetPort: meta
- selector:
- {{- include "common.influxdb.selectorLabels" . | nindent 4 }}
- app.kubernets.io/component: meta
-{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{- if .Values.enterprise.enabled }}
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-meta
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- app.kubernetes.io/component: meta
-spec:
- replicas: {{ .Values.enterprise.meta.clusterSize }}
- selector:
- matchLabels:
- {{- include "common.influxdb.selectorLabels" . | nindent 6 }}
- app.kubernetes.io/component: meta
- serviceName: "{{ include "common.fullname.influxdb" . }}-meta"
- template:
- metadata:
- labels:
- {{- include "common.influxdb.selectorLabels" . | nindent 8 }}
- app.kubernetes.io/component: meta
- {{- if .Values.podAnnotations }}
- annotations:
-{{ toYaml .Values.podAnnotations | indent 8 }}
- {{- end }}
- spec:
- {{- if .Values.image.pullSecrets }}
- imagePullSecrets:
- {{- range .Values.image.pullSecrets }}
- - name: {{ . }}
- {{- end}}
- {{- end }}
- serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }}
- containers:
- - name: "{{ include "common.fullname.influxdb" . }}-meta"
- image: "{{ .Values.image.repository }}:{{ .Values.enterprise.meta.image.tag }}"
- imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
- resources:
-{{ toYaml .Values.enterprise.meta.resources | indent 10 }}
- ports:
- - name: udp
- containerPort: {{ include "common.serviceport.influxdb.udp.bind_address" . | default 8089 }}
- - name: rpc
- containerPort: {{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }}
- - name: meta
- containerPort: {{ include "common.serviceport.influxdb.meta.bind_address" . | default 8091 }}
- {{- if .Values.env }}
- env:
-{{ toYaml .Values.env | indent 10 }}
- # Values.env's HOSTNAME isn't fundamentally different from $HOSTNAME, but this way we get a distinguished name for InfluxDB at runtime.
- - name: INFLUXDB_HOSTNAME
- value: "$(_HOSTNAME).{{ include "common.fullname.influxdb" . }}-meta"
- {{- end }}
- livenessProbe:
- httpGet:
- path: {{ .Values.livenessProbe.path | default "/ping" }}
- port: meta
- initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds | default 30 }}
- timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds | default 5 }}
- readinessProbe:
- httpGet:
- path: {{ .Values.readinessProbe.path | default "/ping" }}
- port: meta
- initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds | default 5 }}
- timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds | default 1 }}
- {{- if .Values.startupProbe.enabled }}
- startupProbe:
- httpGet:
- path: {{ .Values.startupProbe.path | default "/ping" }}
- port: meta
- failureThreshold: {{ .Values.startupProbe.failureThreshold | default 6 }}
- periodSeconds: {{ .Values.startupProbe.periodSeconds | default 5 }}
- {{- end }}
- volumeMounts:
- - name: {{ include "common.fullname.influxdb" . }}-meta
- mountPath: /var/lib/influxdb
- - name: config
- mountPath: /etc/influxdb
- {{- if .Values.initScripts.enabled }}
- - name: init
- mountPath: /docker-entrypoint-initdb.d
- {{- end }}
- volumes:
- - name: config
- configMap:
- name: {{ include "common.fullname.influxdb" . }}-meta
- {{- if .Values.initScripts.enabled }}
- - name: init
- configMap:
- name: {{ include "common.fullname.influxdb" . }}-init
- {{- end }}
- {{- if (not .Values.persistence.enabled ) }}
- - name: {{ include "common.fullname.influxdb" . }}-meta
- emptyDir: {}
- {{- end }}
- {{- if .Values.schedulerName }}
- schedulerName: "{{ .Values.schedulerName }}"
- {{- end }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- {{- if .Values.tolerations }}
- tolerations:
-{{ toYaml .Values.tolerations | indent 8 }}
- {{- end }}
- {{- if .Values.persistence.enabled }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname.influxdb" . }}-meta
- annotations:
- {{- range $key, $value := .Values.persistence.annotations }}
- {{ $key }}: "{{ $value }}"
- {{- end }}
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote}}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- {{- if .Values.persistence.storageClass }}
- {{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
- {{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
- {{- end }}
- {{- end }}
- {{- end }}
-{{- end }}
--- /dev/null
+{{- if .Values.pdb.create }}
+{{- if .Capabilities.APIVersions.Has "policy/v1" }}
+apiVersion: policy/v1
+{{- else }}
+apiVersion: policy/v1beta1
+{{- end }}
+kind: PodDisruptionBudget
+metadata:
+ name: {{ template "influxdb.fullname" . }}
+ labels:
+ {{- include "influxdb.labels" . | nindent 4 }}
+spec:
+ {{- if .Values.pdb.minAvailable }}
+ minAvailable: {{ .Values.pdb.minAvailable }}
+ {{- end }}
+ {{- if .Values.pdb.maxUnavailable }}
+ maxUnavailable: {{ .Values.pdb.maxUnavailable }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "influxdb.selectorLabels" . | nindent 6 }}
+ {{- end }}
--- /dev/null
+{{- if and (.Values.persistence.enabled) (not .Values.persistence.useExisting) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: "{{- if not (empty .Values.persistence.name) }}{{ .Values.persistence.name }}{{- else }}{{ template "influxdb.fullname" . }}{{- end }}"
+ labels:
+ {{- include "influxdb.labels" . | nindent 4 }}
+ annotations:
+ helm.sh/resource-policy: "keep"
+spec:
+ accessModes:
+ - {{ .Values.persistence.accessMode | quote }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+ storageClassName: ""
+{{- else }}
+ storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end }}
+++ /dev/null
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{ if .Values.setDefaultUser.enabled -}}
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: {{ include "common.fullname.influxdb" . }}-set-auth
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": post-install
- "helm.sh/hook-delete-policy": {{ .Values.setDefaultUser.hookDeletePolicy }}
-spec:
- activeDeadlineSeconds: {{ .Values.setDefaultUser.activeDeadlineSeconds }}
- backoffLimit: {{ .Values.setDefaultUser.backoffLimit }}
- template:
- metadata:
- labels:
- {{- include "common.influxdb.selectorLabels" . | nindent 8 }}
- spec:
- containers:
- - name: {{ include "common.fullname.influxdb" . }}-set-auth
- image: "{{ .Values.setDefaultUser.image }}"
- env:
- - name: INFLUXDB_USER
- valueFrom:
- secretKeyRef:
- {{- if .Values.setDefaultUser.user.existingSecret }}
- name: {{ .Values.setDefaultUser.user.existingSecret -}}
- {{ else }}
- name: {{ include "common.fullname.influxdb" . }}-auth
- {{- end }}
- key: influxdb-user
- - name: INFLUXDB_PASSWORD
- valueFrom:
- secretKeyRef:
- {{- if .Values.setDefaultUser.user.existingSecret }}
- name: {{ .Values.setDefaultUser.user.existingSecret -}}
- {{ else }}
- name: {{ include "common.fullname.influxdb" . }}-auth
- {{- end }}
- key: influxdb-password
- args:
- - "/bin/sh"
- - "-c"
- - |
- curl -X POST http://{{ include "common.fullname.influxdb" . }}:{{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }}/query \
- --data-urlencode \
- "q=CREATE USER \"${INFLUXDB_USER}\" WITH PASSWORD '${INFLUXDB_PASSWORD}' {{ .Values.setDefaultUser.user.privileges }}"
- restartPolicy: {{ .Values.setDefaultUser.restartPolicy }}
-{{- end -}}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
-{{ if .Values.setDefaultUser.enabled -}}
-{{ if not (.Values.setDefaultUser.user.existingSecret) -}}
+{{- if not (.Values.adminUser.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
- name: {{ include "common.fullname.influxdb" . }}-auth
labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
+ {{- include "influxdb.labels" . | nindent 4 }}
+ {{- $name := printf "%s-auth" (include "influxdb.fullname" .) }}
+ name: {{ $name }}
data:
- {{- if .Values.setDefaultUser.user.password }}
- influxdb-password: {{ .Values.setDefaultUser.user.password | b64enc | quote }}
+ {{- $previous := lookup "v1" "Secret" .Release.Namespace $name }}
+
+ {{- if $previous }}
+ admin-token: {{ index $previous.data "admin-token" }}
+ {{- else if .Values.adminUser.token }}
+ admin-token: {{ .Values.adminUser.token | b64enc | quote }}
{{- else }}
- influxdb-password: {{ randAlphaNum 10 | b64enc | quote }}
+ admin-token: {{ randAlphaNum 32 | b64enc | quote }}
+ {{- end }}
+
+ {{- if $previous }}
+ admin-password: {{ index $previous.data "admin-password" }}
+ {{- else if .Values.adminUser.password }}
+ admin-password: {{ .Values.adminUser.password | b64enc | quote }}
+ {{- else }}
+ admin-password: {{ randAlphaNum 32 | b64enc | quote }}
{{- end }}
- influxdb-user: {{ .Values.setDefaultUser.user.username | b64enc | quote }}
-{{- end -}}
{{- end -}}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
apiVersion: v1
kind: Service
metadata:
-{{- if .Values.service.annotations }}
+ name: {{ template "influxdb.fullname" . }}
+ labels: {{- include "influxdb.labels" . | nindent 4 }}
+{{- with .Values.service.annotations }}
annotations:
-{{ toYaml .Values.service.annotations | indent 4 }}
+{{ toYaml . | indent 4 }}
{{- end }}
- name: {{ include "common.fullname.influxdb" . }}
- labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
spec:
+{{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
+ type: ClusterIP
+ {{- if .Values.service.clusterIP }}
+ clusterIP: {{ .Values.service.clusterIP }}
+ {{end}}
+{{- else if eq .Values.service.type "LoadBalancer" }}
type: {{ .Values.service.type }}
- ports:
- - name: api
- port: {{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }}
- targetPort: api
- - name: rpc
- port: {{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }}
- targetPort: rpc
- {{- if .Values.config.graphite.enabled }}
- - name: graphite
- port: {{ include "common.serviceport.influxdb.graphite.bind_address" . | default 2003 }}
- targetPort: graphite
- {{- end }}
- {{- if .Values.config.collectd.enabled }}
- - name: collectd
- port: {{ include "common.serviceport.influxdb.collectd.bind_address" . | default 25826 }}
- protocol: UDP
- targetPort: collectd
- {{- end }}
- {{- if .Values.config.udp.enabled }}
- - name: udp
- port: {{ include "common.serviceport.influxdb.udp.bind_address" . | default 8089 }}
- protocol: UDP
- targetPort: udp
- {{- end }}
- {{- if .Values.config.opentsdb.enabled }}
- - name: opentsdb
- port: {{ include "common.serviceport.influxdb.opentsdb.bind_address" . | default 4242 }}
- targetPort: opentsdb
- {{- end }}
- selector:
- {{- include "common.influxdb.selectorLabels" . | nindent 4 }}
-{{- if .Values.service.loadBalancerIP }}
+ {{- if .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
+ {{- end }}
+ {{- if .Values.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }}
+ {{- end -}}
+{{- else }}
+ type: {{ .Values.service.type }}
{{- end }}
-{{- if .Values.service.externalIPs }}
- externalIPs:
-{{ toYaml .Values.service.externalIPs | indent 4 }}
-{{- end }}
-{{- if .Values.service.externalTrafficPolicy }}
- externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }}
+ ports:
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.port }}
+ protocol: TCP
+ targetPort: {{ .Values.service.targetPort }}
+{{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+ nodePort: {{ .Values.service.nodePort }}
{{- end }}
+ {{- if .Values.extraExposePorts }}
+ {{- tpl (toYaml .Values.extraExposePorts) . | indent 4 }}
+ {{- end }}
+ selector:
+ {{- include "influxdb.selectorLabels" . | nindent 4 }}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
----
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
- name: {{ include "common.influxdb.serviceAccountName" . }}
+ name: {{ include "influxdb.serviceAccountName" . }}
labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
+ {{- include "influxdb.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
- {{- end }}
+ {{- end }}
{{- end -}}
-################################################################################
-# Copyright (c) 2021 HCL Technolgies Limited. #
-# #
-# Licensed under the Apache License, Version 2.0 (the "License"); #
-# you may not use this file except in compliance with the License. #
-# You may obtain a copy of the License at #
-# #
-# http://www.apache.org/licenses/LICENSE-2.0 #
-# #
-# Unless required by applicable law or agreed to in writing, software #
-# distributed under the License is distributed on an "AS IS" BASIS, #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
-# See the License for the specific language governing permissions and #
-# limitations under the License. #
-################################################################################
apiVersion: apps/v1
kind: StatefulSet
metadata:
- name: {{ include "common.fullname.influxdb" . }}-meta
+ name: {{ template "influxdb.fullname" . }}
labels:
- {{- include "common.influxdb.labels" . | nindent 4 }}
+ {{- include "influxdb.labels" . | nindent 4 }}
spec:
- {{- if .Values.enterprise.enabled }}
- replicas: {{ .Values.enterprise.clusterSize }}
- {{ else }}
replicas: 1
- {{- end}}
selector:
matchLabels:
- {{- include "common.influxdb.selectorLabels" . | nindent 6 }}
- serviceName: {{ include "common.fullname.influxdb" . }}-meta
+ {{- include "influxdb.selectorLabels" . | nindent 6 }}
+ serviceName: "{{ include "influxdb.fullname" . }}"
template:
metadata:
labels:
- {{- include "common.influxdb.selectorLabels" . | nindent 8 }}
+ {{- include "influxdb.selectorLabels" . | nindent 8 }}
+ {{- if .Values.podLabels }}
+{{ toYaml .Values.podLabels | indent 8 }}
+ {{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
- {{- if .Values.schedulerName }}
- schedulerName: "{{ .Values.schedulerName }}"
- {{- end }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 8 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 8 }}
- {{- end }}
- {{- if .Values.tolerations }}
- tolerations:
-{{ toYaml .Values.tolerations | indent 8 }}
- {{- end }}
- {{- if .Values.securityContext }}
- securityContext:
-{{ toYaml .Values.securityContext | indent 8 }}
- {{- end }}
- {{- if .Values.image.pullSecrets }}
- imagePullSecrets:
- {{- range .Values.image.pullSecrets }}
- - name: {{ . }}
- {{- end}}
- {{- end }}
- serviceAccountName: {{ include "common.influxdb.serviceAccountName" . }}
- containers:
- - name: {{ include "common.fullname.influxdb" . }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
- imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
- resources:
-{{ toYaml .Values.resources | indent 10 }}
- ports:
- - name: api
- containerPort: {{ include "common.serviceport.influxdb.http.bind_address" . | default 8086 }}
- {{- if .Values.config.graphite.enabled }}
- - name: graphite
- containerPort: {{ include "common.serviceport.influxdb.graphite.bind_address" . | default 2003 }}
- {{- end }}
- {{- if .Values.config.collectd.enabled }}
- - name: collectd
- containerPort: {{ include "common.serviceport.influxdb.collectd.bind_address" . | default 25826 }}
- protocol: UDP
- {{- end }}
- {{- if .Values.config.udp.enabled }}
- - name: udp
- containerPort: {{ include "common.serviceport.influxdb.udp.bind_address" . | default 8089 }}
- protocol: UDP
- {{- end }}
- {{- if .Values.config.opentsdb.enabled }}
- - name: opentsdb
- containerPort: {{ include "common.serviceport.influxdb.opentsdb.bind_address" . | default 4242 }}
- {{- end }}
- - name: rpc
- containerPort: {{ include "common.serviceport.influxdb.rpc.bind_address" . | default 8088 }}
- {{- if .Values.enterprise.enabled }}
- - name: meta
- containerPort: {{ include "common.serviceport.influxdb.meta.bind_address" . | default 8091 }}
- {{- end }}
- {{- if .Values.env }}
- env:
-{{ toYaml .Values.env | indent 10 }}
- {{- if .Values.enterprise.enabled }}
- - name: INFLUXDB_HOSTNAME # Values.env's HOSTNAME isn't fundamentally different from $HOSTNAME, but this way weg get a distinguished name at runtime.
- value: "$(_HOSTNAME).{{ include "common.fullname.influxdb" . }}"
- {{- end }}
- {{- end }}
- {{- if .Values.envFromSecret }}
- envFrom:
- - secretRef:
- name: {{ .Values.envFromSecret }}
- {{- end }}
- livenessProbe:
- httpGet:
- path: {{ .Values.livenessProbe.path | default "/ping" }}
- port: api
- scheme: {{ .Values.livenessProbe.scheme | default "HTTP" }}
- initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds | default 30 }}
- timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds | default 5 }}
- readinessProbe:
- httpGet:
- path: {{ .Values.readinessProbe.path | default "/ping" }}
- port: api
- scheme: {{ .Values.readinessProbe.scheme | default "HTTP" }}
- initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds | default 5 }}
- timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds | default 1 }}
- {{- if .Values.startupProbe.enabled }}
- startupProbe:
- httpGet:
- path: {{ .Values.startupProbe.path | default "/ping" }}
- port: api
- scheme: {{ .Values.startupProbe.scheme | default "HTTP" }}
- failureThreshold: {{ .Values.startupProbe.failureThreshold | default 6 }}
- periodSeconds: {{ .Values.startupProbe.periodSeconds | default 5 }}
+ volumes:
+ - name: data
+ {{- if .Values.persistence.enabled }}
+ {{- if not (empty .Values.persistence.name) }}
+ persistentVolumeClaim:
+ claimName: {{ .Values.persistence.name }}
+ {{- else }}
+ persistentVolumeClaim:
+ claimName: {{ template "influxdb.fullname" . }}
+ {{- end }}
+ {{- else }}
+ emptyDir: {}
{{- end }}
- volumeMounts:
- - name: {{ include "common.fullname.influxdb" . }}-data
- mountPath: /var/lib/influxdb
- - name: config
- mountPath: /etc/influxdb
{{- if .Values.initScripts.enabled }}
- name: init
- mountPath: /docker-entrypoint-initdb.d
+ configMap:
+ name: {{ include "influxdb.fullname" . }}-init
+ defaultMode: 0744
{{- end }}
- {{- if .Values.mountPoints }}
-{{ toYaml .Values.mountPoints | indent 8 }}
+ {{- if .Values.volumes }}
+ {{- toYaml .Values.volumes | nindent 8 }}
{{- end }}
- {{- if .Values.extraContainers }}
-{{ toYaml .Values.extraContainers | indent 6}}
- {{- end }}
- volumes:
- - name: config
- configMap:
- name: {{ include "common.fullname.influxdb" . }}
- {{- if .Values.initScripts.enabled }}
- - name: init
- configMap:
- name: {{ include "common.fullname.influxdb" . }}-init
- {{- end }}
- {{- if (not .Values.persistence.enabled ) }}
- - name: {{ include "common.fullname.influxdb" . }}-data
- emptyDir: {}
- {{- end }}
- # Cannot use existing claim in enterprise mode
- {{- if and .Values.persistence.enabled .Values.persistence.existingClaim (not .Values.enterprise.enabled) }}
- - name: {{ include "common.fullname.influxdb" . }}-data
- persistentVolumeClaim:
- claimName: {{ .Values.persistence.existingClaim }}
+ serviceAccountName: {{ include "influxdb.serviceAccountName" . }}
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ - name: {{ .Values.service.portName }}
+ containerPort: 8086
+ protocol: TCP
+ env:
+ # Automated setup will not run if an existing boltdb file is found at the configured path.
+ # This behavior allows for the InfluxDB container to reboot post-setup without encountering "DB is already set up" errors.
+ - name: DOCKER_INFLUXDB_INIT_MODE
+ value: setup
+ # The username to set for the system's initial super-user (Required).
+ - name: DOCKER_INFLUXDB_INIT_USERNAME
+ value: {{ .Values.adminUser.user }}
+ # The password to set for the system's inital super-user (Required).
+ - name: DOCKER_INFLUXDB_INIT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ {{- if .Values.adminUser.existingSecret }}
+ name: {{ .Values.adminUser.existingSecret -}}
+ {{ else }}
+ name: {{ template "influxdb.fullname" . }}-auth
+ {{- end }}
+ key: admin-password
+ # The name to set for the system's initial organization (Required).
+ - name: DOCKER_INFLUXDB_INIT_ORG
+ value: {{ .Values.adminUser.organization }}
+ # The name to set for the system's initial bucket (Required).
+ - name: DOCKER_INFLUXDB_INIT_BUCKET
+ value: {{ .Values.adminUser.bucket }}
+ # The duration the system's initial bucket should retain data. If not set, the initial bucket will retain data forever.
+ - name: DOCKER_INFLUXDB_INIT_RETENTION
+ value: {{ .Values.adminUser.retention_policy }}
+ # The authentication token to associate with the system's initial super-user. If not set, a token will be auto-generated by the system.
+ - name: DOCKER_INFLUXDB_INIT_ADMIN_TOKEN
+ valueFrom:
+ secretKeyRef:
+ {{- if .Values.adminUser.existingSecret }}
+ name: {{ .Values.adminUser.existingSecret -}}
+ {{ else }}
+ name: {{ template "influxdb.fullname" . }}-auth
+ {{- end }}
+ key: admin-token
+ # Path to the BoltDB database.
+ - name: INFLUXD_BOLT_PATH
+ value: {{ .Values.persistence.mountPath }}/influxd.bolt
+ # Path to persistent storage engine files where InfluxDB stores all Time-Structure Merge Tree (TSM) data on disk.
+ - name: INFLUXD_ENGINE_PATH
+ value: {{ .Values.persistence.mountPath }}
+ {{- with .Values.env }}
+ # Extra environment variables from .Values.env
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ {{- if .Values.securityContext }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ {{- end }}
+ livenessProbe:
+ httpGet:
+ path: {{ .Values.livenessProbe.path | default "/health" }}
+ port: http
+ scheme: {{ .Values.livenessProbe.scheme | default "HTTP" }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds | default 0 }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds | default 10 }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds | default 1 }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold | default 3 }}
+ readinessProbe:
+ httpGet:
+ path: {{ .Values.readinessProbe.path | default "/health" }}
+ port: http
+ scheme: {{ .Values.readinessProbe.scheme | default "HTTP" }}
+ initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds | default 0 }}
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds | default 10 }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds | default 1 }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold | default 1 }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold | default 3 }}
+ {{- if .Values.startupProbe.enabled }}
+ startupProbe:
+ httpGet:
+ path: {{ .Values.startupProbe.path | default "/health" }}
+ port: http
+ scheme: {{ .Values.startupProbe.scheme | default "HTTP" }}
+ initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds | default 30 }}
+ periodSeconds: {{ .Values.startupProbe.periodSeconds | default 5 }}
+ timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds | default 1 }}
+ failureThreshold: {{ .Values.startupProbe.failureThreshold | default 6 }}
+ {{- end }}
+ volumeMounts:
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{- if .Values.initScripts.enabled }}
+ - name: init
+ mountPath: /docker-entrypoint-initdb.d
+ {{- end }}
+ {{- if .Values.mountPoints }}
+ {{- toYaml .Values.mountPoints | nindent 10 }}
+ {{- end }}
+ resources:
+ {{ .Values.resources | toYaml | nindent 12 | trim }}
+
+ {{- if .Values.securityContext.runAsGroup }}
+ securityContext:
+ fsGroup: {{ .Values.securityContext.runAsGroup }}
{{- end }}
- {{- if .Values.volumes }}
-{{ toYaml .Values.volumes | indent 6 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{ toYaml . | nindent 8 | trim }}
{{- end }}
- # Must use volume claim template in enterprise mode
- {{- if and .Values.persistence.enabled (or (not .Values.persistence.existingClaim) .Values.enterprise.enabled) }}
- volumeClaimTemplates:
- - metadata:
- name: {{ include "common.fullname.influxdb" . }}-data
- annotations:
- {{- range $key, $value := .Values.persistence.annotations }}
- {{ $key }}: "{{ $value }}"
- {{- end }}
- spec:
- accessModes:
- - {{ .Values.persistence.accessMode | quote}}
- resources:
- requests:
- storage: {{ .Values.persistence.size | quote }}
- {{- if .Values.persistence.storageClass }}
- {{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
- {{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
+
+ {{- with .Values.affinity }}
+ affinity:
+ {{ toYaml . | nindent 8 | trim }}
{{- end }}
+
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{ toYaml . | nindent 8 | trim }}
{{- end }}
- {{- end }}
-## influxdb image version
-## ref: https://hub.docker.com/r/library/influxdb/tags/
image:
- repository: "influxdb"
- tag: "1.8.0-alpine"
+ repository: influxdb
+ tag: 2.2.0-alpine
pullPolicy: IfNotPresent
- ## If specified, use these secrets to access the images
- # pullSecrets:
- # - registry-secret
+## Annotations to be added to InfluxDB pods
+##
+podAnnotations: {}
-serviceAccount:
- create: true
- name:
- annotations: {}
+## Labels to be added to InfluxDB pods
+##
+podLabels: {}
+
+nameOverride: ""
+fullnameOverride: ""
+
+## Configure resource requests and limits
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+##
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+## Node labels for pod assignment
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## Tolerations for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+
+## Affinity for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+
+securityContext: {}
## Customize liveness, readiness and startup probes
-## ref: https://docs.influxdata.com/influxdb/v1.7/tools/api/#ping-http-endpoint
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
##
livenessProbe: {}
- # path: "/ping"
- # initialDelaySeconds: 30
- # timeoutSeconds: 5
- # scheme: HTTP
+ # path: "/health"
+ # scheme: "HTTP"
+ # initialDelaySeconds: 0
+ # periodSeconds: 10
+ # timeoutSeconds: 1
+ # failureThreshold: 3
readinessProbe: {}
- # path: "/ping"
- # initialDelaySeconds: 5
+ # path: "/health"
+ # scheme: "HTTP"
+ # initialDelaySeconds: 0
+ # periodSeconds: 10
# timeoutSeconds: 1
- # scheme: HTTP
-
-securityContext: {}
- # runAsUser: 999
- # runAsGroup: 999
+ # successThreshold: 1
+ # failureThreshold: 3
startupProbe:
enabled: false
- # path: "/ping"
- # failureThreshold: 6
+ # path: "/health"
+ # scheme: "HTTP"
+ # initialDelaySeconds: 30
# periodSeconds: 5
- # scheme: HTTP
+ # timeoutSeconds: 1
+ # failureThreshold: 6
-## Specify a service type
-## NodePort is default
-## ref: http://kubernetes.io/docs/user-guide/services/
+## Extra environment variables to configure influxdb
+## e.g.
+# env:
+# - name: FOO
+# value: BAR
+# - name: BAZ
+# valueFrom:
+# secretKeyRef:
+# name: my-secret
+# key: my-key
+env: {}
+
+## Create default user through docker entrypoint
+## Defaults indicated below
##
-service:
- ## Add annotations to service
- # annotations: {}
- type: ClusterIP
- # externalIPs: []
- # externalTrafficPolicy: ""
+adminUser:
+ organization: "influxdata"
+ bucket: "default"
+ user: "admin"
+ retention_policy: "0s"
+ ## Leave empty to generate a random password and token.
+ ## Or fill any of these values to use fixed values.
+ password: ""
+ token: ""
+
+ ## The password and token are obtained from an existing secret. The expected
+ ## keys are `admin-password` and `admin-token`.
+ ## If set, the password and token values above are ignored.
+ # existingSecret: influxdb-auth
## Persist data to a persistent volume
##
persistence:
enabled: true
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
+ ## If true will use an existing PVC instead of creating one
+ # useExisting: false
+ ## Name of existing PVC to be used in the influx deployment
+ # name:
## influxdb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## GKE, AWS & OpenStack)
##
# storageClass: "-"
- annotations:
accessMode: ReadWriteOnce
- size: 8Gi
-
-## Deploy InfluxDB Enterprise - License required
-## ref: https://www.influxdata.com/products/influxdb-enterprise/
-enterprise:
- enabled: false
- licensekey: {}
- clusterSize: 4
- meta:
- image:
- ## This image contains the enterprise meta node package for clustering.
- ## It is meant to be used in conjunction with the influxdb:data package of the same version.
- ## ref: https://hub.docker.com/_/influxdb
- tag: meta
- clusterSize: 3
- ## seed is hashed and used as `internal-shared-secret` for Meta service.
- seed: dead-beef-cafe-bae
- ## Configure resource requests and limits
- ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
- resources: {}
- # resources:
- # requests:
- # memory: 512Mi
- # cpu: 2
- # limits:
- # memory: 1Gi
- # cpu: 4
+ size: 50Gi
+ mountPath: /var/lib/influxdb2
+ subPath: ""
-## Create default user through Kubernetes job
-## Defaults indicated below
+## Add custom volume and volumeMounts
##
-setDefaultUser:
- enabled: true
-
- ## Image of the container used for job
- ## Default: appropriate/curl:latest
- ##
- image: appropriate/curl:latest
-
- ## Deadline for job so it does not retry forever.
- ## Default: activeDeadline: 300
- ##
- activeDeadline: 300
-
- ## Specify the number of retries before considering job as failed.
- ## https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#pod-backoff-failure-policy
- ##
- backoffLimit: 6
-
- ## Hook delete policy for helm.
- ## Default: hookDeletePolicy: hook-succeeded
- ##
- hookDeletePolicy: hook-succeeded
-
- ## Restart policy for job
- ## Default: OnFailure
- restartPolicy: OnFailure
-
- user:
-
- ## The user name
- ## Default: "admin"
- username: "admin"
-
- ## User password
- ## single quotes must be escaped (\')
- ## Default: (Randomly generated 10 characters of AlphaNum)
- # password:
-
- ## The user name and password are obtained from an existing secret. The expected
- ## keys are `influxdb-user` and `influxdb-password`.
- ## If set, the username and password values above are ignored.
- # existingSecret: influxdb-auth
-
- ## User privileges
- ## Default: "WITH ALL PRIVILEGES"
- privileges: "WITH ALL PRIVILEGES"
+# volumes:
+# - name: influxdb2-templates
+# hostPath:
+# path: /data/influxdb2-templates
+# type: Directory
+# mountPoints:
+# - name: influxdb2-templates
+# mountPath: /influxdb2-templates
+# readOnly: true
-## Configure resource requests and limits
-## ref: http://kubernetes.io/docs/user-guide/compute-resources/
-resources: {}
-# requests:
-# memory: 256Mi
-# cpu: 0.1
-# limits:
-# memory: 16Gi
-# cpu: 8
+## Allow executing custom init scripts
+## If the container finds any files with the .sh extension inside of the
+## /docker-entrypoint-initdb.d folder, it will execute them.
+## When multiple scripts are present, they will be executed in lexical sort order by name.
+## For more details see Custom Initialization Scripts in https://hub.docker.com/_/influxdb
+initScripts:
+ enabled: false
+ scripts:
+ init.sh: |+
+ #!/bin/bash
+ influx apply --force yes -u https://raw.githubusercontent.com/influxdata/community-templates/master/influxdb2_operational_monitoring/influxdb2_operational_monitoring.yml
-# Annotations to be added to InfluxDB pods
-podAnnotations: {}
+## Specify a service type
+## ref: http://kubernetes.io/docs/user-guide/services/
+##
+service:
+ type: ClusterIP
+ port: 80
+ targetPort: 8086
+ annotations: {}
+ labels: {}
+ portName: http
-# Labels to be added to InfluxDB pods
-podLabels: {}
+serviceAccount:
+ # Specifies whether a ServiceAccount should be created
+ create: true
+ # The name of the ServiceAccount to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name:
+ # Annotations for the ServiceAccount
+ annotations: {}
ingress:
enabled: false
+ # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+ # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+ # className: nginx
tls: false
- # secretName: my-tls-cert # only needed if tls above is true
+ # secretName: my-tls-cert # only needed if tls above is true or default certificate is not configured for Nginx
hostname: influxdb.foobar.com
- className: null
annotations: {}
# kubernetes.io/ingress.class: "nginx"
# kubernetes.io/tls-acme: "true"
path: /
-
-## Add custom volume and volumeMounts
-# volumes:
-# - name: ssl-cert-volume
-# secret:
-# secretName: secret-name
-# mountPoints:
-# - name: ssl-cert-volume
-# mountPath: /etc/ssl/certs/selfsigned/
-# readOnly: true
-
-## Additional containers to be added to the pod.
-extraContainers: {}
-# - name: my-sidecar
-# image: nginx:latest
-
-## Use an alternate scheduler, e.g. "stork".
-## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
-##
-# schedulerName:
-
-## Node labels for pod assignment
-## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-##
-nodeSelector: {}
-
-## Affinity for pod assignment
-## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-##
-affinity: {}
-
-## Tolerations for pod assignment
-## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+## Pod disruption budget configuration
##
-tolerations: []
-# - key: "key"
-# operator: "Equal|Exists"
-# value: "value"
-# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
-
-## The InfluxDB image uses several environment variables to automatically
-## configure certain parts of the server.
-## Ref: https://hub.docker.com/_/influxdb/
-env: {}
- # - name: INFLUXDB_DB
- # value: "demo"
-
-## The name of a secret in the same kubernetes namespace which contain values
-## to be added to the environment.
-## This can be used, for example, to set the INFLUXDB_HTTP_SHARED_SECRET
-## environment variable.
-envFromSecret: {}
-
-## InfluxDB configuration
-## ref: https://docs.influxdata.com/influxdb/v1.7/administration/config
-config:
- reporting_disabled: false
- rpc: {}
- meta: {}
- data: {}
- coordinator: {}
- retention: {}
- shard_precreation: {}
- monitor: {}
- http:
- auth-enabled: true
- logging:
- level: "debug"
- subscriber: {}
- graphite: {}
- collectd: {}
- opentsdb: {}
- udp: {}
- continuous_queries: {}
- tls: {}
-
-# Allow executing custom init scripts
-#
-# If the container finds any files with the extensions .sh or .iql inside of the
-# /docker-entrypoint-initdb.d folder, it will execute them. The order they are
-# executed in is determined by the shell. This is usually alphabetical order.
-initScripts:
- enabled: false
- scripts:
- init.iql: |+
- CREATE DATABASE "telegraf" WITH DURATION 30d REPLICATION 1 NAME "rp_30d"
-
-backup:
- enabled: false
- ## By default emptyDir is used as a transitory volume before uploading to object store.
- ## As such, ensure that a sufficient ephemeral storage request is set to prevent node disk filling completely.
- resources:
- requests:
- # memory: 512Mi
- # cpu: 2
- ephemeral-storage: "8Gi"
- # limits:
- # memory: 1Gi
- # cpu: 4
- # ephemeral-storage: "16Gi"
- ## If backup destination is PVC, or want to use intermediate PVC before uploading to object store.
- persistence:
- enabled: false
- ## If defined, storageClassName: <storageClass>
- ## If set to "-", storageClassName: "", which disables dynamic provisioning
- ## If undefined (the default) or set to null, no storageClassName spec is
- ## set, choosing the default provisioner. (gp2 on AWS, standard on
- ## GKE, AWS & OpenStack)
- ##
- # storageClass: "-"
- annotations:
- accessMode: ReadWriteOnce
- size: 8Gi
- schedule: "0 0 * * *"
- startingDeadlineSeconds: ""
- annotations: {}
- podAnnotations: {}
-
- ## Google Cloud Storage
- # gcs:
- # serviceAccountSecret: influxdb-backup-key
- # serviceAccountSecretKey: key.json
- # destination: gs://bucket/influxdb
-
- ## Azure
- ## Secret is expected to have connection string stored in `connection-string` field
- ## Existing container will be used or private one withing storage account will be created.
- # azure:
- # storageAccountSecret: influxdb-backup-azure-key
- # destination_container: influxdb-container
- # destination_path: ""
-
- ## Amazon S3 or compatible
- ## Secret is expected to have AWS (or compatible) credentials stored in `credentials` field.
- ## Please look at https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html#cli-configure-files-where
- ## for the credentials format.
- ## The bucket should already exist.
- # s3:
- # credentialsSecret: aws-credentials-secret
- # destination: s3://bucket/path
- # ## Optional. Specify if you're using an alternate S3 endpoint.
- # # endpointUrl: ""
-
-backupRetention:
- enabled: false
- resources:
- requests:
- # memory: 512Mi
- # cpu: 2
- # limits:
- # memory: 1Gi
- # cpu: 4
- schedule: "0 0 * * *"
- startingDeadlineSeconds:
- annotations: {}
- podAnnotations: {}
- daysToRetain: 7
- # s3:
- # credentialsSecret: aws-credentials-secret
- # bucketName: bucket
- # ## Optional. Specify if you're using an alternate S3 endpoint.
- # # endpointUrl: ""
+pdb:
+ ## Specifies whether a Pod disruption budget should be created
+ ##
+ create: true
+ minAvailable: 1
+ # maxUnavailable: 1
Code Review / ric-plt / ric-dep.git / commitdiff